Podcasts about private key

Parce que… c'est l'épisode 0x300! Shameless plug 3 au 5 juin 2026 - SSTIC 2026 24 et 25 juin 2026 - Troopers 26 et 27 juin 2026 - leHACK 19 septembre 2026 - Bsides Montréal 1 au 3 décembre 2026 - Forum INCYBER - Canada 2026 24 et 25 février 2027 - SéQCure 2027 Description Dans cet épisode du podcast Polysécure enregistré au NorthSec, Gaëtan Ferry et Guillaume Valadon, tous deux cyber security researchers chez GitGuardian depuis deux ans, présentent une recherche consacrée aux fuites de clés privées cryptographiques. Guillaume est par ailleurs mainteneur du logiciel Scapy et rédacteur en chef du magazine MISC. Le problème de l'attribution Contrairement à des secrets classiques comme les clés AWS, dont on peut retrouver le propriétaire en interrogeant les services associés, une clé privée cryptographique (RSA par exemple) ne se rattache à aucune identité. C'est un simple objet mathématique aux propriétés cryptographiques, utilisable pour de multiples usages : connexion SSH, protection d'un site web en TLS, etc. En regardant la clé seule, impossible de savoir à quoi elle sert ou à qui elle appartient. Quelques indices existent parfois — le nom de fichier (norssec.io.key) — mais souvent on tombe sur des private.key inexploitables. L'enjeu de la recherche était donc de trouver une technique générique de catégorisation. La méthode : Certificate Transparency La solution repose sur les Certificate Transparency logs, un mécanisme de l'infrastructure X.509 datant de 2015. Chaque fois qu'une autorité de certification émet un certificat, elle doit le journaliser dans ces registres publics, souvent opérés par d'autres autorités. Ces journaux contiennent donc l'historique de tous les certificats émis. Le principe du matching est le suivant : une clé privée contient des informations sur sa partie publique (le module, dans le cas de RSA). On extrait cette partie publique, on calcule une empreinte SHA-256, et on fait de même pour les certificats. Comme un certificat TLS associe une clé publique à une identité (généralement le nom du site protégé), une simple jointure entre les deux bases d'empreintes permet de relier une clé privée à un site et à son propriétaire. La recherche s'est accélérée lors de la conférence Pass the SALT à Lille, où des contacts chez Google les ont alertés : les anciens logs de Certificate Transparency, coûteux à opérer, allaient être mis hors ligne. Or c'était précisément la dimension historique du dataset qui les intéressait. Un partenariat s'est noué : GitGuardian a fourni une liste d'empreintes, et Google a effectué la correspondance dans sa base propriétaire, renvoyant les certificats associés. Les chiffres Le dataset de fin 2025 comptait un million de clés privées distinctes, collectées via l'activité historique de GitGuardian — le public monitoring qui scanne GitHub, Docker Hub et d'autres sources à la recherche de secrets codés en dur, puis avertit les victimes en mode « bon samaritain ». Sur ce million, 42 000 clés correspondaient à des certificats émis par des autorités. Le chiffre peut sembler modeste, mais la majorité des clés ne servent jamais au TLS (projets personnels, SSH, autorités privées d'entreprise absentes des logs publics). Ces 42 000 clés étaient liées à plus de 140 000 certificats, signe que certaines avaient servi à émettre plusieurs certificats successifs, prolongeant d'autant la durée d'exposition. Après vérification, 2 600 clés restaient associées à un certificat valide en septembre 2025. Grâce à des techniques d'OSINT, 1 300 certificats ont pu être rattachés à environ 600 entités. La divulgation responsable, un parcours décevant L'équipe a entrepris un responsible disclosure en envoyant environ 4 300 emails à ces 600 entreprises. Résultat : seulement 54 réponses, soit environ 9 %. Même en se limitant aux adresses certaines à près de 100 %, le taux ne dépassait pas 36 %. Pour gérer un envoi aussi massif sans être bloqués comme spam, ils ont dû collaborer avec leurs collègues du marketing, rompus aux techniques de délivrabilité. Plus frappant que le silence : l'incompréhension des répondants. Beaucoup confondaient clé privée et certificat. Certains ont répondu avoir « changé le certificat », croyant le problème réglé. Une équipe de réponse à incident d'une grande entreprise a même produit une analyse détaillée pour conclure que l'endpoint utilisait désormais un autre certificat, refusant toute révocation — alors qu'un attaquant peut toujours mener une attaque man-in-the-middle avec l'ancien certificat non révoqué. Le certificat a fini par expirer un mois plus tard. Fait notable, 19 entités gouvernementales étaient concernées, et aucune n'a répondu. Comprendre TLS Le malentendu de fond tient au fonctionnement de TLS. On génère sa clé privée chez soi, puis on signe une demande de certificat (CSR) envoyée à l'autorité avec la clé publique. L'autorité vérifie les informations, journalise dans CT et renvoie le certificat. Le certificat n'est qu'une partie publique : il associe une clé publique à une identité, sans contenir le secret. Changer de certificat sans changer de clé n'invalide donc rien : l'ancien certificat reste exploitable pour usurper le service tant qu'il n'est pas révoqué. Forcer la révocation et la vraie solution Face au silence, l'équipe a contacté directement les autorités de certification pour demander la révocation, en fournissant les preuves de possession. Cette voie autoritative s'est révélée plus efficace, mais a généré des réactions parfois hostiles — dont un individu insultant expliquant que sa clé était « volontairement publique » pour permettre l'interception (cas d'usage type Burp), sans que le site l'indique clairement. Les chercheurs avouent un moment de doute, au point de vérifier auprès d'anciens collègues de l'ANSSI : le problème est bien systémique. La solution qu'ils privilégient n'est pas seulement l'éducation, mais l'automatisation. La réduction drastique de la durée de vie des certificats (vers 47 jours) imposera des outils comme Certbot, qui renouvelle déjà la clé privée en même temps que le certificat. Or 20 % des clés trouvées avaient fui plus de deux ans avant l'expiration du certificat le plus récent : des clés compromises réutilisées sur de nouveaux certificats pendant des années. Renouveler systématiquement la clé aurait éliminé ce cinquième des compromissions. Notes Private Key Leaks in the Wild: Insights from Certificate Transparency Collaborateurs Nicolas-Loïc Fortin Guillaume Valadon Gaetan Ferry Crédits Montage par Intrasecure inc Locaux réels par NorthSec

