Bye-bye IE, IoT security, Blackberry crypto and botched ransomware [Chet Chat Podcast 227]

Sophos Security Chet Chat – Episode 227 – Jan 13, 2016

After a long hiatus, Michael Argast returned as my guest to share his thoughts with our listeners. Michael is the Director of Security Solutions at Canadian telecommunications provider Telus.


(Audio player above not working? Download MP3 or listen on Soundcloud.)


Bye-bye Internet Explorer 8, 9 and 10! Michael and I discuss the challenges businesses face with the retirement of legacy IE browsers.

We touched briefly on the fail open nature of Comcast’s home alarm systems and the potential impacts of more companies providing home security “IoT” type alarm systems.

Interested in better securing IoT devices? Stop by our booth N3101 at RSA 2016 where I will be discussing strategies for securing everything from light bulbs to Smart TVs.

The Netherlands has publicly announced their support for strong encryption, yet as Michael and I discuss they seem to have found a way to access Blackberry PGP messages.

Sadly, abuse of the free TLS certificates from the Let’s Encrypt project has already begun. Michael and I ponder whether they can really police something intent on being simple and automated.

Lastly, we remind everyone that encryption can be hard to get right. Paul Ducklin wrote about ransomware on Linux in November and it turns out this malware had flaws in the way it encrypts files. There have been several amusing tweets giving tips to the hackers, but we prefer it when they can’t get it right.

If you enjoy the podcast, please share it with other people interested in security and privacy and give us a vote on iTunes and other podcasting directories.

Get this and other Sophos podcasts

Listen and rate via iTunes... Sophos podcasts on Soundcloud... RSS feed of Sophos podcasts...