Security Now 238

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 238

Security Now 238: Your Questions, Steve's Answers 87

News & Errata

06:20 - 12:37

  • Mozilla Firefox, Thunderbird and SeaMonkey have been updated to fix security flaws

12:38 - 13:58

  • Adobe download manager has been fixed, but it requires the user to do nothing except restart there browser

13:59 - 17:33

17:34 - 21:33

  • There is a zero day exploit in internet explorer involving help files

21:34 - 27:35

  • A new module has been added to metasploit which takes all of the DHCP servers allocated IP's so that a malicious user can provide the target with the networks details and become the gateway

Spinrite Story

27:36 - 28:26 Richard Frisch (Weston, CT)

Gibson, Laporte, and Spinrite: A Great Combination

Steve and Leo,

I used/owned Spinrite for many, many years. I believe I purchased the first version a long time ago and most if not all subsequent versions. I only use the current one. It has fixed hard drives numerous times over the years.

I could tell you stories about what it's done for me, family, and friends, but the simple truth is more compelling...it just works. I am a fan of you, your work, and Leo's TWiT.tv network. Thank you for being you.

Questions & Answers

30:50 - 01:38:28

Question: [ 01 ]

30:50 - 40:27 Robert Sylvester (Warwick, RI)
Question: Can you post some hash signatures of the download you examined (Steganos Lock Note)?

Answer: Steve didn't look at the program in enough detail to be able to say the program is 100% secure

Question: [ 02 ]

40:28 - 43:33 Paul Scribbans (Cumbria, UK)
Question: Would you do a bit on which assembler package or software to use? I have no idea what software to download to enable me to play with assembler based on your teachings.

Answer: Steve recommends going to http://www.masm32.com

Question: [ 03 ]

43:34 - 51:27 Eric Stearns (Denver, CO)
Question: What exactly does a computer do when it starts up from the very beginning?

Answer: Literally it's just a matter of the processor always going to a predefined hardware, defined in its hardware, starting location, where there will be a little bit of memory, a little bit of ROM that will be the first instruction that executes, and the second, and the third, and the fourth, and the rest is Windows or Mac or whatever.

Comment: [ 04 ]

51:28 - 55:14 PDP-10 Programmer (Unknown Location)
Listener Comment: Steve and Leo, with respect to the Lower Marion School District (LMSD) spying case, I heard you mention on the podcast that kids in the district had become so suspicious that they started putting post-its over the camera. I also read on some Mac-related web forums posts by the IT guy at LMSD regarding this. He said if Macs came to the IT with post-it notes over the camera, the IT guy should just put a pinhole in the post-it, but leave it in place so the student thinks the camera is still covered.

Steve's Comment: The problem of course was that there's evidence that is conclusive that non-stolen, non-lost laptops were having their cameras turned on. And whoever was doing the looking was feeding information back to the assistant principal, who was then confronting the kids who were registered to this laptop about their behavior at home.

So given that that's the case, the notion that the IT people were being told to poke a little hole in the post-it note so that the camera would be re-enabled - I'm not really sure how well that would work, by the way.

Question: [ 05 ]

55:15 - 01:05:31 Jeff (Washington, DC)
Question: How well does assembler lend itself to different OS's and 32 bit / 64 bit ? Will cryptolink be available on any other platform than Windows ?

Answer: It is the same as any other language, as long as your are not changing processor platforms. Yes.

Question: [ 06 ]

01:05:32 - 01:13:29 Teerawat Issariyakul (Bangkok, Thailand)
Question: Is the data in the swap file unencrypted as it is from RAM and is this a security threat ?

Answer: Truecrypt does encrypt the pagefile. Computer Forensic Investigators do look at the pagefile so it could be a threat to privacy.

Question: [ 07 ]

01:13:30 - 01:19:35 Chuck (Tampa)
Question: If you disable the camera built into a laptop with a built in function key or switch does this ensure the camera can not be activated by anyone ?

Answer: The only thing that would satisfy Steve would be a physical cover over the camera

Comment: [ 08 ]

01:19:36 - 01:22:08 Paul Welch (Gold Coast, Australia)
Listener Comment: My credit card company rang me yesterday on my mobile, but they blocked their number. Happens all the time. "Hello, Mr. Welch, I'm an operator from your credit card calling. May I have your four-digit passcode so I can validate you?" My question was, "But how can I validate you?" Short pause. "But I'm from the credit card company." I replied, "Well, so you say. But how do I know that? You want me to validate myself by disclosing my secret information, but I can't validate you? You could be anyone." So I asked for a number and called them back and got the information, as I knew who rang, thus validating them. You taught us well, Steve.

Steve's Comment: Its a great story

Question: [ 09 ]

01:26:05 - 01:30:53 S.L. Garwood (North Carolina, USA)
Question: I see that someone has a man-in-the-middle attack against the Blizzard Authenticator and is using it to grab data. Since Authenticator is the same as the PayPal football, would this attack work against any authenticator?

Answer: The football is designed to prevent replay attacks not man in the middle attacks

Question: [ 10 ]

01:30:54 - 01:38:28 Brent Longborough (Abersychan, Abergavenny, Wales, UK)
Question: Can you do an analysis of "Last Pass" and see if it is secure ?

Answer: Yes

Sponsors

Go To Assist Express

Carbonite Pro

Audible

Picks

Audibledotcom.png
The Black Hole War: My Battle to Make the World Safe for Quantum Mechanics by Leonard Susskind (UNABRIDGED)
Narrated by Ray Porter

Production Information

  • Edited by: Tony
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.