If Satoshi Nakamoto handed the keys to a single successor, is the network truly decentralized? We go deep into uncomfortable questions about who controls the Bitcoin blockchain and how the power to merge code has shifted since the Genesis block. Juan Galt (@JuanSGalt)  joins us in El Zonte to break down the history of the maintainer role. He proves that the security of our money depends on janitorial consensus rather than a single lead developer.We explore the cypherpunk origins of the protocol, looking at the private correspondence between Satoshi and Hal Finney. This lineage shows how an early culture of cryptography evolved into the modern GitHub repository. Understanding this is essential to knowing how Bitcoin survived the exit of its creator without a corporate takeover.The episode dives into the high stakes world of the private key and the nightmare of the early wallet.dat era. Juan shares stories of recovering seven figures of lost coins, highlighting the shift from 2010 hurdles to modern recovery standards. This was a fundamental upgrade for anyone holding digital gold as a lifelong savings account, moving us toward a robust sovereign standard.Building a circular economy requires a payments interface that works for a local pupuseria as well as a Wall Street fund. We discuss early adoption friction in Mexico and El Salvador, moving from the guy with the Bitcoin phone to modern tools that make daily commerce possible. It is a raw look at moving Bitcoin from a speculative asset to a local currency.Finally, we look at the internal decentralization of the Core team and how maintainers are elected without a CEO. From the Trusted Keys PGP system to the threats of quantum computing, we analyze the protocol's ability to stay hardened. This is a masterclass in the Proof of Work required to maintain the most secure financial network in history. It is about verifying code rather than trusting a person.—Bitcoin Beach TeamConnect and Learn more about Juan Galt:X: https://x.com/JuanSGaltBitcoin Magazine: https://bitcoinmagazine.com/authors/juan-galtYT: https://www.youtube.com/@BitcoinMagazineLifeboat: https://lifeboat.com/ex/bios.juan.galtCompany: https://www.satlantis.io/Support and follow Bitcoin Beach:X: https://www.twitter.com/BitcoinBeach IG: https://www.instagram.com/bitcoinbeach_sv TikTok: https://www.tiktok.com/@livefrombitcoinbeach Web: https://www.bitcoinbeach.com STAY AT BITCOIN BEACHhttps://www.stayatbitcoinbeach.com/punta-mango-villasBrowse through this quick guide to learn more about the episode:00:00 Intro06:01 Why is the "Juan Galt" namesake a high-signal filter for Bitcoiners?10:39 What was the Toronto Decentral hub like before the Ethereum fork?14:19 What can we learn from the "Galt's Gulch" Mexico experiment?21:10 How can you recover seven-figure Bitcoin from a legacy wallet?23:38 Why was the BIP-39 seed phrase a leap for Bitcoin self-custody?36:18 How did Satoshi manage the maintainer transition to Gavin Andresen?45:45 Why did Bitcoin move to GitHub and the "Trusted Keys" PGP system?53:11 How does Bitcoin achieve consensus without a CEO or leader?59:02 Is the Bitcoin protocol truly hardened against 2026 quantum threats?Live From Bitcoin Beach

