Security Now: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 03:24, 29 January 2006 edit BorisFromStockdale (talk \| contribs) 589 edits →Episodes ← Previous edit		Latest revision as of 08:26, 30 July 2025 edit undo 185.59.245.45 (talk) No edit summary
(528 intermediate revisions by more than 100 users not shown)
Line 1: {{Short description\|Technology podcast}} ~~[[Image:securitynow_logo.gif\|right]]~~ {{Multiple issues\| '''Security Now!''' is a weekly [[podcast]] (Internet radio show) hosted by [[Leo Laporte]] of [[This Week in Tech\|TWiT]] (This Week in Tech) and [[Steve Gibson]] of [[Gibson Research Corporation\|GRC]] (Gibson Research Corporation). {{Notability\|Web\|date=October 2021}} {{Self-published\|date=October 2021}} }} {{Use mdy dates\|date=May 2013}} {{Infobox Podcast \|title = Security Now! \|image = Security Now cover art.jpg \|host = [[Steve Gibson (computer programmer)\|Steve Gibson]]<br>[[Leo Laporte]] \|url = {{url\|https://twit.tv/shows/security-now}} \|status = Weekly \|audio format = [[MP3]] \|began = {{start date and age\|2005\|08\|19}} \|ended = \|genre = [[Computer Security]] \|language = English \|ratings = \|license = CC-BY-NC-SA<ref name="twit.tv archived 2015-04-09 2am">{{cite web\|url=http://twit.tv/ \|title=TWiT \|access-date=8 April 2015 \|quote=These netcasts are released under a Creative Commons Attribution Non-Commercial Share-Alike license. \|url-status=dead \|archive-url=https://web.archive.org/web/20150409013843/http://twit.tv/ \|archive-date=April 9, 2015 }}</ref><small> (before 2015-04-09)</small><br/>CC-BY-NC-ND<ref name="twit.tv archived 2015-04-09 11pm">{{cite web\|url=http://twit.tv/ \|title=TWiT \|access-date=9 April 2015 \|quote=All TWiT streams and on-demand shows are released under a Creative Commons Attribution Non-Commercial No-Derivatives 4.0 International license. \|url-status=dead \|archive-url=https://web.archive.org/web/20150409220017/http://twit.tv/ \|archive-date=April 9, 2015 }}</ref> }} '''''Security Now!''''' is a weekly [[podcast]] hosted by [[Steve Gibson (computer programmer)\|Steve Gibson]] and [[Leo Laporte]]. It was the second show to premiere on the [[TWiT.tv\|TWiT Network]], launching in summer 2005. The first episode, “As the Worm Turns”, was released on August 19, 2005.<ref>{{cite web\|title=Security Now! Episode Archive 2005 \|url=https://www.grc.com/sn/past/2005.htm\|date=August 19, 2005\|access-date=September 13, 2013}}</ref> The podcast lasts between 20 and 60 [[minute]]s and consists of a discussion between Gibson and Laporte of important issues of personal [[computer security]]. Issues include recent security news, [[Firewall (networking)\|firewalls]], [[password]] security, [[spyware]], [[rootkit]]s, [[WiFi]] and [[VPN]]s (Virtual Private Networks). ''Security Now!'' consists of a discussion between Gibson and Laporte on issues of [[computer security]] and, conversely, [[computer insecurity\|insecurity]]. Covered topics have included security [[security vulnerability\|vulnerabilities]], [[Firewall (computing)\|firewall]]s, [[password]] security, [[spyware]], [[rootkit]]s, [[Wi-Fi]], [[virtual private network]]s, and [[virtual machine]]s. Available via the [http://leo.am/podcasts/sn podcast feed] or on the web site of [http://grc.com/SecurityNow.htm Security Now!], in high quality 64kbps MP3 and in lower quality 16kbps MP3 for dialup. The web page includes supplementary notes and transcripts, in simple text format and printable [[PDF]] (Adobe Acrobat). There is also a [http://frappr.com/securitynow Frappr! map] available for people to put their pin in. ==Podcast feed== This podcast is one of many new tech podcasts that include past and present [[TechTV]] employees. Other TechTV-offspring podcasts include [[this WEEK in TECH]], [[From the Shadows]], [[Diggnation]] and [[Systm]]. ''Security Now!'' is