Security Now 184
|Hosts: Leo Laporte and Steve Gibson|
Topic: Your Questions, Steve's Answers 60
Recorded: February 18, 2009
Published: February 19, 2009
Security Now: 184
News & Errata
- Steve will be appearing on Maxwell House podcast on Thursday, February 26th 2009 broadcast live at 2pm PST 5pm EST.
- New Mac OS X and Java update.
- Trial started in Stockholm for founders of pirate bay.
- Paypal security key authentication can be bypassed when paying for an item on Ebay.
- Contact kaypro.iv[at]gmail[dot]com if you are interested in a late model Osborne 1 or K Pro 4 for the cost of shipping.
- Steve has noticed an increase in sales of Spinrite during the live recording of Security Now when he doesn't mute the sound effects.
A listener brought Spinrite and had to attend to a hard drive failure at work. He put it in and got a cabling error message. He asked in the newsgroups and was told to reseat the SATA connector which he did and everything was fixed.
Questions & Answers
1) 42:06 -
Question: A listener is upset that Microsoft uninstalled AV 2009 with it's MSRT. Can you recommend another good free anti virus?
Answer: AV 2009 is a virus, listener may be pulling their leg. The name of it has seen to be changing to things such as "360 protection" to confuse users with Norton 360. Free AV recommendations are, AVG, Anti Vir and Avast. But Leo recommends spending around $30 and getting a better paid for anti virus such as Nod32.
2) - 59:00
Question: Why doesn't Yubico use asymmetric encryption with the YubiKey?
Answer: Problems are data needs to go into the device so it cant just be a keyboard. Also it isn't smart enough to do public key encryption which is very processor intensive. But these problems are solvable and it would mean you could operate in 'trust no one' mode.
3) 59:01 - 01:03:30
Question: Is it necessary to use a VPN in a hotel when using SSL to connect to a website?
Answer: Not if you're careful
4) 01:03:31 - 01:11:57
Question: How do you tell which sites to allow with no script when multiple domains appear for one site?
Answer: Most of the time it is ok to allow the whole page.
5) 01:11:58 - 01:15:23
Question: Steve suggested encrypting a file with Axcrypt and then emailing it with the decryption program but isn't it dangerous to run executable files you receive via email?
Answer: If you are going to encrypt a file before sending it to someone you probably know and trust each other so are likely to trust the executable file.
6) 01:15:24 - 01:23:34
Question: Isn't using the YubiKey in static password mode just as insecure as writing it down next to the keyboard?
Answer: The YubiKey in static mode is not as secure as it is in one time password mode but its a different type of device when in static password mode.
7) 01:23:35 - 01:27:51
Question: Why can external IP displaing services, display the internal IP of my machine?
Answer: Scripting is being used to ask the machine for its internal IP.
8) 01:27:52 - 01:31:55
Question: How do you know it is really Microsoft offering the latest updates?
Answer: When you install software on your computer you acknowledge you trust them. Some people cryptographically sign and protect there updates software downloads so you can verify the creator.
9) 01:31:56 - 01:37:00
Question: Why can I listen to a song without it buffering through a VPN but not without? Is Verizon throttling? Does a VPN get around the throttling?
Answer: It is possible to filter traffic by application but you wouldn't be able to see what type of traffic it is when its encrypted through a VPN. Based on this evidence it does look like throttling is happening.
10) 01:37:01 - 01:41:15
Question:How does E Ink produce 16 levels of Grey?
Answer: Early e ink used bi coloured sphere suspended in oil and rotated electro statically. Current e ink uses a high number of little black particles and there pushed to the front or back of the screen. Different percentages of the particles are pulled away from the screen to generate shades of grey.
11) 01:41:16 - 01:47:04
Question: Is the Sony ebook reader more secure due to allowing files to be put on directly rather than the Kindle which requires the documents to be sent to Amazon for conversion?
Answer: You can put files directly on the Kindle by putting it in drive mode.
12) 01:47:05 - 01:55:15
Question: If data is so important you want to protect it with WPA you should be protecting it at the application layer as it could be compromised on route to the recipient such as at a server.
Answer: Understand the benefits of WPA and make sure the security solutions you use suit your situation and needs.
- Ad Time: 0:51-01:08 and 7:43-10:04
Nerds On Site
- Ad Time: 0:34-0:51 and 37:51-40:17
- Recorded Date: February 18, 2009
- Release Date: February 19, 2009
- Duration: 1:57:20
- Log line:
- Edited by: Tony
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|