Archive for Adobe

Data Security Podcast Episode 79, Nov 16 2009

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Podcast, Vulnerabilities with tags , , , , , , , , , , on November 16, 2009 by datasecurityblog

30 minutes every week on data security, privacy, and the law…..(plus or minus ten)

On this week’s program:

* The odds of unknowingly logging onto an ‘evil twin’ of your online banking site is increasing due to new broadband hazards.

* A revised Google Book Settlement was submitted to the courts . It doesn’t address privacy at all.

* Our take on this week’s news.

–> Stream This Week’s Show with our Built-In Flash Player:

–> Scroll down to see links and show notes for this week’s show

–> Stream, subscribe or download Episode 79 – Listen or subscribe to the feed to automatically get the latest episode sent to you to your Google, Yahoo, iTunes, or other popular sites.

–>Tune into the show directly on iTunes, you can also subscribe to the program on iTunes.

–> A simple way to listen to the show from with stricter firewalls: Listen from Odeo. This site works better if you are behind a more restrictive enterprise firewall.

Please visit our sponsors, and be sure to let them know you heard about them on The Data Security Podcast:

  • Vipre Anti-Virus, the complete Antimalware solution by Sunbelt Software. If you TRY the enterprise version, you get the home version for FREE! Go to: .
  • GamaSec Web App Scans: Spots cyber-hazards on your web site, and has advanced zero-day protection. GET YOUR FREE BASIC WEB APP SCAN, plus a special offer just for listeners to The Data Security Podcast. Go here to sign up, and add the offer code: Podcast.
  • SonicWall;  Get the super fast UTM firewall that’s rated Five Stars (the Best rating) by Secure Computing MagazineData Clone Labs is the premier SonicWall Medallion Partner for all your security needs.
  • DeviceLock; Software that controls, manages and helps encrypt USB drives and other removable media. Get a free trial on their site, and be sure to let them know you heard about them on The Data Security Podcast.

Show Notes for Episode 79 of the Data Security Podcast

* Program note about this week’s Conversation:  Ira will have an extended, technical conversation with Pedro Bustamante, Senior Security Researcher with PandaSecurity.  Ira and Pedro will discuss web drive-by downloads and other security issues in a special interview segment that will appear in a separate posting later this week. You can listen to the segment by streaming on this site, on iTunes, or other RSS feeds you use to listen to the Data Security Podcast.

* Tales From The Dark Web: What if you typed in your bank’s web address, but unknown to you, you were taken to an evil twin of your bank, controlled by cyber criminals? Well, the odds of that happening is increasing, due to Domain Name System (DNS)  issues in a significant number of broadband modems and routers.  Many other attacks can use these DNS flaws. Hat tip to the coverage by Robert McMillan of the IDG News Service.

* From Our Take on The News:  Airport security in Saint Louis hassled one guy for half an hour, because he was carrying $4,700 in a cash box, which he placed on the x-ray conveyor belt and subjected to TSA scrutiny, as is required for all carry-on cargo. The money was connected with his (legal) job with Campaign for Liberty. The guy recorded the abusive inquisition on his iPhone. The ACLU sued the TSA. Now the airport security rules have changed. Read the coverage in The Washington Times.

* From Our Take on The News:  A flaw in Adobe Flash has a huge impact on web usage, especially those businesses that use Google Gmail/Google Apps/PHP Discussions, and sites the scores of sites that allow the upload of information to the site.  Mike Bailey, an expert on web application security, has an excellent infosec write up at the Foreground Security blog.  Faster read in Computerworld.

*  From The Wrap:  Revised Google Book Settlement was submitted to the court late Friday night. It doesn’t address privacy at all, even after EFF and other parties submitted a legal brief outlining legitimate fears that Google can track, and is likely to share individual book search information with law enforcement and anyone else who issues a subpoena. Google will retain book-search details, right down to page number and how long you lingered there, for every book you search. Read this account of the revised settlement.