distributed via its main podcast [[RSS (file format)\|RSS feed]] and on the GRC ''Security Now!'' page. In addition to audio, text transcriptions are published, along with Gibson distributing a low-bandwidth 16 kbit/s version of the show on his own for those with low-bandwidth sources such as satellite internet or dial-up. The podcast runs for approximately two hours, typically starting with security news. Then Gibson reads a testimonial for his software [[SpinRite]]. The remainder of the show is spent on a particular theme. During the show some advertisements for 3rd party commercial products or services are read out, by co-host Leo Laporte. == ~~Episodes~~ Popularity== In August 2007, ''Security Now!'' won in the People's Choice [[Podcast Awards]] Technology/Science category.<ref>{{Cite web \| url=http://www.podcastingnews.com/2007/08/16/peoples-choice-podcast-award-winners-announced/ \|title = People's Choice Podcast Award Winners Announced\|date = August 17, 2007}}</ref> In August 2006, ''Security Now!'' ranked fourth in the "Top 40" of all podcasts listened to via the [[Juice (aggregator)\|PodNova]] service.<ref>{{cite web ~~This show currently (as of 1/19/2006) has 23 full-length episodes, and a special (short) edition concerning the [[Windows Metafile vulnerability]].~~ \| url = http://www.podnova.com/index_top40.srf ~~These episodes are:~~ \| title = PodNova Top 40 \| access-date = 2007-01-12 \|date=August 2006 \| publisher = [[PodNova]] \| quote = 4. Security Now! \|archive-url = https://web.archive.org/web/20070326195908/http://www.podnova.com/index_top40.srf \|archive-date = 2007-03-26}}</ref> ''Security Now!'' averaged around 100,000 downloads per episode throughout 2006.<ref>{{cite web \| url = http://www.twit.tv/2006/07/19/june_numbers \| title = June Numbers \| access-date = 2007-01-12 \| author = Leo Laporte \| author-link = Leo Laporte \| date = 2006-07-19 \| work = Leo Laporte's blog \| publisher = TWiT.tv \| quote = Security Now: 103,034}}</ref><ref>{{cite news \|title=Pentex \|url=https://pentexsec.com \|access-date=22 May 2006}}</ref><ref>{{cite web \|url = https://twit.tv/posts/inside-twit/october-numbers \|title = October Numbers \|access-date = 2007-01-12 \|author = Leo Laporte \|author-link = Leo Laporte \|date = 2006-11-21 \|work = Leo Laporte's blog \|publisher = TWiT.tv \|quote = Security Now 61: 99,751 \|url-status = live \|archive-url = https://archive.today/20120913060819/http://www.twit.tv/2006/11/20/october_numbers \|archive-date = September 13, 2012 \|df = mdy-all }}</ref> At the end of 2015, Security Now was number 4 on the Top 40 US Technology Podcasts, making it the highest weekly [[TWiT.tv]] podcast.<ref name=itunes>{{cite web\|url=http://www.itunescharts.net/us/charts/podcasts/technology/\|title=iTunes Charts Top 40\|publisher=iTunecharts.net\|access-date=18 December 2015}}</ref> In October 2021 it was #6 on Apple Podcasts — US tech news,<ref>{{Cite web\|url=https://chartable.com/charts/itunes/us-tech-news-podcasts-6e902e97-576f-429f-8322-372aad6c8de0\|title = Apple Podcasts : United States of America : Tech News Podcast Charts - Top}}</ref> and #330 of global all podcasts.<ref>{{Cite web\|url=https://chartable.com/podcasts/security-now-mp3\|title = Security Now (Audio) Podcast - Listen, Reviews, Charts}}</ref> ==Windows Metafile controversy== ~~1. As the Worm Turns — the first Internet worms of 2005~~ {{further\|Windows Metafile vulnerability}} In January 2006, Steve Gibson accused [[Microsoft]] of intentionally putting a [[Backdoor (computing)\|backdoor]] into the [[Windows Metafile]] processing code in [[Windows 2000]] and [[Windows XP]]. Gibson claimed that while [[reverse engineering]] the Windows Metafile format, he could run [[arbitrary code]] by using a "nonsensical" value in the metafile, and concluded Microsoft had intentionally designed Windows this way so it could run code on Windows computers without the user's knowledge.<ref>{{cite episode \|transcript=The Windows MetaFile Backdoor? \|series=Security Now \|credits=Hosts: [[Leo Laporte]] and [[Steve Gibson (computer programmer)\|Steve Gibson]] \|transcript-url=http://www.grc.com/sn/SN-022.htm \|number=22 \|airdate=January 12, 2006 }}</ref> Microsoft's Stephen Toulouse responded in a Microsoft Security Response Center blog post the next day, saying the behavior was not intentional.<ref>{{cite web \| last=Toulouse \|first=Stephen \| title=Looking at the WMF issue, how did it get there? \| date=January 13, 2006 \|url=http://blogs.technet.com/msrc/archive/2006/01/13/417431.aspx \| work=Microsoft Security Response Center Blog \| publisher=[[Microsoft]] \| access-date=March 18, 2006 }}</ref> ==References== ~~2. " HoneyMonkeys "~~ {{Reflist}} ==External links== ~~3. NAT Routers as Firewalls~~ * [http://grc.com/SecurityNow ''Security Now!'' page at grc.com] {{TWiT podcasts}} ~~4. Personal Password Policy~~ [[Category:Technology podcasts]] ~~5. Personal Password Policy — Part 2~~ [[Category:2005 podcast debuts]] ~~6. Mechanical & Electromagnetic Information Leakage~~ ~~7. SPYaWAREness~~ ~~8. Denial of Service (DoS) Attacks~~ ~~9. Rootkits~~ ~~10. Open Wireless Access Points~~ ~~11. Bad WiFi Security (WEP and MAC address filtering)~~ ~~12. Sony's "Rootkit Technology" DRM (copy protection gone bad)~~ ~~13. Unbreakable WiFi Security~~ ~~14. Virtual Private Networks (VPN): Theory~~ ~~15. VPN Secure Tunneling Solutions~~ ~~16. Listener feedback Q&A #1~~ ~~17. PPTP and IPSec VPN Technology~~ ~~18. "Hamachi" Rocks!~~ ~~19. VPNs Three: Hamachi, iPig, and OpenVPN~~ ~~20. A SERIOUS new Windows vulnerability — and Listener Q&A~~ * A special (short) edition Concerning the [[Windows Metafile vulnerability\|WMF]] vulnerability. ~~21. The Windows MetaFile (WMF) Vulnerability~~ ~~22. The Windows MetaFile Backdoor?~~ ~~[[Image:Mice logo.gif\|thumb\|100px\|left]]~~ ~~23. Mouse Trap~~ ~~24. Q&A~~ ~~== Windows Metafile Vulnerability ==~~ In episode 22 of this podcast, Steve Gibson made a serious accusation[http://www.grc.com/sn/SN-022.htm] that [[Microsoft]] intentionally put a backdoor into the Metafile Processing code of [[Microsoft Windows\|Windows]] 2000 and XP. Steve claimed that while he was reverse engineering the files he could not get the vulnerability to run. To trigger it, he had to intentionally enter a 1 byte code sequence into the header of the file. Gibson claimed that this was a nonsensical value, and that Microsoft intentionally put such a trigger into the metafile interpreter. ~~{{see\|Windows Metafile vulnerability\|http://www.grc.com/sn/SN-022.htm Gibson's Podcast Transcript}}~~ ~~== External links ==~~ ~~=== GRC links ===~~ [https://grc.com/x/ne.dll?bh0bkyd2 ShieldsUP!] - GRC's port scannerWMF vulnerability hotfix [http://grc.com/nat/nat.htm NAT Router Security Solutions] - NAT router technology descriptions [https://www.grc.com/pass Perfect Passwords] - GRC's Ultra High Security Password Generator [http://www.grc.com/sn/notes-020.htm WMF exploit patch and temporary fix] ~~=== Other links ===~~ [http://www.smoothwall.org/ Smoothwall Express] - GNU/Linux based open source firewall [http://www.m0n0.ch/wall/ m0n0wall] - FreeBSD based open source firewall [http://www.sysinternals.com/utilities/rootkitrevealer.html RootkitRevealer] - System Internal's rootkit finder [http://www.f-secure.com/blacklight/ BlackLight] - F-Secure's rootkit finder (currently in beta) [http://www.hamachi.cc/ Hamachi] - Virtual secure network between two or more computers [http://openvpn.net/ OpenVPN] - Open Source SSL VPN [http://www.iopus.com/iPig/ iPig] - Private internet gateway with 256-bit AES encryption [http://www.hexblog.com/ WMF vulnerability hotfix] (Hexblog) ~~[[category:Podcasts]]~~