In this episode of the Crazy Wisdom Podcast, host Stewart Alsop sits down with David Lachmish, co-founder of Ika, to explore the cutting-edge world of decentralized cryptography and its real-world applications. They cover the foundational problem of zero-trust custody and interoperability in crypto, breaking down why most people end up relying on centralized custodians despite crypto's original promise of removing third-party trust, and how Ika's novel 2PC-MPC cryptographic protocol addresses this with decentralized wallets (d-wallets) that require both the user and the Ika network to generate a signature. The conversation also touches on AI agents and the critical need for access control guardrails when agents handle real financial transactions, the philosophical parallels between crypto's growing pains and the early internet, decentralized governance and its potential to reshape how societies make decisions, and a surprising look at how decentralized certificate authorities could dramatically improve everyday internet security. David also gives a first public mention of an upcoming privacy-focused project called Encrypt.Links mentioned:- Ika website: https://ika.xyz- Ika on X: https://x.com/iкаdotxyz- David Lachmish on X: https://x.com/d3h3d_- Encrypt (upcoming project): https://encrypt.xyzTimestamps00:00 - David Lachmish introduces Ika and DWallet Labs, explaining their cybersecurity and cryptography background led them to solve zero trust custody and interoperability.05:00 - The d wallet concept is revealed as a decentralized signing mechanism controlled jointly by user and network, requiring new cryptography breakthroughs.10:00 - Crypto's philosophical parallels to early Internet are drawn, framing scams and misuse as inevitable growing pains of transformative infrastructure.15:00 - Wallet abstraction and agent constraints are explored, comparing future seamless crypto interaction to modern WiFi versus early modem connections.20:00 - Public key cryptography's binary ownership problem is explained, leading into MPC secret shares and Fireblocks' centralized access control tradeoffs.25:00 - 2PC MPC protocol is introduced as Ika's breakthrough, enabling decentralized policy enforcement without trusting any single entity.30:00 - Decentralized governance via token staking and code as law is discussed, contrasting corporate representative governance with crypto's direct decision-making.35:00 - Futarchy prediction markets and decision trees are connected to knowledge graphs, tracing humanity's accelerating governance transition.40:00 - Automation's historical parallels are examined, arguing AI's displacement of lawyers and developers mirrors every prior technological revolution.45:00 - Bitcoin and Ethereum's uncertain futures are assessed alongside Ika's positioning in custody and interoperability infrastructure.50:00 - Zero trust interoperability is explained, revealing how bridges create dangerous honeypots that Ika eliminates through native cryptographic control.55:00 - MetaMask's limitations for agents are detailed, contrasting stored private keys against Ika's policy-enforced guardrails for agentic transactions.60:00 - HumanTech's Wallet as a Protocol is presented as a practical way to give agents spending policies while maintaining user cryptographic control.65:00 - Decentralized certificate authorities emerge as Ika's broader cybersecurity vision, eliminating single points of failure across the entire Internet.Key Insights1. Zero Trust Custody and Interoperability: David and his cofounders at DWallet Labs identified that most cryptocurrency is held by centralized custodians, which contradicts crypto's core purpose of removing third-party trust. They set out to create "zero trust custody and zero trust interoperability" — systems where users maintain cryptographic control without sacrificing usability or relying on any single entity.2. The D-Wallet Primitive: Ika is built around a new cryptographic concept called a "d-wallet" — a decentralized wallet controlled jointly by the user and a decentralized network. A signature cannot be generated without the user's participation, meaning even if all network operators are compromised, they cannot act unilaterally. This required inventing new cryptography called 2PC-MPC.3. Access Control as the Missing Layer: Traditional crypto wallets operate on binary ownership — you either have full control or none. The d-wallet model introduces programmable access control policies enforced by a decentralized network, enabling features like spending limits and whitelisted addresses without trusting a centralized company like Fireblocks.4. Bridges Are Crypto's Biggest Security Vulnerability: Interoperability across blockchains typically requires trusting a bridge, which creates a honeypot for hackers. Ika eliminates this by allowing users to natively control assets on multiple chains simultaneously, maintaining cryptographic guarantees without a trusted intermediary.5. AI Agents Need Cryptographic Guardrails: Giving AI agents control over crypto wallets like MetaMask is dangerous due to hallucination and prompt injection risks. Ika enables agents to operate within strict, code-enforced policies — they can transact autonomously but cannot exceed boundaries set by the user, combining automation with genuine security.6. Decentralized Governance as a Structural Advantage: Ika operates as a permissionless network where two-thirds of token-staking operators control the protocol's direction. Even the founding team cannot unilaterally change the network, making governance transparent and resistant to capture — a meaningful contrast to closed, corporate-controlled systems.7. Decentralized Certificate Authorities as a Future Application: Beyond crypto, David envisions d-wallets solving broader cybersecurity problems. Today's internet relies on a handful of certificate authorities whose compromise would break global web security. A decentralized certificate authority built on Ika's infrastructure would require attacking hundreds of operators simultaneously, representing a fundamental upgrade to how trust is managed across the internet.

