Open post
Security Bits Logo

Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre

Security Bits – 5 Jan 2018

Security Medium 1 — Password Managers as Trackers

Security researchers have found that less-reputable tracking firms have deployed JavaScript which uses invisible forms to trick password managers into entering information which can then be used as a kind of super-cookie that users cannot delete, and hence, track them around the web.

This problem affects all features that auto-fill usernames and passwords, whether or not they are native to the browser, or, provided by third-party plugins, so this affects everyone who saves passwords in their browser in any way.

Continue reading “Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre”

Open post
Vimmy Logo

Tiny Tip – Vimmy & Oh Sh-t Git! By Caleb Fong

Caleb FongThe review below is from Caleb Fong, aka @GeekoSupremo on Twitter. Caleb is a long time NosillaCastaway who is also following along with Programming By Stealth. His review is pretty geeky (goes well with his Twitter handle) so I thought it might help to explain a couple of terms he uses.
He’ll use the term *nix which is a term that means any UNIX-like system. *nix can mean any kind of linux, or even macOS since it’s based on FreeBSD which is a descendent of UNIX.

He also talks about Vim. Vim is a text editor in *nix operating systems. It’s a descendent of the original Vi, and in fact, the name stands for Vi IMproved.

Continue reading “Tiny Tip – Vimmy & Oh Sh-t Git! By Caleb Fong”

Open post

Google Chromebook Pixel – by George from Tulsa

Asus Flip with thought bubble saying I am not a PixelbookHi, this is George from Tulsa sending some virtual help to Steve and Allison as they move Steve’s parents. I’m sure they’d rather I flew to California and helped Steve carry the Steinway, but what they get is this small part of a podcast Allison doesn’t have to build herself.

Find yourself the geek for work, family, and friends? I can’t count how many times I’ve been called on to clean malware from Windows computers. A couple of years ago I threw in the towel, wiped the last version of Windows I owned, and told everyone I hadn’t persuaded to move to Mac I no longer did Windows.

Of course, not everyone I know can afford a Mac, so the folks I couldn’t persuade to buy a Mac, or who wouldn’t maintain theirs and started calling me for Mac clean up, I’ve been recommending get Chromebooks. Heck, they’re cheap enough I’ve given them to friends and family I cut off from my free Windows Support Service. Gave one to a sister-in-law two weeks ago.

Continue reading “Google Chromebook Pixel – by George from Tulsa”

Open post
Security Bits Logo

Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips

Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits

A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.

What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.

Continue reading “Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips”

Coming Soon – New IRC Server for the Live Show

Irc chat logoDonald Burr is a wonderful human being; he’s what Steve calls “good people”. Out of plain old the goodness of his heart, he has been letting me mooch off of his server for the IRC chat we enjoy during the live show. I love that I get this free ride, but when something goes wrong, I have no way of fixing it myself and we have to bother Donald. If he’s not just sitting by his computer at 5pm on a Sunday night with nothing better to do, then we’re kind of stuck.

Whenever there’s an Apple announcement, the NosillaCastaways gather in the live chat room (even though I don’t broadcast during them). When we all trouped into the chat room this week, Donald’s IRC server’s voicebot had stopped functioning. That meant Steve, as the only admin other than Donald, had to give each person voice as they came in. Even I couldn’t chat without his permission, and you can just guess how well that went off. Then towards the end of the announcement, the server simply threw all of us out of the chat room.

So, I’ve decided it’s time to stop mooching off of him and create my own IRC chat server. All this Taming the Terminal stuff has really emboldened me to take on bigger and bigger challenges. I mean, how hard could this be, right? Continue reading “Coming Soon – New IRC Server for the Live Show”

NC #551 Amazon Prime Now Miracle, Asus Chromebook Flip, Dell’s Certificate Fiasco

This week was Thanksgiving in the US so I’m going to start out by telling you a story I call “A Thanksgiving Day Miracle”. After that, George from Tulsa joins us to give a review of the Asus Chromebook Flip. He mentions this in his review, but I specifically asked for help this week because I was hanging out with my family instead of working on the podcast most of the week. I also urged George to go long, so he included a bunch of other awesome information. It’s in the style only George can deliver of course. I was going to give you my impressions of the iPad Pro after a few weeks of use (after the gushing had worn off) but I think I’ll hold off on that for a week because Bart joined me in an out of band Security Lite episode to talk about the Dell certificate fiasco. It’s really interesting and really important that we get the knowledge out there about what happened, who should be worried, how worried they should be and most importantly to hear how to fix this very serious problem.


itunes
mp3 download

Continue reading “NC #551 Amazon Prime Now Miracle, Asus Chromebook Flip, Dell’s Certificate Fiasco”

Scroll to top