Podcasts about DigiNotar

In this episode Dave and Jonathan ramble on about cargo cults and how humans develop ritualistic behaviors that completely miss the point of what they are trying to accomplish. In programming, business management and even in science itself there are many examples of people doing silly things while appearing to look like they are working. links: Animal superstition: https://psycnet.apa.org/record/1948-04299-001 Easily hacked certificate authorities (Diginotar): https://darknetdiaries.com/transcript/3/

Je hebt cyberhelden en je hebt Cyberhelden! Frank Groenewegen staat al meer dan 15 jaar in de digitale frontlinies. Hij stond vooraan bij de onderzoeken bij DigiNotar, KPN en Belgacom. Sinds begin dit jaar is Frank partner Cyber Risk van Deloitte.

Tervetuloa Jaettujen Salaisuuksien alppimajalle. Tämä on Herrasmieshakkerit-äänijulkaisun erikoisjakso, jossa käymme läpi mitä tapahtui tietoturvakentällä viimeisen vuosikymmenen aikana. Wiralliset wanhukset nostavat esille oman kokemuksena perusteella vuosien 2010 - 2019 merkittävimmät tapahtumat ja perustelevat miksi juuri kyseinen tapahtuma ansaitsi päästä tälle listalle.  Äänijulkaisun lähdeluettelo: 2010 Operaatio Aurora, Wikipedia https://en.wikipedia.org/wiki/Operation_Aurora Operaatio Aurora, Mikon kirjoittama artikkeli 2010 https://archive.f-secure.com/weblog/archives/00001854.html Beyond Corp https://www.beyondcorp.com/ Beyond Corp @ Google https://cloud.google.com/beyondcorp/ Stuxnet, Mikon kommentit 2010 https://archive.f-secure.com/weblog/archives/00002040.html To Kill A Centrifuge, Langner Associates https://www.langner.com/to-kill-a-centrifuge/ Stuxnet kirja-arvostelu, An Unprecedented Look at Stuxnet, Wired https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/ Stuxnet-elokuva, IMDB https://www.imdb.com/title/tt5446858/ 2011 LulzSec, Wikipedia https://en.wikipedia.org/wiki/LulzSec Parmy Olsonin kirja LulzSecista https://www.amazon.com/We-Are-Inside-LulzSec-Insurgency/dp/0316213527 BBC:n erikoislähetys LulzSecista, Mikon haastattelu 2011 https://www.bbc.com/news/av/technology-22526025/lulzsec-hacker-internet-is-a-world-devoid-of-empathy DigiNotar, Wikipedia https://en.wikipedia.org/wiki/DigiNotar Mikon blogikirjoitus DigiNotarista, lopussa lista väärennetyistä sertifikaateista https://archive.f-secure.com/weblog/archives/00002228.html How a 2011 Hack You’ve Never Heard of Changed the Internet’s Infrastructure, Slate https://slate.com/technology/2016/12/how-the-2011-hack-of-diginotar-changed-the-internets-infrastructure.html Fox-IT:n Loppuraportti DigiNotarista https://www.rijksoverheid.nl/binaries/rijksoverheid/documenten/rapporten/2011/09/05/diginotar-public-report-version-1/rapport-fox-it-operation-black-tulip-v1-0.pdf Fox-IT:n visualisointi DigiNotarin uhreista https://www.youtube.com/watch?v=wZsWoSxxwVY 2012 Flame, Wikipedia https://en.wikipedia.org/wiki/Flame_(malware) Mikon kolumni Wiredissa - Why Antivirus Companies Like Mine Failed to Catch Flame https://www.wired.com/2012/06/internet-security-fail/ 2013 Edward Snowden, Wikipedia https://en.wikipedia.org/wiki/Edward_Snowden The Snowden Saga: a Shadowland of Secrets and Light, Vanity Fair https://www.vanityfair.com/news/politics/2014/05/edward-snowden-politics-interview Snowden -elokuva https://snowdenfilm.com 11 Steps Attackers Took to Crack Target, CIO online https://www.cio.com/article/2600345/11-steps-attackers-took-to-crack-target.html Target Hackers Broke in Via a ventilation Company https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/ 2014 Sony Pictures hack, Wikipedia https://en.wikipedia.org/wiki/Sony_Pictures_hack Elokuva, The Interview, IMDB https://www.imdb.com/title/tt2788710/ Heartbleed http://heartbleed.com/ Tarina Heartbleedin logosta https://abcnews.go.com/Business/curious-business-naming-security-bug/story?id=23280245 2015 DD4BC, Armada Collective, and the Rise of Cyber Extortion, Recorded Future https://www.recordedfuture.com/dd4bc-cyber-extortion/ Suspected members of Bitcoin extortion group DD4BC arrested, ZDNet https://www.zdnet.com/article/suspected-members-of-bitcoin-extortion-group-dd4bc-arrested/ Ukrainan sähköverkon katkaisu, Youtube https://www.youtube.com/watch?v=Iqh7fpsL3HY 2016 SWIFT banking hack, Wikipedia https://en.wikipedia.org/wiki/2015%E2%80%932016_SWIFT_banking_hack Bangladesh Bank Attackers Hacked SWIFT Software https://www.bankinfosecurity.com/report-swift-hacked-by-bangladesh-bank-attackers-a-9061 Democratic National Committee cyber attacks, Wikipedia https://en.wikipedia.org/wiki/Democratic_National_Committee_cyber_attacks Shadow Brokers, Wikipedia https://en.wikipedia.org/wiki/The_Shadow_Brokers 2017 WannaCry ransomware attack, Wikipedia https://en.wikipedia.org/wiki/WannaCry_ransomware_attack Yksi ensimmäisistä lunnastroijalaisista, ICPP Copyright Trojan https://archive.f-secure.com/weblog/archives/00001931.html EternalBlue, Wikipedia https://en.wikipedia.org/wiki/EternalBlue Paysafecard https://www.paysafecard.com/fi-fi/ Paysafecard -kuitti vuodelta 2011 https://imgur.com/a/6tOzoI4 2018 Cambridge Analytica, Wikipedia https://en.wikipedia.org/wiki/Cambridge_Analytica Cambridge Analytica: The Great Hack, Netflix https://www.netflix.com/fi-en/title/80117542 Meltdown & Spectre https://meltdownattack.com/ Deep Dive: Introduction to Speculative Execution Side Channel Methods, Intel https://software.intel.com/security-software-guidance/insights/deep-dive-introduction-speculative-execution-side-channel-methods 2019 How a ransomware attack cost one firm £45m, BBC https://www.bbc.com/news/business-48661152 Travelex: Travel money services still down after cyber-attack, BBC https://www.bbc.com/news/business-51097470 Travelex Hack Questions and Answers https://www.travelex.com/customer-faqs/  

