Security Now 182

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 182

This week is the 59th questions and answers episode of Security Now. Leo Laporte and Steve Gibson reach into the mail bag and answer your security questions.


Spinrite Story

John Salter wrote: "Hi, Steve. I was making a video for Yubico on using the YubiKey for TrueCrypt whole-disk encryption using a YubiKey preprogrammed for generating a static 44-character password. While TrueCrypt was encrypting the disk for this video, it started complaining when it reached a bad sector. Of course I just deferred the encryption." He says, "TrueCrypt has really thought of everything. Rebooted from my SpinRite CD and let SpinRite do its stuff. Sure enough, a bad sector was found, and DynaStat kicked in. I rebooted, and TrueCrypt came back and offered to complete the decryption from where it was interrupted. Which it completed successfully. Very cool."

Selected News Links

Link to a report of the changing of the electronic road sign in Austin: Hacked Road Sign Pictures

Listener Questions

Running MSRT Utility on Windows 7

Iain Alexander from Nottingham, England wanted to inform listeners that in order to run the Microsoft Malicious Software Removal Tool (MSRT) on Windows 7 you must type in "kb890830" in the Start Menu Search box.

MSRT and False Positives

Corby in Reno, Nevada shares his findings that MSRT detected old email attachment files as viruses while other AV tools did not. Steve mentions that sometimes even programs he writes, such as DCOMbobulator, are incorrectly detected as viruses.

Issues with claiming YubiKey as a second security factor

Derek Robson disagrees with Steve that the YubiKey serves as a two factor authentication method because its a static password and is no different than a memorize password.

Comodo's SecureEmail Application

Paul in Portland claims that "secure email can be easy" using Comodo's free SecureEmail application. If the recipient is not configure to accept encrypted emails they are provided a one-time session certificate and the option to decrypt the email using Comodo's server. Steve's objection to this technology is that you put trust in Comodo when relying on their servers to perform email decryption.

Keyfiles as a Second Form of Authentication

Poojan Wagh in Chicago, Illinois suggests that using Keyfiles could be a cheaper alternative to using a YubiKey to provided a static password. Encryption software that supports Keyfiles knows where to find key material in a static file. Steve explains that having how having a large Keyfile is not necessarily more secure.

MAC Address Filtering

One viewer refereed to an article in PC World Magazine that advises that MAC address filtering and disabling the SSID broadcast secures a wireless network link to article


Audible Pick Of The Week

Night Watch: Discworld #27 by Terry Pratchett (UNABRIDGED)
Narrated by Stephen Briggs

Ad Time: 0:33-0:43 and 0:32:04-0:34:50

Please note this offer is not available in Australia.


GoToMyPC is the fast, easy and secure way to access your PC from any Web browser or wireless device in real time.

Ad Time: 0:44-1:00 and 15:56-17:51

Nerds On Site

Nerds On Site Provides computer services to homes and businesses, with representatives in many locations across North America.

Ad Time: 01:01-01:10 and 1:15:03-1:17:41

Production Information

  • Recorded Date: February 04, 2009
  • Release Date: February 05, 2009
  • Duration: 1:44:22
  • Log line:
  • Edited by: Tony
  • Notes: NA

Previous Show - Next Show

Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section