This week, Chester Wisniewski discusses the interesting and important stories of the week with Paul Ducklin, Head of Technology, Asia Pacific, at Sophos.
Chet and Duck talk about:
* co-operating to fight hi-tech crime;
* tackling the Kelihos botnet;
* taking on zombified home users to fight bots at source in the USA;
* weighing up the risks of the new, low-cost Amazon Silk tablet;
* and understanding the BEAST.
If you haven’t been following security news lately, the BEAST is a recently released proof-of-concept toolkit which can extract encrypted data from SSL3/TLS1 sessions.
The vulnerability it uses was addressed with an update to the TLS standards five years ago; Chet and Duck discuss some of the reasons why we’re still stuck in the TLS 1.0 mud.
(30 September 2011, duration 16:23 minutes, size 15.7 MBytes)
Don’t want to listen online? Download the podcast for later: