Chet and Duck dig into the good and bad of the week's news, from the amusing "Happy Hour Virus", through Twitter's implementation of forward secrecy, to LG's data-grabbing TVs and the company's unamusingly casual attitude...
A whole lot has been talked, over the past week, about BREACH, a newly-documented attack against HTTPS.
Paul Ducklin digs into the theory, shows how it works in practice, and suggests how to soften the blow...
It's that time of the week again - here's your roundup of everything we wrote in the last seven days.
Cryptographers have once again put SSL/TLS (that's the padlock in HTTPS) in their gunsights and opened fire.
This time, they've done some severe damage.
Paul Ducklin takes a detailed look...
Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet?
Here's the latest Naked Security podcast, Sophos Security Chet Chat 102, discussing a range of recent and newsworthy topics from the world of computer security.
The security of web transactions is again in the spotlight as a pair of UK cryptographers take aim at TLS.
Like 2011's much-talked-about BEAST attack, it has a groovy name: Lucky Thirteen.
Just how unique is is your private key?
Is there a chance that someone else, without any malice aforethought, might unexpectedly end up with a key pair that is identical or at least dangerously similar to yours?
SSCC 74 - fighting hi-tech crime, Kelihos botnet, iCode for USA, Amazon Silk tablet, Mac malware and the BEAST
This week, Chet and Paul Ducklin discuss the interesting and important topics of the past week: fighting hi-tech crime, tackling the Kelihos botnet, taking on zombified home users, examining the risks of Amazon's new Silk tablet, and understanding the BEAST!
A pair of researchers have unveiled a serious new attack on web browser security.
The ability to crack encrypted web traffic removes the safety net that protects you when you're doing sensitive online tasks like banking or using credit cards.