Grote kans dat je een prepper wordt na het beluisteren van deze podcast. Want het is oorlog, zegt journalist Huib Modderkolk. Inlichtingendiensten en hackers zijn in een continue digitale strijd verwikkeld. Alle landen vechten mee. Daarom zou het zomaar eens kunnen dat ook in Nederland door een virus de stroom eruit gaat. Of erger. Huib vertelt hoe hij deze dreiging aan lezers probeert uit leggen. Hint: veel cliffhangers gebruiken. Succes met luisteren, en daarna snel geld pinnen en blikken bonen inslaan!ShownotesHuib's boek 'Het is oorlog maar niemand die het ziet'.De recente iPhone hack waarbij Oeigoeren in China het doel waren.Hackers hadden wekenlang toegang tot de Oostenrijkse politieke partij ÖVP.The Intercept over hoe de Amerikaanse douane je sociale media profielen bekijkt.De column van Maxim Februari over het kabeltje van Diginotar.Hoe Google-data een moordzaak helpt oplossen.

The 2011 DigiNotar breach changed the way browsers do security. In this episode, we learn what role a CA plays, how browsers work with CAs, and what happens when a CA is breached. Learn more about your ad choices. Visit megaphone.fm/adchoices

How the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security & how to hide malware in a PNG. Plus a packed round up, great emails & more in a packed 300th episode!

How the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security & how to hide malware in a PNG. Plus a packed round up, great emails & more in a packed 300th episode!

