Security Now 331

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 331

Security Now 331: Mega Security News Update

News & Errata

Microsoft, Adobe, and Carrier IQ security news, and more.

Consumer Reports - Password Haystacks

Google's SPDY protocol moved to another episode.

TrueType Font Rendering Exploit Patched.

Java Update 30 released, but automatic update is not yet functioning, must check for update manually.

Two new zero-day vulnerabilities have just been revealed in Adobe's Flash Player.

FBI using Carrier IQ info for "law enforcement purposes," refuses to release records

Carrier IQ Responds to questions on its technology.

New site indexes the downloads of bittorent users

Facebook begins paying security researchers to find bugs by Visa Debit Card

Lamar Smith introduced some changes into SOPA requiring a judge to approve an order to stop credit card processing on a website. Also this legislation does not apply to any site ending in .com .net or .org

Steve switched site over from Verisign to Digicert for SSL.

GRC Cert Change causing false positive alerts in Certificate Patrol (and buisnesses???)

"Dumbest Marketing Promotion Ever" Symantec offering free 30-day SSL certificates.

OAuth Bug? OAuth on twitter can request many permissions including changing the profile and posting tweets, effectively allowing account takeover.

RIM updates Playbook to close Dingleberry jailbreak. Dingleberry updated to work again within hours of update.

ShieldsUP almost reaching 90 million uses.

iBook updated to v 1.5 with full screen mode and night-time mode (inverted white text on black background).

Spinrite Story - P.P.S.

"I've been a SpinRite customer since v5. I've been using it occasionally but have had no real problems with my hard drives. I was glad to have the product, but until last night I couldn't actually say it worked, as I had not encountered any drive problems. I have recommended the product to others based on my satisfaction with your freeware tools, assuming that your commercial product was good, too. That has now changed. For the past week or two, I've been noticing that when starting Windows it would almost boot up, but would not display the list of users to select. Sometimes I would see the users, but would be unable to mouse over to them to enter the password. It got to the point that I would sometimes have to boot three or four times to get a good boot. I was thinking a Windows reinstall was going to be required. Knowing how long that would take just to do the install, let alone to reinstall my favorite applications, I thought I'd run SpinRite, just in case the problem was not corrupted files, but rather an inability to read the data. I ran SpinRite on my boot and C: partitions overnight. Since then I have had no further reboot issues at all. I can now recommend the program to others with the full knowledge that it really does work, and it saved me many hours of tedious Windows install blues. Good job. P.P.S."

Next Week

Next week will be with Tom Merritt as Leo is on Vacation.

The Following Week

When Leo is back the following week, the podcast will be on Sci-fi as a Christmas special. All reading, no security news is the plan.

Sponsors

Ford SYNC

Newegg

Production Information

  • Edited by:
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.