Duck talks security on Risky Business

Filed Under: Adobe, Featured, Google, Law & order, Oracle, Podcast, Vulnerability

Paul DucklinNaked Security's Paul Ducklin (known throughout the infosec community as just "Duck") is the feature interview on this week's Risky Business podcast.

Duck discusses with show host Patrick Gray a handful of the week's top security stories, including:

  • Oracle's patching schedule,
  • Sony being found not liable in a lawsuit claiming they took insufficient care protecting the data of millions of people in the PlayStation Network hack of last year,
  • and how mathematician Zachary Harris stumbled across how companies including Google were using a weak encryption key for their DomainKeys Identified Mail (DKIM) verifier. Zachary had fun spoofing an email to Google CEO Larry Page from fellow founder Sergey Brin to prove his point.

Duck's segment on the show begins at 21m:30s into the podcast - between the headlines and an interview with Adobe security chief Brad Arkin discussing how hackers compromised Adobe's servers and managed to create malicious files signed with Adobe's digital signature.

Listen to the podcast now, either by visiting the Risky Business website or through the embedded audio player below.


Risky Business is a great weekly listen, and I would recommend it for anyone with an interest in computer security.

, , , , , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.