How the hack of DigiNotar changed the infrastructure of the Internet forever, changing the way we think about security & how to hide malware in a PNG. Plus a packed round up, great emails & more in a packed 300th episode!

Detta är det trettionde avsnittet av Säkerhetspodcasten, i vilket panelen svarar på frågor från er lyssnare! Vi pratar Diginotar, Bug Bounties, David Guettas USB-minne, LibreSSL och mycket mer.

Mike Wood a Senior Threat Researcher with SophosLabs is Chet's guest. They discuss the upcoming Patch Tuesday, the new Firesheep and go in depth on the recent troubles at certificate authority DigiNotar.

Мы долго ждали этот выпуск. Он казался нам особенно интересным ввиду специфики тематики — информационная безопасность. Наш коллега Александр (он же sinister) из Украины рассказывает с чувством, с толком, с расстановкой о самых знаковых атаках и взломах последних лет. Уязвимости, черви, вирусы, социальная инженерия. В шестом выпуске подкаста есть всё. Кратко о темах выпуска: Новости Cisco меняет программу сертификацииПервые жертвы закона об Интернете Темы гостя Атаки на промышленные объекты (Бушерская АЭС)Как довели до банкротства центр сертификации DigiNotar (как пример атаки на инфраструктуру)Самая мощная в истории DDoS-атака, как это было (300 гигабит/c, апрель 2013)Немного про lulzsec — крах HBGary (федеральная IT секьюрити и шпионаж) и подробный рассказ как нашли, задержали их лидеровЛичный опыт — Прекратившая существование компания, филиалы в 10 областных центрах.Личный опыт — Разбор инцидента с эволюционировавшим анлокером. Скачать файл подкаста. Добавить RSS в подкаст-плеер. Под катом слайдкаст и материалы к выпуску. Читать дальше

Мы долго ждали этот выпуск. Он казался нам особенно интересным ввиду специфики тематики — информационная безопасность. Наш коллега Александр (он же sinister) из Украины рассказывает с чувством, с толком, с расстановкой о самых знаковых атаках и взломах последних лет. Уязвимости, черви, вирусы, социальная инженерия. В шестом выпуске подкаста есть всё. Кратко о темах выпуска: Новости Cisco меняет программу сертификацииПервые жертвы закона об Интернете Темы гостя Атаки на промышленные объекты (Бушерская АЭС)Как довели до банкротства центр сертификации DigiNotar (как пример атаки на инфраструктуру)Самая мощная в истории DDoS-атака, как это было (300 гигабит/c, апрель 2013)Немного про lulzsec — крах HBGary (федеральная IT секьюрити и шпионаж) и подробный рассказ как нашли, задержали их лидеровЛичный опыт — Прекратившая существование компания, филиалы в 10 областных центрах.Личный опыт — Разбор инцидента с эволюционировавшим анлокером. Скачать файл подкаста. Добавить RSS в подкаст-плеер. Под катом слайдкаст и материалы к выпуску. Url podcast:https://archive.org/download/linkmeup-V006/linkmeup-V006.mp3

Мы долго ждали этот выпуск. Он казался нам особенно интересным ввиду специфики тематики — информационная безопасность. Наш коллега Александр (он же sinister) из Украины рассказывает с чувством, с толком, с расстановкой о самых знаковых атаках и взломах последних лет. Уязвимости, черви, вирусы, социальная инженерия. В шестом выпуске подкаста есть всё. Кратко о темах выпуска: Новости Cisco меняет программу сертификацииПервые жертвы закона об Интернете Темы гостя Атаки на промышленные объекты (Бушерская АЭС)Как довели до банкротства центр сертификации DigiNotar (как пример атаки на инфраструктуру)Самая мощная в истории DDoS-атака, как это было (300 гигабит/c, апрель 2013)Немного про lulzsec — крах HBGary (федеральная IT секьюрити и шпионаж) и подробный рассказ как нашли, задержали их лидеровЛичный опыт — Прекратившая существование компания, филиалы в 10 областных центрах.Личный опыт — Разбор инцидента с эволюционировавшим анлокером. Скачать файл подкаста. Добавить RSS в подкаст-плеер. Под катом слайдкаст и материалы к выпуску. Url podcast:https://archive.org/download/linkmeup-V006/linkmeup-V006.mp3

