The Man in the Middle - WinRAR v6.23, fake flash drives, Voyager2 antenna, Google Topics

Описание к видео The Man in the Middle - WinRAR v6.23, fake flash drives, Voyager2 antenna, Google Topics

• Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations.
• WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware.
• HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks.
• Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down.
• Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data.
• Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded.
• Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side.
• Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation.
• Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw.
• Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off.

Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf

Hosts: Steve Gibson and Leo Laporte
Security Now episode 937
More Info: https://twit.tv/shows/security-now/ep...

Sponsors:
• kolide.com/securitynow
• canary.tools/twit - use code: TWIT
• Building Cyber Resilience Podcast

Download or subscribe to this show at https://twit.tv/shows/security-now

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: https://grc.com/ also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Products we recommend: https://www.amazon.com/shop/twitnetca...
TWiT may earn commissions on certain products.

Join our TWiT Community on Discourse: https://www.twit.community/

Follow us:
https://twit.tv/
  / twit  
  / twitnetwork  
  / twit.tv  

About us:
TWiT.tv is a technology podcasting network located in the San Francisco Bay Area with the #1 ranked technology podcast This Week in Tech hosted by Leo Laporte. Every week we produce over 30 hours of content on a variety of programs including Tech News Weekly, MacBreak Weekly, This Week in Google, Windows Weekly, Security Now, All About Android, and more.

Комментарии

Информация по комментариям в разработке