logo
episode-header-image
Sep 2023
58m 35s

Cruel Summer: hybrid signatures, Downfal...

Deirdre Connolly, Thomas Ptacek, David Adrian
About this episode

We're back from our summer vacation! We're covering a bunch of stuff we saw and did:

Transcript: 
https://securitycryptographywhatever.com/2023/09/13/cruel-summer/

Links:
- Zenbleed: https://lock.cmpxchg8b.com/zenbleed.html
- Downfall: https://downfall.page
- Post-quantum Yubikeys: https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html


"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Up next
Aug 16
Alex Gaynor
We chat with friend of the pod and special guest Alex Gaynor, former deputy chief technologist at the FTC and all around good Security Person™. Join for nerdery about WebAuthn, stay for accidentally melting down GitHub APIs around November 2020! Watch on YouTube: https://www.yout ... Show More
1h 25m
Jul 29
Vegas, Baby!
We’re throwing a party in Vegas! Someone called it SCWPodCon last year, and the name stuck. It’s sponsored by Teleport, the infrastructure identity company. Get SSO for SSH! If Thomas was here, I’m sure he’d tell you that Fly.io uses Teleport internally. Oh also there's some thin ... Show More
1 h
May 19
E2EE Storage Done Right with Matilda Backendal Jonas Hofmann and Kien Tuong Truong
It seems like everyone that tries to deploy end-to-end encrypted cloudstorage seems to mess it up, often in new and creative ways. Our specialguests Matilda Backendal, Jonas Hofmann, and Kien Tuong Truong give us a tour through the breakage and discuss a new formal model of how t ... Show More
1h 2m
Recommended Episodes
Aug 2023
Quantum computing: A threat to asymmetric encryption.
Rick Howard, the CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the meaning of quantum computing through a cybersecurity perspective with CyberWire Hash Table guests Dr. Georgiana Shea, Chief Technologist at the Foundation for Defense of Democracies, and Jonathan F ... Show More
17m 33s
Sep 2020
Episode 1: Post-Quantum TLS With KEMs Instead of Signatures!
TLS 1.3 has been widely praised as a major upgrade to the Transport Layer Security protocol responsible for securing the majority of Web traffic. But one area in which TLS 1.3 seems to be lacking is its potential for resistance to attacks that utilize quantum computing – computer ... Show More
35m 43s
Jan 2023
Episode 2: Exploit Writing & Automation / Do you need to know how to program to hack?
Episode 2: In this episode of Critical Thinking - Bug Bounty Podcast we talk about exploit writing/automation, some new tools released in the industry (Of-CORS), the age old question of "Do you have to know how to program to hack?", a walk-through of some very impactful bug bount ... Show More
1h 14m
Jul 2016
Daily & Week in Review: Classified info--goose sauce, gander sauce. Security industry buoyed by Avast, AVG.
In today’s podcast, we talk through the ramifications of Android encryption issues. Experts consider the implications of D-Link vulnerabilities for IoT security. The Wendy’s paycard breach has gotten much bigger. Familiar exploits circulate in the wild, and Mac backdoors make a c ... Show More
21m 34s
Mar 2021
S15:E6 - What is cryptography and how to get into it (Marcus Carey)
In this episode, we talk about cryptography with Marcus Carey, enterprise architect at ReliaQuest. Marcus talks about going to the military and learning cryptography, what cryptography is, and the foundational things you need to know in order to make sure the apps you’re building ... Show More
35m 36s
Mar 2023
SN 912: The NSA @ Home - LastPass hack details, Signal says no to UK, more PyPI troubles, QNAP bug bounty
Picture of the Week. Windows 11? ... anyone? As Plain as Ever. Edge's new built-in VPN? LastPass Incident Update. Signal says NO to the UK. More PyPI troubles. The QNAP bug bounty program. SpinRite. The NSA @ Home. Show Notes: https://www.grc.com/sn/SN-912-Notes.pdf   Hosts: Stev ... Show More
1h 44m
Aug 2023
Episode 32: The Great Write-up Low-down
Episode 32: In this episode of Critical Thinking - Bug Bounty Podcast, Joel caught a nasty bug (no, not that kind) so Justin is flying solo, and catches us up to speed on what's been happening in hacking news.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing ... Show More
1h 1m
Apr 2023
SN 918: A Dangerous Interpretation - H26FORGE, Privatized ChatGPT, Mozilla Site Breach Monitor
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right t ... Show More
2h 4m
Mar 2023
Episode 13: How to Find a Good BBP + Acropalypse + ZDI
Episode 13: In this episode of Critical Thinking - Bug Bounty Podcast we talk about how to determine if a bug bounty program is good or not from the policy page. We also cover some news including Acropalypse, ZDI's Pwn2Own Competition, Node's Request library's SSRF Bypass, and a ... Show More
1h 16m
May 2022
Cyberguerres : les secrets de ces conflits invisibles [Hors-série Techup]
Les conflits se développent dans le cyberespace, mais qu'est-ce que ça veut dire ? Quels sont les enjeux ? On fait le point avec Laurent Celerier (VP Orange Cyberdéfense) et Baptsite Robert (Hacker éthique, expert en cybersécurité).Extrait du hors-série "Techup", en partenariat a ... Show More
26m 47s
Listen to millions of songs and podcasts on Anghami