In dieser Episode des Hackerfunks erläutert uns Fabian Wenk, wie Secure Socket Layer (SSL) funktioniert, wo die Schwachstellen liegen und wo es im Internet deswegen schon geknallt hat. Trackliste Heifervescent – Liberty Girl Fresh Body Shop – Wizard Nächste Sendung am Samstag, 04. Mai 2013 Fabian Wenk :: Fabian's Webseite Comodo Hack :: Zertifikatsklau bei Comodo Diginotar Hack :: Protokoll eines Verbrechens: Einbruch bei Diginotar Fox-IT Analyse :: Fox-IT Analyse zum Diginotar Hack als PDF Panne bei Türktrust :: Fatale Panne bei Türktrust Explanation by Türktrust :: Türktrust explains what exactly happened Thread at CABforum :: Thread following Türktrust's explanation at CABforum Latest Update from Türktrust :: Latest Update on the Türktrust case CABforum :: Certificate Authorities/Browser Forum Convergence Beta :: Distributed strategy for replacing Certificate Authorities DANE :: DNS-based Authentication of Named Entities Certificate Patrol :: Certificate Patrol Add-On für Firefox EFF SSL Observatory :: SSL Observatory der Electronic Frontiers Foundation CA Security Council :: CA Security Council Blog iX Artikel zu SSL :: iX Artikel zu SSL in Ausgabe 2/2012 iX Artikel zu SSL :: iX Artikel zu SSL in Ausgabe 4/2012 c't Artikel zu SSL :: c't Artikel zu SSL in Ausgabe 9/2013 File Download (58:57 min / 88 MB)

In dieser Episode des Hackerfunks erläutert uns Fabian Wenk, wie Secure Socket Layer (SSL) funktioniert, wo die Schwachstellen liegen und wo es im Internet deswegen schon geknallt hat. Trackliste Heifervescent – Liberty Girl Fresh Body Shop – Wizard Nächste Sendung am Samstag, 04. Mai 2013 Fabian Wenk :: Fabian's Webseite Comodo Hack :: Zertifikatsklau bei Comodo Diginotar Hack :: Protokoll eines Verbrechens: Einbruch bei Diginotar Fox-IT Analyse :: Fox-IT Analyse zum Diginotar Hack als PDF Panne bei Türktrust :: Fatale Panne bei Türktrust Explanation by Türktrust :: Türktrust explains what exactly happened Thread at CABforum :: Thread following Türktrust's explanation at CABforum Latest Update from Türktrust :: Latest Update on the Türktrust case CABforum :: Certificate Authorities/Browser Forum Convergence Beta :: Distributed strategy for replacing Certificate Authorities DANE :: DNS-based Authentication of Named Entities Certificate Patrol :: Certificate Patrol Add-On für Firefox EFF SSL Observatory :: SSL Observatory der Electronic Frontiers Foundation CA Security Council :: CA Security Council Blog iX Artikel zu SSL :: iX Artikel zu SSL in Ausgabe 2/2012 iX Artikel zu SSL :: iX Artikel zu SSL in Ausgabe 4/2012 c't Artikel zu SSL :: c't Artikel zu SSL in Ausgabe 9/2013 File Download (58:57 min / 88 MB)

