(get it in RSS or Atom)

SSCC 163 - So THAT'S why you can't erase Flash RAM properly [PODCAST]

Here's this week's Sophos Security Chet Chat.

Our regular security podcast that turns news into useful advice...

Chip-and-PIN should be "Chip-and-Skim," say Cambridge card-cloners


Back in 2011, cryptographers at the University of Cambridge were approached by a man whose bank refused to refund a series of disputed transactions.

So they set out to answer the question, "Is it reasonable to assume the infallibility of Chip-and-PIN transactions?"

OpenSSL bug, DDoS bust, Snapchat SNAFU and a free Threatsaurus - 60 Sec Security [VIDEO]


Can a bug ever be good? What's the prison sentence for DDoS criminality? How well does Snapchat protect your data? What's a Threatsaurus, and why do you want one?

Watch and find out!

The OpenSSL software bug that saves you from surveillance!


Bugs in pseudorandom number generators are usually cause for concern, at least in cryptographic circles.

But this story is different.

It's the curious case of the OpenSSL randomness bug with a happy ending!

Drupal security update fixes a laundry list of problems, including "predictable random numbers"


The Debian Linux security team recently pushed out a wry security advisory for popular web CMS Drupal.

In amongst the laundry list of fixes was a common modern malady - non-cryptographic random numbers used cryptographically...

Android randomness, Sniffer dustbins, Unpatch Wednesday, ATM skimming - 60 Sec Security [VIDEO]


How does a bug in Android put your Bitcoins at risk? Why did the City of London bin its bins? What was Unpatch Wednesday? What to do with a 3D printer after you've made your own gun?

Find out in 60 seconds!

SSCC 114 - Bitcoins and randomness, OpenX and trust, Email and privacy [PODCAST]


News, opinion, advice and research!

Chet and Duck bring you their unique and entertaining combination of all four in their regular quarter-hour podcast.

Android random number flaw implicated in Bitcoin thefts


Bitcoin is in the news again.

Seems that a random number problem on the Android platform is letting crooks get away with cryptographic fraud to make off with other people's BTCs...

Monday review - the hot 15 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with this handy weekly roundup.

Android security fail, Cryptocat tartan, Nintendo crack - 60 Sec Security [VIDEO]


Are cryptographic holes the new buffer overflows?

Take a look at this week's 60 Second Security video and let us know what you think!

Anatomy of a pseudorandom number generator - visualising Cryptocat's buggy PRNG


Paul Ducklin digs into one of the cryptographic flaws recently found in Cryptocat, a secure messaging application.

Don't worry if you aren't a statistician or a computer scientist...Duck doesn't get very mathematical, and has produced some very groovy images!

Anatomy of a bug - misplaced parenthesis threatens NetBSD's random numbers


NetBSD recently patched a programming bug in its kernel that affected the sanctity of the operating system's random numbers.

One lousy parenthesis misplaced by just two characters...

Researchers take another crack at SSL

Researchers take another crack at SSL

Just how unique is is your private key?

Is there a chance that someone else, without any malice aforethought, might unexpectedly end up with a key pair that is identical or at least dangerously similar to yours?