Sophos Security Chet Chat – Episode 139 – March 20, 2014
News, opinion, advice and research!
Here’s our latest security podcast, featuring Sophos experts and Naked Security writers Chester Wisniewski and Paul Ducklin.
(Audio player above not working for you? Download to listen offline, or listen on Soundcloud.)
Stories covered in Chet Chat Episode 139
- PWN2OWN Day One – Reader, IE, Flash and Firefox felled, Java left standing
- PWN2OWN Day Two – Chrome and Safari join the losers
- Firefox 28.0 takes on the PWN2OWN attacks already
- Target missed multiple warnings that credit card data breach was underway
- Security Essentials: What is PCI DSS?
- Sophos Techknow – The End of XP [PODCAST]
- Anatomy of a Bitcoin phish – don’t be too quick before you click!
- Advice on getting the most from Windows XP, courtesy of the Google Play Store
Get this and other Sophos podcasts
![]() |
![]() |
![]() |
Hi Paul & Chet:
I am a new listener, finding you from references to the Naked Security in a segment titled Security Lite on the Nosillacast podcast. A thought on your discussion about getting caught by mindlessly clicking on a “valid looking” link in an email and accidentally signing into a fraudulent site. I log into all websites via the 1Password browser extension for Chrome and Safari. Thinking about your discussion, in addition to having independent/complex passwords, another benefit of using these password managers is that the browser extensions can serve as a nice safety net for phishing emails. If I were to get one of these and unthinkingly click on the link and need to sign in – my browser extension would not associate the current URL with one of my log in items. Hopefully that clue would wake me from my stupor !!
Keep the great shows coming.
-mike p.
Indeed, software that ties your login to a specific site by URL is very likely to protect you. It will also protect you from typosquatting mistakes, where you enter a URL that’s nearly but not quite right, only to find the crooks are hovering:
http://nakedsecurity.sophos.com/typosquatting/