Episode 0x17-- Turkey Time We're going to try to keep this one relatively short. Seriously. Of course, it's a day late because I did a boo boo on the recording. Don't ask. Upcoming over the next hour... Lots of News Breaches SCADAs DERPs!!! and then our discussion topic-- And if you've got commentary, please sent it tomailbag@liquidmatrix.org for us to check out. DISCLAIMER: It's not that explicit, but you may want to use headphones if you're at work. ADDITIONAL DISCLAIMER: In case it is unclear, this is the story of 4 opinionated infosec pros who have sufficient opinions of their own they don't need to speak for anyone except themselves. Ok? Good. In this episode: News Hack any skype account in 6 easy steps FACEBOOK SSL FOR EVERYONE Linux rootkit doing iFrame injections  [Full Disclosure]  [CrowdStrike] Dissecting a Facebook Scam Telstra - still can't get security right Killing 4G networks with a suitcase radio thingy Wikid Publishes free eGuide on adding 2factor Web Engineer's Online Toolbox Breaches - The never ending never ending story... FreeBSD intruded upon Skype Adobe NASA - good at going to Mars, not so much at keeping laptops safe Health facilities in Mass and RI lose tapes The SCADAs (WARNING: PDF) From Luigi Auriemma - ABB has problems that look like CoDeSys Obama signs secret directive to help thwart cyberattacks Errata / DERP of the week award United States on Brink of Major Cyber Attack, Industry Executive Predicts  Deloitte Center for Cyber Innovation Mailbag / Bizarro Land RE: Canadian Satellites Hey guys. Thanks for the shout-out in Episode 14 regarding the Diginotar report. Unfortunately I'm going to have to award you guys a mini-derp award for your comments that same episode on the story about the Canadian Navy buying satellite services from Inmarsat as satellites just happen to be my area of expertise. Yes, Canada does have its own communications satellites. They are managed by a company called Telesat. However, they are not of use to the Canadian Navy because they are located in the wrong place, operate on the wrong frequencies, and provide the wrong types of services for what the Navy needs. Communications satellites of this type operate in the geostationary belt (GEO), an orbit around the Equator 36,000 km above the Earth. The radio spectrum in this orbit is pretty congested, so early on international regulation of the satellites in this orbit and the spectrum they use was given to an organization called the ITU. Countries apply to the ITU for specific orbital slots and frequencies in the GEO belt and then license those to their companies. Canada has slots over North America and associated frequencies that are used by Telesat for what's called Fixed Satellite Services (FSS) - mainly broadcast TV and a host of communications services to remote communities in northern Canada. But these frequencies and antenna patterns are not what's used for mobile communications, nor does Canada have any satellite slots in other locations to provide global coverage which is kinda important for ships. Inmarsat on the other hand has the slots and frequency allocations to specialize in Mobile Satellite Services (MSS). They have a fleet of satellites located at various points around the Equator to give global coverage and the types of frequencies and coverage to provide mobile services to ships. Pretty much if you're operating a ship you're going to buy services from Inmarsat. More: Telesat and Inmarsat Brian W. Skyrim Jokes Hey guys, I don't have any Skyrim jokes but do have an odd anecdote for you. While playing Skyrim and listening to the LSD, I've found that I _have_ to turn off the xbox kinect controls or else bad things happen. Apparently Matt's voice is finely tuned as a Weirding Word. I'll be merrily bopping around a character in a dungeon of some type when, all of a sudden, a dragon shout get kicked off and kills all attempts at stealth that I've been trying to muster. It's only Matt's voice that kicks off the shouts. Take that for what you will. John D. Fus Roh Dah! Wrong questions being asked about security involvement in PMO/SDLC work Hey guys, I'm listening to 0x15 and a question made in there really got in between my teeth. "Does making security part of the SDLC make the software more secure?" is the wrong question to be asking. Whether or not having risk evaluations or threat modeling part of the SDLC should be a concern but not the approach I've found work when I've introduced it into the SDLCs of which I've been involved. Let's break out of our security cliques for a moment and realize that ultimately many of use tell ourselves that what we do matters in order to justify the dissonance we have in our brains for putting up with the crap we do because we actually enjoy what we do, for the most part. By and large, we're not altruists. Having the guts to come out and say "Yeah, I know what I do for an organization rarely makes the world a better place, but gosh darn it I like/love what I do." can go a long way to asking the right questions to keep ourselves employed and pertinent to the business that pays us to do cool things. Once you get out of the "what I do is important, dammit" mindset, asking the following question better serves us as a whole. Does making security part of the SDLC/project/product make the business more money or save the business more money had it not been part of the SDLC/project/product as much as we're pushing? If you can justify the change, you can be relatively assured that someone in charge of playing with the moneys with listen. Phrasing the question that way also lends to promoting the idea to the money people that what they do is ultimately important and feeds their own dissonance hating mechanisms. John D. P.S. This approach has also saved me from the dreaded infosec burnout. In Closing Movie Review Matt saw Twilight - point and laugh! We do research too - Ben's running a survey and will publish results. Check it out! The Security Conference Library If you're interested in helping out with openCERT.ca, drop a line to info@openCERT.ca Contribute to the Strategic Defense Execution Standard (#SDES) and you'll be Doing Infosec Right in no time. Upcoming Appearances: James at SecurityZone in Cali, Colombia Signing up for a SANS course? Be sure to use the code "Liquidmatrix_150" and save $150 off the course fee! Seacrest Says: "go do bad bad things to a turkey" Creative Commons license: BY-NC-SA

