Talk Security: Google and Microsoft Face Off on Disclosure

Security reporters Brian Donohue and Chris Brook discuss security and privacy headlines from the first few weeks of the new year.

In this first of the year edition of the Talk Security podcast, Threatpost reporters Brian Donohue and Chris Brook discuss an emerging tiff over bug disclosure between tech giants Microsoft and Google, a $10 homemade USB charger that logs stroked from wireless keyboards, the Lizard Squad hacker collective and more.

LINKS FROM BRIAN AND CHRIS’S READING LIST

Blackhat the movie got the hacking right, but beyond its relative technical correctness, the movie probably isn’t worth watching.

Microsoft penned a strongly worded letter to Google earlier this month over the search giant’s decision to publish an elevation of privilege security vulnerability just days before it was set to be fixed in the January edition of patch Tuesday. Google responded by publishing another bug in a Microsoft product just days later.

The Consumer Electronics Show proved that the Internet of Things is coming and it’s going to be a data-consuming juggernaut. However, outside a brief keynote address from the head of the Federal Trade Commission, there wasn’t much discussion of security or privacy.

The hack of the year so far comes from Samy Kamkar, who built a $10 USB charger that, when plugged in, works as a keylogger, stealing and decrypting keystrokes from wireless Microsoft keyboards

In other news, Lizard Squad is toting its DDoS for hire service while one of its alleged members was arrested in England, and announces it will no longer provide patches for WebView, which will leave some 900 million devices vulnerable to attack.

*Music for this podcast is by Wild Shores and is licensed under creative commons

Tips