Holonym co-founder and CEO Shady El Damaty on AI agents and crypto's builder season. Holonym co-founder and CEO Shady El Damaty joins Jenn Sanasie on Markets Outlook to explain why you should never give your AI agent a private key. Plus, the state of retail as crypto enters a "builder season" amid high uncertainties. When will the industry move on from the post-Trump liquidity drain? - Timecodes: 01:09 Macro Uncertainties 02:12 The State of Retail 05:22 From ZK Identity to Wallets 08:58 Agentic Workflows Explained 11:19 Human Friction and Compliance 12:45 AI Alignment and Key Control 16:11 Crypto Endgame Super Apps - This episode was hosted by Jennifer Sanasie.

Holonym co-founder and CEO Shady El Damaty on AI agents and crypto's builder season. Holonym co-founder and CEO Shady El Damaty joins Jenn Sanasie on Markets Outlook to explain why you should never give your AI agent a private key. Plus, the state of retail as crypto enters a "builder season" amid high uncertainties. When will the industry move on from the post-Trump liquidity drain? - Timecodes: 01:09 Macro Uncertainties 02:12 The State of Retail 05:22 From ZK Identity to Wallets 08:58 Agentic Workflows Explained 11:19 Human Friction and Compliance 12:45 AI Alignment and Key Control 16:11 Crypto Endgame Super Apps - This episode was hosted by Jennifer Sanasie.

Private Key Insights with Jay Bose dives into the ideas shaping Private Key Capital—a Bitcoin-forward credit union model built for a new financial era.The show covers Bitcoin, capital, regulation, and strategy, with a focus on how modern financial institutions can evolve beyond the legacy system.

BBC SHARES INFORMATIONhttps://www.bbccshares.com/formBITCOIN PROGRAMSCALL OR TEXT 941-413-8080ALL BITCOIN BEN'S PROGRAMShttp://bbccprograms.comJOIN THE BITCOIN BEN CRYPTO CLUBS AND WEBSITEhttps://bitcoinbencryptoclubnashville.com/clubsCLAIMING YOUR CLUB SHARES VIDEO LINKhttps://us06web.zoom.us/j/81113673520?pwd=BFyIgqBIBoOHzWHg55kpk7Bpql6NNX.1CALEB AND BROWN LINK SAVE 30% ON EVERY BUY/SELL FEEShttps://www.calebandbrown.com/affiliates/bitcoin-benPRIVATE SERVERhttps://substack.com/@bitcoinben?utm_source=profile-pageFOLD APP LINKhttps://use.foldapp.com/r/BITCOINBEN2OZLO SLEEP EARBUDShttps://refer.ozlosleep.com/mQIhHLaCALIX SOLUTIONS CRYPTO AND LIBERY LAPTOPS!!!CALL OR TEXT (702) 845-8276 OR EMAIL info@calixsolutions.io OR HITTHIS LINK TO GO DIRECTLY TO THE WEBSITEhttps://calixsolutions.io/crypto-laptops/XPATCHES EMAIL AND TELEGRAM CHANNELBitcoinBensXpatches@gmail.comhttp://t.me/BitcoinBensXpatchesSALT BITCOIN LOANhttps://borrower.saltlending.com/register?referralCode=1UzYRShbxBITCOIN BEN SWAG LINKhttps://www.miniadaydesigns.com/collections/bitcoin-bens-private-collection?_pos=2&_psq=bitcoin+ben&_ss=e&_v=1.0FOUNDERS GROUP MEMBERSHIPS WEBSITEhttps://foundersgroupworldwide.com/join/ OR Call our officeBECOME A TRADEMARK LICIENCED DEALER AT THE BITCOIN BEN SILVERCOMPANY!! GET MORE INFORMATION ON OUR TELEGRAM CHANNELhttps://t.me/BitcoinBensSilverChatGroup