Alle braven Nutzer bekommen seit Ewigkeiten beigebracht: Wenn wir sicher surfen wollt, müsst ihr ein httpS vor die Webadresse eurer Onlinebank schreiben. Nur dann ist die Kommunikation wirklich, ehrlich und total sicher. Und das gilt auch für alle anderen Seiten, bei denen irgendwelchen Informationen übertragen werden. Oder halt eben nicht. Spätestens seit den Skandalen um Zertifikatsherausgeber wie Diginotar, dem Abhören von GMail-Traffic durch den Iran[2] und der weitreichenden BEAST-Attacke[3] ist klar: SSL und TLS sind kaputt. So kaputt, dass sich die Frage stellt, ob es ein Fehler im System oder eine behebbare Sicherheitslücke ist. Eine Problem um das es im Chaosradio gehen soll. Stephan "tomate" Urbach, fukami und Matthias "Wetterfrosch" Mehldau werden die Funktionsweise, Fallstricke und fundamentalen Fehler bei verschlüsselter Datenübertragung im Netz erklären, beleuchten und mit euch diskutieren. Links: * [1] http://www.vasco.com/company/press_room/news_archive/2011/news_diginotar_reports_security_incident.aspx * DigiNotar http://www.heise.de/firma/DigiNotar * [2] http://netzpolitik.org/2011/wie-der-iran-mit-hilfe-einer-niederlandischen-firma-gmail-abhorte/ * [3] https://blog.torproject.org/blog/tor-and-beast-ssl-attack

Synopsis This edition of the podcast doesn't hold back.  We ask "Can someone be hacked out of business?" and as usual we don't really like the answers we come up with.  While Martin, Rob and I have been in most every aspect of security for just over a combined 3 decades, we end up with a conslusion that I don't think any of us are comfortable with ...at least not that we were willing to say out loud, until now.  So is it possible?  Is DigiNotar being "hacked out of business" as Dark Reading suggests all FUD?  Listen and find out where we go with this topic! Guests Rob Hale (UK) - An entrepreneur and industry commentator, Rob has over 12 years of experience working in the Security industry, with integrators, channel partners and vendors, providing advice and solutions for Enterprises & Government agencies to secure their networks, systems and data from internal and external threats. Martin McKeay - Security Evangelist, Akamai Rafal Los (aka the "Wh1t3 Rabbit) - HP Enterprise & Cloud Security Strategist Links The DarkReading story that started us thinking: http://www.darkreading.com/authentication/167901072/security/attacks-breaches/231601790/diginotar-hacked-out-of-business.html The company Rob brought up which actually was hacked out of business (Distribute IT)- http://risky.biz/distributeit

Daddy Life Podcast Show Notes Caden Update - Caden had surgery on Thursday, September 22, 2011.  Go to Caden’s Page for more details. Legacy Home School Support Group live speaking event - Outstanding feedback several emails and one phone call. DaddyLife.net Episode 1 audio clip - demonstrating improvements in quality and helping reiterate why this podcast exists. PodcastAwards.com (Nominations end 9/30) Visit http://www.podcastawards.com/ Enter the following information for Daddy Life under the “General” category: Podcast Name: Daddy Life Podcast URL: http://daddylife.net  Why are we here? The provide free content for parents to learn how to build solid relationships with the children. That will lead to children with teachable spirits who want to learn what their parents have to say about technology safety and so much more. Tech Time DigiNotar - Computerworld says "The Dutch company that was hacked earlier this summer by certificate thieves has gone bust and shut down, its U.S.-based owner said Tuesday." Parenting - Relationships and Character Training The Father’s Mandate - In the next episode we will begin with part 1 of a 8 part series on I implement the Fathers Mandate from chapter 4 of the Growing Kids God's Way parenting series by Gary and Anne Marie Ezzo. Pilot training example. Once my instructor slapped my hand and never apologized I was not interested in hearing what he had to say about anything. Courageous Movie opens Friday September 30th. FEEDBACK: Please leave feedback in the comments below or contact us via: Daddy Life on Twitter Voice Mail: (864) 372-9833 Technology Safety is more about Behavior than the Technology!    

