DtR Security Newscast: Heartbleed, hackers, passwords, and more
Listen to the latest episode of the Down the Rabbithole (DtR) Security Newscast with Raf Los (@Wh1t3Rabbit) and James Jardine (@JardineSoftware). We record the DtR Newscast every other Monday to engage in spirited discussion about security topics in the news. More than a run-down of the news, it’s our unfiltered (but safe for work) discussion of top stories. We usually inject some passion and and some divergent thinking to fuel your week.
This week, we covered:
- Heartbleed: as we deal with the crush of coverage, we focus on how people are doing with their notices (hint: not well), and what needs to be done. We cover some of the ideas outlined in my piece for CSO. If you haven’t read it yet, it now makes for a good checklist of next steps, or perhaps something to share with the companies not inspiring confidence in their messages to you. How you need to respond to Heartbleed, and how you can explain it to others
- Weev is free: the polarizing figure is out of jail; whether you like him or not, it brings up a bigger issue we have to tackle, soon.
- The $30,000 ‘sting’ to get back a website: an interesting tale of how a woman almost lost her website and what she had to do to get it back. Ignore her advice, and listen to our take on the situation, and why we think it’s valuable for others, too.
- FTC versus Wyndham: well, the judge ruled that the FTC civil case can proceed against Wyndham; find out why I think this is not only bad, it’s a bad precedent. More so given our bias toward breach prevention (which we need to stop).
- Data Breach Roundup: more of the usual roundup; check the show notes for specific links.
I also shared some passion around communication and insights on passwords. Raf joked it was a rant. You listen and let me know.
- DtR Security Newscast show notes (official) here: http://podcast.wh1t3rabbit.net/dtr-episode-89-newscast-for-april-21st-2014
- Direct link to the MP3 here: http://traffic.libsyn.com/ftwr/DtR_Episode_89_-_NewsCast_for_April_21st_2014.mp3
Consider this the invitation for discussion. Keep it going here, on Twitter (I’m @catalyst) or whatever social media works best for you (see the bar to the right with all the relevant links). If you have a topic you want us to discuss on the next DtR Security Newscast, drop us a line.