Subscribe for Updates!
- 14,494 eyeball pairs
- My (Steve Gibson’s) Blog v2.0 April 18, 2019
Seems like only yesterday…
- April 2019 (1)
@SGgrc TweetsLoad More...
"Ripple20 Too" Security Now! #773 Show Notes: https://bit.ly/2ZhuGBm
This week we have a bunch of web browser related news, coverage of several new pieces of legislation, some interesting tidbits, reminders, miscellany and feedback. Then we update our coverage of Ripple20.
"Ripple20" Security Now! #772 Show Notes: https://bit.ly/2BvdkJl
Edge being pushed to Win7, Google remove 106 malicious Chrome extensions, Win10 still can't print, a critical VLC vuln, Netgear's 79 vulnerable models, and a disaster in embedded TCP/IP stacks.
"Lamphone" Security Now #771 Show Notes: https://bit.ly/30V5Sl4
We look at the Brave browser's mea culpa, the unintended consequences of June's Patch Tuesday, a handful of other interesting security events, and the feasibility of eavesdropping through light bulb vibrations.
"Zoom's E2EE Debacle" Security Now #770 Show Notes: https://bit.ly/37hHiw6
We discuss new issues with DoH, IBM on facial recognition, 2 flaws in the Zoom client, a new UPnP potential nightmare, some miscellany, feedback, and then Zoom's E3EE communications mess.Alex Stamos@alexstamos
Quoting @AlexStamos after that first tweet makes the truth more clear:
Of course, if this ever changes, I'll be as disappointed as anyone. But for the time being, this appears to have been a BIG misunderstanding. :(
All users (free and paid) have their meeting content encrypted using a per-meeting AES256 key. Content is encrypted by the sending client and decrypted by receiving clients or by Zoom's connector servers to bridge into the PSTN network and other services.
Copyright, Reuse, etc.
Feel free to copy/paste anything here anywhere else. Attribution would be appreciated.