Richard flies solo to talk to Barry Dorrans, now at Microsoft, about the recent spate of security breaches at Certificate Authorities like Comodo and DigiNotar. What can you as an IT Pro do about this recent set of hacks? Other than replacing your potentially exploited certificate, not a lot. Barry talks about how these exploits have happened, what Microsoft, Google and others are doing about it and some possible long term solutions to the problems. Check out Barry's blog at idunno.org. Barry also mentions an alternative solution to Certificate Authorities called Convergence and why Chrome won't be implementing it.

Heute mit: Black Hat / Defcon 2011, Epic Fail bei DigiNotar, Kindle Cloud Reader, Saber Rider and the Star Sheriffs - The Game, PVP ohne Handschuhe bei EVE Online, Portal Fan-Videos, Städtereisen mit Google My Maps, Syria: The Other Side, Chalkbot

De European Podcast Awards zijn weer begonnen! Jullie kunnen op Tech45 stemmen via deze link! Dit kan dagelijks. Stemmen dus! Gastheer Maarten Hendrikx, @maartenhendrikx op Twitter of via zijn website. Panel Davy Buntinx, @dirtyjos op Twitter, of via zijn website. Marco Frissen, @mfrissen op Twitter, of via zijn website. Jan Seurinck, @janseurinck op Twitter, of via zijn website. Stefaan Lesage, @stefaanlesage op Twitter, of via de Devia website. Cindy de Smet, @drsmetty op Twitter Gasten Harold Kuepers, @haroldkuepers op Twitter, of via StyleCowboys.nl. Arvid Bux, @arvid op Twitter, of via OetZitterd.nl. Onderwerpen Harold en Arvid zijn naar de IFA in Berlijn geweest. Een uitgebreide reportage van hun ervaringen. Wat was er "hot" dit jaar? Veel info op StyleCowboys.nl Amazon gaat een tablet uitbrengen. Dat wisten we al, maar wat zijn nu allemaal de geruchten? We lopen ze eens na. Diginotar was gehacked. Evenals andere Certificate Authoriteiten. In Nederland o.a. gebruikt dooroverheidsdienst digid.nl, en dus niet zomaar een kleinigheid. (FOX-it rapport -pdf link) Tips Jan: Offline GMail FTW! Maarten wil graag Dungeons & Dragons spelen, een oproep! Davy tipt twee blogs: Paperhackwriter en Patrick Rhone Cindy converteerd GPS naar GMaps en GEarth en v.v. met http://www.gpsvisualizer.com en http://www.gpsbabel.org Marco is aan het programmeren geslagen met HTML5, Javascript en gebruikt hiervoor PhoneGap en ApplicationCraft tools. Oh, en hij wil deze ATARI Joystick voor iPad zeker hebben! Arvid is fan van TwentyFeet, om je twitter stats bij te houden. Harold heeft als tips The Magic Numpad en QuickDraw (iTunes link) Feedback Het Tech45-team apprecieert alle feedback die ingestuurd wordt. Heb je dus opmerkingen, reacties of suggesties, laat dan een commentaar hieronder achter. Via twitter kan natuurlijk ook @tech45cast. Ook audio-reacties in .mp3-formaat zijn altijd welkom. Items voor de volgende aflevering kunnen getweet worden met de hashtag '#tech45'. Vergeet ook niet dat je 'live' kan komen meepraten via live.tech45.eu op dinsdag 13 september vanaf 21u30. Deze aflevering van de podcast kan je downloaden via deze link, rechtstreeks beluisteren via de onderstaande player, of gewoon gratis abonneren via iTunes.