BBC SHARES INFORMATIONhttps://www.bbccshares.com/formBITCOIN PROGRAMSCALL OR TEXT 941-413-8080ALL BITCOIN BEN'S PROGRAMShttp://bbccprograms.comJOIN THE BITCOIN BEN CRYPTO CLUBS AND WEBSITEhttps://bitcoinbencryptoclubnashville.com/clubsCLAIMING YOUR CLUB SHARES VIDEO LINKhttps://us06web.zoom.us/j/81113673520?pwd=BFyIgqBIBoOHzWHg55kpk7Bpql6NNX.1CALEB AND BROWN LINK SAVE 30% ON EVERY BUY/SELL FEEShttps://www.calebandbrown.com/affiliates/bitcoin-benPRIVATE SERVERhttps://substack.com/@bitcoinben?utm_source=profile-pageFOLD APP LINKhttps://use.foldapp.com/r/BITCOINBEN2OZLO SLEEP EARBUDShttps://refer.ozlosleep.com/mQIhHLaCALIX SOLUTIONS CRYPTO AND LIBERY LAPTOPS!!!CALL OR TEXT (702) 845-8276 OR EMAIL info@calixsolutions.io OR HITTHIS LINK TO GO DIRECTLY TO THE WEBSITEhttps://calixsolutions.io/crypto-laptops/XPATCHES EMAIL AND TELEGRAM CHANNELBitcoinBensXpatches@gmail.comhttp://t.me/BitcoinBensXpatchesSALT BITCOIN LOANhttps://borrower.saltlending.com/register?referralCode=1UzYRShbxBITCOIN BEN SWAG LINKhttps://www.miniadaydesigns.com/collections/bitcoin-bens-private-collection?_pos=2&_psq=bitcoin+ben&_ss=e&_v=1.0FOUNDERS GROUP MEMBERSHIPS WEBSITEhttps://foundersgroupworldwide.com/join/ OR Call our officeBECOME A TRADEMARK LICIENCED DEALER AT THE BITCOIN BEN SILVERCOMPANY!! GET MORE INFORMATION ON OUR TELEGRAM CHANNELhttps://t.me/BitcoinBensSilverChatGroup

In dieser Folge erkläre ich, warum Bitcoin ETFs zwar den Einstieg erleichtern, aber am Ende nicht die volle Freiheit bieten. Ich zeige die Unterschiede zwischen einem ETF und echtem Bitcoin im eigenen Wallet und warum Self Custody für mich das Endgame ist. Durch Relay kann ich meine Bitcoins direkt und sicher an meine eigene Wallet senden und so volle Kontrolle behalten. Meine Erfahrung zeigt: Nur wer seinen Private Key hat, besitzt wirklich Bitcoin und schützt sich langfristig vor Risiken.

Wenn man sich an die gängigen Regeln zur Passworterstellung hält, ist man eigentlich auf der wortwörtlich sicheren Seite. Doch es geht tatsächlich noch sicherer - Passkeys reduzieren nämlich Risiken, die auch Accounts mit sicheren Passwörtern immer noch angreifbar machen. In der 51. Folge von Informatik für die moderne Hausfrau geht es um Passkeys. Wir rekapitulieren zunächst, wie eigentlich das Login-Verfahren mit Benutzer*innenname und Passwort funktioniert und welche Risiken es dabei gibt. Wie genau Passkeys funktionieren, die ein Login-Verfahren ganz ohne Passwort ermöglichen, und wofür man dabei Public und Private Key benötigt, besprechen wir ebenso wie die verbleibenden Restrisiken. Mehr über Passkeys erfahrt ihr beim BSI: https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Cyber-Sicherheitsempfehlungen/Accountschutz/Passkeys/passkeys-anmelden-ohne-passwort_node.html und https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Cyber-Sicherheitsempfehlungen/Accountschutz/Passkeys/Kryptografie-hinter-Passkey/kryptografie-hinter-passkey_node.html In dieser Folge wird auf zwei weitere Folgen verwiesen: - Folge 7 - Interview: Informationssicherheit und was Expert*innen tun, um Daten zu schützen - Gast: Sandra Mahr (heute: Sandra Heger) - Folge 21 - Interview: Sichere Datenübertragung und wie autoritäre Staaten sie unterwandern (können) - Gast: Alexandra Dirksen Alle Informationen zum Podcast findet ihr auf der zugehörigen Webseite https://www.informatik-hausfrau.de. Zur Kontaktaufnahme schreibt mir gerne eine Mail an mail@informatik-hausfrau.de oder meldet euch über Social Media. Auf Instagram und Bluesky ist der Podcast unter dem Handle @informatikfrau (bzw. @informatikfrau.bsky.social) zu finden.  Wenn euch dieser Podcast gefällt, abonniert ihn doch bitte und hinterlasst eine positive Bewertung oder eine kurze Rezension, um ihm zu mehr Sichtbarkeit zu verhelfen. Rezensionen könnt ihr zum Beispiel bei Apple Podcasts schreiben oder auf panoptikum.social.  Falls ihr den Podcast werbefrei hören möchtet oder die Produktion des Podcasts finanziell unterstützen möchtet, habt ihr die Möglichkeit, dies über die Plattform Steady zu tun. Weitere Informationen dazu sind hier zu finden: https://steadyhq.com/de/informatikfrau Falls ihr mir auf anderem Wege etwas 'in den Hut werfen' möchtet, ist dies (auch ohne Registrierung) über die Plattform Ko-fi möglich: https://ko-fi.com/leaschoenberger Dieser Podcast wird gefördert durch das Kulturbüro der Stadt Dortmund.

