Security 69- Rapid Fire


Nothing major happened this week, but we do have a bunch of little stories. We give Tom four minutes each story, and let him explain to us what is going on.

Moxie Marlinspike | PGP
Ars Technica | Hillary ran her own webserver
Journalism Tools for Privacy
WSJ | SIM Card Theft
Ars Technica | Hard Drive Firmware Hacking
ZDNET | FREAK
Whisper Systems | Signal Encryption App
Ars Technica | Google not requiring encryption on lollipop

Security 37 – More News

Once again, news hit as we were doing our pre show in that Avast security says that wiping your phone will not actually wipe it. We ask Tom if that is true, and he responds with a well researched Ars Technica article.

After we talk about how someone is suing the TOR network because he doesn’t understand how it works.

Show Notes

Ars Technica | Panicking over Android’s factory reset is (mostly) unwarranted

Avast | Tens of Thousands Sell Themselves Every Day

Lifehacker | How Do I Securely Erase My Phone Before I Sell It?

RT | XKeyscore exposed: How NSA tracks all German Tor users as ‘extremists’

Washington Post | In NSA-intercepted data, those not targeted far outnumber the foreigners who are

Security 32 – Google’s Don’t Be Evil Moment

First Up Updates:
Nothing… Big Fat nothing on truecrypt

We then tackle Google’s business model of making money through advertisements. They created Gmail to harvest data, but it is impressive that they created a chrome extension (End to End) to encrypt messages between people. Tom explains why this is good, how it works, and will Google get brownie points for this.

Show Notes:

Making End To End Encryption Easier to Use | Google Security Blog

End-To-End | Hacker News

Security – 31 – TrueCrypt?

On today’s episode we talk about what is going on with TrueCrypt. The website takes us to a sourceforge page and directions to move to BitLocker. That is all we know. Well Tom, read a lot more than I do, so we let him explain.

Show Notes:

Steve Gibson 1
Steve Gibson 2
akselvoll.net
GitHub
Reddit
TrueCrypt
Steve Gibson 3
Brian Krebs
Boing Boing
Brad Kovach
Matthew D Green Twitter
Ars Technica
Alchemist Owl
We All Have Something to Hide

Security 23 – Email and Follow Up

First off, sorry about skipping last week. Both of us were under the weather. You can still hear it in our voices.

We first have followup about an omission that we said on the email show about Mailvelope. Yes, Mailvelope opens a separate window outside of your webmail that will paste the encrypted message back. Then we talk about a story where Microsoft read one if its user’s emails mainly because they could. We finally end with a new website that Tom discovered providing an easy way to

Show Notes:
Guardian | http://www.theguardian.com/technology/2014/mar/21/microsoft-tightens-privacy-policy-journalists-emails
Keybase.io | https://keybase.io/