Episode #109 of our popular Chet Chat podcast series is out.
If this is your first time listening to the Chet Chat: episodes come out every two weeks, and usually last about a quarter of an hour.
That makes the Chet Chat podcast ideal for your daily commute or for a spot of lunchtime listening.
(20 May 2013, duration 15'23", size 9.3 MBytes)
Chet Chat episode 109 shownotes:
Duck wrote about a video of a chap in London whose laptop was stolen in under a second, live on CCTV.
Was he using full-disk encryption? Both Chet and Duck sincerely hope so.
Duck poses the question, "Does the modern-day fence [handler of stolen goods] treat the data as valuable as well as the laptop?" Chester advises us to assume that the answer is, "Yes!"
Chet and Duck discuss the recent casher crew busts in New York, and talk about how people end up as money mules [processors of cash payments] for cybercrooks.
Chester suggests that the prison sentences dished out to Lulzseccers in the UK were probably long enough to satisfy people who thought the UK was a bit soft on cybercrime, but not so long as to be unreasonable.
Chester points out that MS fixed not only its PWN2OWN hole that was discovered a couple of months back, but also the "Dept of Labor" zero-day from just ten days before the update. He thinks that is pretty swift.
Duck agrees, admitting, "These are not words that naturally come billowing out of my mouth, but, 'Well done, Microsoft!'"
Chet reels off a list of recent breach-ees, of which name.com is a recent example. At least they only lost password hashes.
Duck remarks on the addition of another newspea kword to go with Advanced Persistent Threat: AoC. "Abundance of caution."
He argues that that's better than complete denial, but worries that it might mean the cure ends up worse than the disease.
Chet and Duck sign off by inviting you to enter for a prize in the latest #sophospuzzle, now live on nakedsecurity.sophos.com