Bryce Ferguson is the founder of Turnkey. Turnkey provides secure, flexible, scalable wallet infrastructure. Turnkey is private key management made simple. Create wallets, sign transactions, and automate onchain actions, all with one elegant API. Why you should listen Turnkey provides secure, flexible, scalable wallet infrastructure, offering developers an elegant API to create wallets, sign transactions, and automate on-chain actions. Built on non-custodial principles and leveraging Trusted Execution Environments (TEEs), Turnkey ensures that private keys remain fully under the users' control while also delivering enterprise-grade performance with low latency (around 50–100ms) and high availability (99.9% uptime). Their infrastructure supports multichain operations and is designed for scale—capable of signing millions of transactions in minutes, and able to power embedded wallets seamlessly across diverse applications in DeFi, payments, developer tooling, consumer apps, and AI agents. Turnkey is on a mission to secure the open internet by building verifiable, programmable primitives for crypto applications. The founding team brings deep expertise from their work at Coinbase Custody, and together they've amassed over 100 years of experience in cryptography, security, and low-level systems design. In June 2025, Turnkey raised a $30 million Series B round led by Bain Capital Crypto (with support from Sequoia, Lightspeed Faction, Galaxy Ventures, Wintermute, and Variant), reaffirming its vision to provide open, composable, developer-friendly infrastructure for the next generation of crypto services. Turnkey recently earned recognition as one of CNBC's World's Top Fintech Companies, underscoring its growing influence and leadership within the financial technology landscape. Supporting links Fidelity Crypto Careers  Turnkey Andy on Twitter  Brave New Coin on Twitter Brave New Coin   If you enjoyed the show please subscribe to the Crypto Conversation and give us a 5-star rating and a positive review in whatever podcast app you are using.

In this video, I share the easiest, most practical, and secure way to protect your Nostr private key.Your private key is the heart of your digital identity.If someone gets it, they co-own your digital soul!Signer apps offer a safe, convenient solution: they store your private key securely and sign events on your behalf (with your permission), without ever exposing your key to Nostr clients or websites.If you're curious about Nostr, it's a free, decentralized protocol for sharing notes and other content.(Yes, “Nostr” literally stands for "Notes and Other Stuff Transmitted over Relays".) On Nostr, you can host your own data and even start monetizing from day one using zaps, which are micropayments in Bitcoin.Follow me to learn more about Bitcoin, Nostr, and security.---00:00 - What is a Nostr Private Key?00:55 - Why Your Nostr Private Key Must Stay Secret02:02 - The Case for Using a Nostr Signer03:00 - Digital Signatures vs. Your Bank Signature04:11 - Are Hardware Signers Practical for Nostr?04:54 - How Nostr Signer Apps Keep You Safe05:52 - What's Next---

The internet changed the world forever, connecting us like never before, allowing unprecedented access to information and people worldwide.  For these reasons, it's been hijacked by criminals to infiltrate and commit heinous offences, leading to an explosion of organised crime. Dr. Dennis Desmond is a former FBI special agent and counterintelligence expert who's seen the darkest corners of the digital world. In this episode, he reveals how the sinister side of cryptocurrency and the dark web is creeping into the lives of ordinary civilians, and how one of the world's most downloaded phone apps is surveilling its users, putting them at risk of prosecution.See omnystudio.com/listener for privacy information.

