Skip to content
Naked Security Naked Security

Bye-bye IE, IoT security, Blackberry crypto and botched ransomware [Chet Chat Podcast 227]

Michael Argast and Chester Wisniewski chat about the latest security news covering patch Tuesday, insecure security systems, IoT,, encryption done right and criminals gone wrong.
Written by
Naked Security Chester Wisniewski chet chat Internet Explorer IoT Lets Encrypt Linux Michael Argast Netherlands Ransomware sophos security chet chat sscc

Sophos Security Chet Chat – Episode 227 – Jan 13, 2016

After a long hiatus, Michael Argast returned as my guest to share his thoughts with our listeners. Michael is the Director of Security Solutions at Canadian telecommunications provider Telus.

LISTEN NOW

(Audio player above not working? Download MP3 or listen on Soundcloud.)

IN THIS EPISODE

Bye-bye Internet Explorer 8, 9 and 10! Michael and I discuss the challenges businesses face with the retirement of legacy IE browsers.

We touched briefly on the fail open nature of Comcast’s home alarm systems and the potential impacts of more companies providing home security “IoT” type alarm systems.

Interested in better securing IoT devices? Stop by our booth N3101 at RSA 2016 where I will be discussing strategies for securing everything from light bulbs to Smart TVs.

The Netherlands has publicly announced their support for strong encryption, yet as Michael and I discuss they seem to have found a way to access Blackberry PGP messages.

Sadly, abuse of the free TLS certificates from the Let’s Encrypt project has already begun. Michael and I ponder whether they can really police something intent on being simple and automated.

Lastly, we remind everyone that encryption can be hard to get right. Paul Ducklin wrote about ransomware on Linux in November and it turns out this malware had flaws in the way it encrypts files. There have been several amusing tweets giving tips to the hackers, but we prefer it when they can’t get it right.

If you enjoy the podcast, please share it with other people interested in security and privacy and give us a vote on iTunes and other podcasting directories.

Get this and other Sophos podcasts

Listen and rate via iTunes... Sophos podcasts on Soundcloud... RSS feed of Sophos podcasts...

About the Author

Chester Wisniewski is Director, Global Field CTO at next-generation security leader Sophos. With more than 25 years of security experience, his interest in security and privacy first peaked while learning to hack from bulletin board text files in the 1980s, and has since been a lifelong pursuit. 

Chester works with Sophos X-Ops researchers around the world to understand the latest trends, research and criminal behaviors. This perspective helps advance the industry's understanding of evolving threats, attacker behaviors and effective security defenses. Having worked in product management and sales engineering roles earlier in his career, this knowledge enables him to help organizations design enterprise-scale defense strategies and consult on security planning with some of the largest global brands.

Based in Vancouver, Chester regularly speaks at industry events, including RSA Conference, Virus Bulletin, Security BSides (Vancouver, London, Wales, Perth, Austin, Detroit, Los Angeles, Boston, and Calgary) and others. He’s widely recognized as one of the industry’s top security researchers and is regularly consulted by press, appearing on BBC News, ABC, NBC, Bloomberg, Washington Post, CBC, NPR, and more.

When not busy fighting cybercrime, Chester spends his free time cooking, cycling, and mentoring new entrants to the security field through his volunteer work with InfoSec BC. Chester is available on Mastodon (securitycafe.ca/@chetwisniewski).

For press inquiries, email chesterw [AT] sophos [.] com.

Read Similar Articles

1 Comment

Great Chet Chat! On my work network I leave access to IE, Firefox, and Chrome, and without my suggestion 90% of staff do not use IE, ever. I also just gave a class on IoT which has voluntary attendance but was very well attended (I used Chet Chat 225[?] as one of my references). You’re absolutely right about the state of IoT, all kinds of non tech companies want to have an IoT product, whether they know about tech or not. I found a slow cooker, a coffee maker, a stove, and of course door locks. The class found the Amazon Dash Button “interesting,” at least Amazon knows about technology; although I was surprised to see the number of websites about hacking the button.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?