Duck talks security on Risky Business

Duck talks security on Risky Business

Paul DucklinNaked Security’s Paul Ducklin (known throughout the infosec community as just “Duck”) is the feature interview on this week’s Risky Business podcast.

Duck discusses with show host Patrick Gray a handful of the week’s top security stories, including:

  • Oracle’s patching schedule,
  • Sony being found not liable in a lawsuit claiming they took insufficient care protecting the data of millions of people in the PlayStation Network hack of last year,
  • and how mathematician Zachary Harris stumbled across how companies including Google were using a weak encryption key for their DomainKeys Identified Mail (DKIM) verifier. Zachary had fun spoofing an email to Google CEO Larry Page from fellow founder Sergey Brin to prove his point.

Duck’s segment on the show begins at 21m:30s into the podcast – between the headlines and an interview with Adobe security chief Brad Arkin discussing how hackers compromised Adobe’s servers and managed to create malicious files signed with Adobe’s digital signature.

Listen to the podcast now, either by visiting the Risky Business website or through the embedded audio player below.

Risky Business is a great weekly listen, and I would recommend it for anyone with an interest in computer security.