The Crypto Merchant is here with the safest way to store your recovery seeds in multiple parts: introducing Cryptotag Odin. Learn more at https://www.thecryptomerchant.com/products/odin-3 The Crypto Merchant City: Daytona Beach Address: 609 South Ridgewood Avenue Website: https://www.thecryptomerchant.com/

Got yourself a new SafePal wallet but have no idea how to use it? It's more simple than you think! Follow The Crypto Merchant's 7-step guide and you'll be up and running in no time. Learn more at https://www.thecryptomerchant.com/blogs/resources/a-comprehensive-guide-to-setting-up-your-safepal-hardware-wallet The Crypto Merchant City: Daytona Beach Address: 609 South Ridgewood Avenue Website: https://www.thecryptomerchant.com/

Subscribe to the podcast You think your Bitcoin private keys are cold...but are they? Learn about Bitcoin at a trickleBitcoinTrickle.com SponsorLiberty Mugs Keep in touch with us everywhere you areJoin our Telegram groupLike us on FacebookFollow us on Twitter: @libertymugs (Rollo), @Slappy_Jones_2Check us out on Patreon Learn everything you need to know about Bitcoin in just 10 hours10HoursofBitcoin.comPodcast version

A vulnerability is discovered in certain wallets using Libbitcoin Explorer. Binance Labs invests $5 million in CRV. Rune Christensen releases details for a SparkDAO prefarm airdrop. And Synthetix Perps supports USDT. Read more: https://ether.fm/271

Supporting us is easier than ever, by typing in MONEROTALK.CRYPTO into your monero.com or Cake Wallet send address field - to send us a tip

Final -practices- in connection with private prayer, especially- consider eternity-

Brooks now begins 5 final important practices for one who would take closet prayer seriously.

Everything secret will be made known... now, or later.

God sees it all. Beware of secret sins.

Watch out for over-curiosity, concern about things that aren't fully revealed and therefore are not that important.

Watch out for laziness and majoring in minors, says Brooks.

Be sure to pray in Jesus' Name, and to expect answers to your prayers-

You know you have had communion with God when you hate the idols in your life.

Do you have real communion with God-- asks Brooks.

Two serious words of advice for those who will pray in private- be constant, seek communion with God.

Fervency in prayer-

Brooks counsels us not to trust in prayer but to trust in Christ.

Practical help in when and how to pray, and when and how NOT to pray.

Do we object to private prayer because guilt is gnawing away at us-- Are we hiding as did Adam-- Excellent response...

Not feeling good-- And that keeps you from praying-- But do you work and talk with others when you don't feel too good--

-We are too weak to pray- says one who makes excuses... Brooks handily answers that one.

Resulting from a recent ransomware attack, a private key from Intel has been exposed, affecting more than a hundred OEM components and an unknown number of end user products. We explain what happened and its possible implications.

2 objections to private prayer, answered well- 1- God knows what I need. 2- I don't have a place for private prayer.

The world-changing Visible Calculator. How not to get a job. Private keys - the hint is in the name. Microsoft's complicated bootkit patch. Taming Bluetooth trackers. Email: tips@sophos.com Twitter: https://twitter.com/nakedsecurity Original music by Edith Mudge (www.edithmudge.com)

More on the sealing of the Spirit, and a close look at -Abba, Father.-

The sealing of the Spirit defined and described.

In this episode of Phoenix Cast, hosts John and Kyle discuss GitHub exposing it's private key, the Ukraine Software Warrior Brigade and better help sharing personal user data. Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: GitHub Priv Key:  https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/ Ukraine Software Warrier Brigade: https://www.wsj.com/articles/ukraines-deadly-computer-science-brigade-russia-invasion-drone-engineer-software-wartime-weaponry-production-e0643979 Ukraine from google: https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/amp/ Better help: https://www.ftc.gov/business-guidance/blog/2023/03/ftc-says-online-counseling-service-betterhelp-pushed-people-handing-over-health-information-broke

6 Post-GPT Phases, Github's Private Key, New Assistant InterfacesBecome a Member: https://danielmiessler.com/subscribe/See omnystudio.com/listener for privacy information.

In this episode we describe an incident in which a GoDaddy breach exposed customer private keys. We explain the expectations surrounding private key exposure and get into the interesting question of when an incident is or is not part of a large company's CA business.

