Steve Gibson and Leo Laporte talk weekly of the security events during last week. Every other episode is dedicated to Q&A (question and answers), and the other half is dedicated to a certain topic. For example the inner workings of a specific technology, a new security software or product or an explanation of a new attack. Security and privacy are the main topics, although they often comment on science fiction books and movies as well. The amount of commercials have been growing since they started, and can be quite annoying at times.

Find it on Steve's page grc.com/sn or look for it in iTunes. Each episode used to be between 45-90 minutes. Now 2 hours plus hours tend to be the norm.

Find some Security Now illustrated videos at askmrwizard.com.

I started listening around episode 100 and then I just had to catch up from the beginning. It's quite interesting!

Steve Gibson is known for his "disk and maintenance" tool SpinRite, he coined the term spyware, created Shields UP!, he has a random password generator and of course a lot of other projects. I has hoping for his previously announced tykk=Cryptolink], but due to the political situation, he won't build it. His SQRL login scheme (logging in by scanning a QR-code) is almost done.

---

My status

Where am I: 545 (updated once in a while)
Subject status: 420
Skipped: Q&A 127, 126, 125, 124, 123, 122, 121, 120

---

Tema: How the technology works

Hvordan en datamaskin fungerer 233, 235, 237, 239, 241, 247, 250, 252, 254
Hvordan Internett fungerer 25, 26, 27, 29, 309, 313, 317, 319, 323, 325, 345
Hva er porter? 43
NAT Rutere 3
NAT traversal 42
The HOST file 45
Internett Proxy 62, 289
Network Congestion 139
Kryptografi 30, 31, 33, 34, 35, 37, 125, 181, 183, 185, 374, 376
Memory Hard Problems 388
Randomness 299, 301
Virtuelle nettverk (VPN) 14, 15, 17 (18, 19), 392, 394, 400
Virtualisering 50, 54, (53, 55, 57, 59)
Multifaktor autentisering 90, 94, (95, 98)
Bluetooth 280, 283
Near Field Communications 372
DTLS (UDP "https") 380
QR codes 382
Distributed Hash Tables 398
Intel History 410
Perfect Forward Secrecy 412
PGP 418
BitMessage 420

---

Anonymity and identification

Anonym på Internett, TOR, Snowden 69, 70, 121, 307, 327, 369, 406, 408, 413, 414, 416
How Facebook Monetizes 404
Do not track (DNT) 378,
Side-Channel Privacy Leakage 264, 270, 305
OAuth 266
RFID 278

---

Tema: Attacks on the machine

Buffer Overruns: 39
Hardware DEP: 78
Ormer, Conficker: 1, 193
Spionprogrammer: 7, 191
Rootkits: 9
Browser security, scripting: 38, 217, 219, 221
RAM Hijacks 137
TCP-SockStress 164, 355, 359
Code fuzzing 285

---

Subject: Attacks via Internett

Cyberkrig 82, 227
Cross site scripting 85, 86, 87, 166, 168
Trådløs nettverkstilgang, WEP og WPA 10, 11, 13, 89, 170, 335, 337
DOS angrep 8, 47
DNS angrep 155, 157, 260, 276
SSL angrep 177, 179, 195, 223, 243, 321 (Krever kryptografikjennskap)

---

Subject: Nice to know

The Internet Underworld 392
Mat Honan's Very Bad Weekend 364
Strict Transport Security 262
Firesheep 272
Stuxnet 291
SPDY 343
Anatomy of a Security Mistake 311
Lastpass: web-basert lagring av dine logins 256
The Portable Dog Killer aka "lag noe selv" 248
åpen kildekode vs. lukket 245
Kostnaden ved sikkerhet 229
Hvorfor er sikkerhet så vanskelig? 65
Legge ut beit, "honey pot" 2
Lag din passordpolicy 4, 5
Informasjonslekkasje 6
Corporate Security 127
Internett bakgrunnsstøy 46
TrueCrypt 41, 133
Harddisker og hvorfor de slutter å virke 81
Sikkerhetsfunksjonene i Vista, UAC: 66, 67, 83
NETSTAT kommandoen 49
stole på vår Internett tilbyder? 61, 149, 151, 153
Er du menneske? 101
GRC sitt kjøpesystem 109
Windows SteadyState 129
Single sign-on 111
Perfect Paper Passwords 113, 115, 117
Jungle Disk 123
Boyer & Moore "string search" 203
Lempel & Ziv "komprimering 205
Voting Machine Hacking 211
Cracking GSM Cellphones 213