Podcast (all): Download (Duration: 30:25 — 24.7MB)

Insecure SSH implementations and a weak key that let a researcher control 200 MW of electrical capacity reignites the debate about versioned protocols vs pluggable protocols, follow-up on sharing files from your LAN with people on the Internet, and the pros and cons of encrypted backups.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News/discussion

Researchers find insecure SSH implementations everywhere

512-bit RSA key in home energy system gives control of “virtual power plant”

Feedback

Syncthing

Resilio

Send

OnionShare

Warp

Immich

Free consulting

We were asked about the pros and cons of encrypted backups.

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

Podcast (all): Download (Duration: 30:10 — 24.5MB)

Forcing Windows to undo updates and a separate IPv6 vulnerability, hardware bugs in AMD and Intel CPUs, and using Samba on Linux with Active Directory.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News

Your victim’s Windows PC fully patched? Just force undo its updates and exploit away

CVE-2024-38063 – Security Update Guide – Microsoft – Windows TCP/IP Remote Code Execution Vulnerability

Almost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips

SMM LOCK BYPASS

Intel’s crashing 13th and 14th Gen Raptor Lake CPUs: all the news and updates

Free Consulting

We were asked about using Samba on Linux with Active Directory.

map acl inherit = yes
acl_xattr:ignore system acls = yes
acl_xattr:default acl style = windows

Setting up a Share Using Windows ACLs

Automox

Check out the brand new Autonomous IT podcast. Listen in as a variety of experts in the IT Operations space discuss the latest Patch Tuesday releases, mitigation tips, and custom automations to help with CVE remediations. Listen now on Spotify, Apple, or wherever you get your podcasts.

Podcast (all): Download (Duration: 29:55 — 24.3MB)

Secure boot is compromised on hundreds of devices, Amazon’s desperate attempt to make money from Alexa, and how to decide which open source software on GitHub to trust.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News/discussion

Secure Boot is completely broken on 200+ models from 5 big device makers

old and related

Amazon’s paid Alexa is coming to fill a $25 billion hole dug by Echo devices

Alexa had “no profit timeline,” cost Amazon $25 billion in 4 years

Free consulting

We were asked about how to decide which open source software on GitHub to trust.

1Password

Extended Access Management: Secure every sign-in for every app on every device. Support the show and check it out at 1password.com/25a

Podcast (all): Download (Duration: 30:36 — 24.8MB)

How and why the recent huge Windows outage was caused by a bad CrowdStrike update and how it could have been avoided, a hilariously dumb ESXi vulnerability, and using SAS drives with a PCIe card.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News

A closer look at what caused the CrowdStrike Windows crashes

Ransomware gangs are loving this dumb but deadly ESXi flaw

Jake Williams on Twitter

Free Consulting

We were asked about using SAS drives with a PCIe card.

Podcast (all): Download (Duration: 29:28 — 23.9MB)

Linux kernel developers were infected with malware for 2 years, another nail in the coffin of proper federated email as Exchange Server moves to a subscription model, followup on zfsbootmenu and IPv6, and learning unfamiliar topics.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News/discussion

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

Exchange Server SE to debut just before 2019 support ends

Newbie struggling with zfsbootmenu