HERE Wallet - Mobile non-custodial wallet for NEAR Protocol with non-blocking staking. https://herewallet.app/ https://twitter.com/here_wallet CEO & Founder of HERE Wallet Petr Volnov | NEAR is HERE https://twitter.com/p_volnov Ready Layer One Podcast https://readylayeronepodcast.com/ twitter.com/ready_layer_one Joe https://twitter.com/joespano_ Jared https://twitter.com/jarednotjerry1 1:00 - 10:00 Joe discusses the mobile app for its slick and smooth design and would like to discuss more about its functionality. HERE wallet has a "share by phone number" feature and Joe is interested in understanding how it works and how it is managed. The team is building open-source tools and contributing to the development of NEAR. 10:00 - 20:00 The main feature of HERE Wallet is its staking feature, which allows for the unlocking of more features and enables users to make transfers and transactions in the background. The company has implemented a model similar to traditional banking where funds can be withdrawn with zero commission staking 90% of funds and keeping 10% for liquidity. HERE Wallet is using machine learning to predict user habits and withdrawal patterns in order to rebalance the funds. 20:00 - 30:00 This feature is highly regarded by developers and is seen as a unique aspect of the NEAR protocol that sets it apart from others. HERE Wallet is focusing on leveraging the unique technology of NEAR Protocol and making it as user-friendly and seamless as possible, with the goal of making it feel more like traditional banking, such as Apple Pay. 30:00 - end The functionality of wallets will continue to evolve, becoming more like web browsers in terms of their ease of use and the ability to explore and interact with decentralized apps (dapps). Jared discusses how wallets are an important tool for onboarding new users to the crypto and Web3 space, as they provide a simple, accessible entry point for exploring DAPPs and other decentralized features. NO FINANCIAL ADVICE– The Podcast, is provided for educational, informational, and entertainment purposes only, without any express or implied warranty of any kind, including warranties of accuracy, completeness, or fitness for any particular purpose. The information contained in or provided from or through this podcast and podcast is not intended to be and does not constitute financial advice, investment advice, trading advice, or any other advice. You should not make any decision, financial, investment, trading, or otherwise, based on any of the information presented on this website without undertaking independent due diligence and consultation with a professional broker or financial advisor. You understand that you are using any and all Information available on or through this podcast at your own risk. RISK STATEMENT– The trading of Bitcoins, and alternative cryptocurrencies has potential risks involved. Trading may not be suitable for all people. Anyone wishing to invest should seek his or her own independent financial or professional advice.

Picture of the Week.  Patch Flashback Tuesday.  Facebook is cautiously creeping toward default E2E encryption.  VNC's inherent insecurity.  The need to control domain names.  And speaking of backup: Cyotek WebCopy.  Google's Ryan Sleevi Retweeted Jens Axboe.  SandSara Update from Ed Cano.  Closing The Loop.  SpinRite.  TLS Private Key Leakage.    We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit

Picture of the Week. Patch Flashback Tuesday. Facebook is cautiously creeping toward default E2E encryption. VNC's inherent insecurity. The need to control domain names. And speaking of backup: Cyotek WebCopy. Google's Ryan Sleevi Retweeted Jens Axboe. SandSara Update from Ed Cano. Closing The Loop. SpinRite. TLS Private Key Leakage. We invite you to read our show notes at https://www.grc.com/sn/SN-884-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit

Picture of the Week.  Patch Flashback Tuesday.  Facebook is cautiously creeping toward default E2E encryption.  VNC's inherent insecurity.  The need to control domain names.  And speaking of backup: Cyotek WebCopy.  Google's Ryan Sleevi Retweeted Jens Axboe.  SandSara Update from Ed Cano.  Closing The Loop.  SpinRite.  TLS Private Key Leakage.    We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit

Picture of the Week.  Patch Flashback Tuesday.  Facebook is cautiously creeping toward default E2E encryption.  VNC's inherent insecurity.  The need to control domain names.  And speaking of backup: Cyotek WebCopy.  Google's Ryan Sleevi Retweeted Jens Axboe.  SandSara Update from Ed Cano.  Closing The Loop.  SpinRite.  TLS Private Key Leakage.    We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit

Picture of the Week.  Patch Flashback Tuesday.  Facebook is cautiously creeping toward default E2E encryption.  VNC's inherent insecurity.  The need to control domain names.  And speaking of backup: Cyotek WebCopy.  Google's Ryan Sleevi Retweeted Jens Axboe.  SandSara Update from Ed Cano.  Closing The Loop.  SpinRite.  TLS Private Key Leakage.    We invite you to read our show notes at https://www.grc.com/sn/SN-883-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit

Picture of the Week. Patch Flashback Tuesday. Facebook is cautiously creeping toward default E2E encryption. VNC's inherent insecurity. The need to control domain names. And speaking of backup: Cyotek WebCopy. Google's Ryan Sleevi Retweeted Jens Axboe. SandSara Update from Ed Cano. Closing The Loop. SpinRite. TLS Private Key Leakage. We invite you to read our show notes at https://www.grc.com/sn/SN-884-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit newrelic.com/securitynow Secureworks.com/twit