SN 940: When Hashes Collide - Secure-wipe best practices, browser identity segregation, bye bye Twitter (X)
Security Now (Audio)
Leo Laporte
4.6 • 2.1K Ratings
🗓️ 19 September 2023
⏱️ 126 minutes
🧾️ Download transcript
Summary
- Last week's news about evidence of LastPass vault decryption targeting cryptocurrency keys, and the UK's backing down on its encryption monitoring legislation.
- How hardware security modules (HSMs) allow cryptographic operations like code signing without exposing private keys.
- Browser identity segregation using multiple profiles rather than separate browsers.
- Requirements and best practices for securely wiping data from modern solid state drives.
- A countdown clock for the 32-bit UNIX time rollover in the year 2038.
- Steve's plan to move off Twitter and onto email lists for Security Now communication.
- A deep dive into cryptographic hash collisions, using fewer hash bits, and balancing anonymity with statistical meaning.
Show Notes - https://www.grc.com/sn/SN-940-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's time for security now, Steve Gibson is in the house, so my and we have lots to talk |
| 0:05.6 | about. |
| 0:06.6 | We'll talk about fast file hash calculations, why you don't have to overwrite your hard |
| 0:12.0 | drive over and over and over again, Steve explains the issues in wiping your hard drive |
| 0:18.3 | whether an SSD or a spinning drive and then why he's leaving Twitter, it's all coming |
| 0:24.2 | up next. |
| 0:25.2 | What's security now, podcasts you love, front people you trust, this is twit. |
| 0:38.9 | This is security now with Steve Gibson, episode 940, recorded Tuesday, September 19, 2023, |
| 0:46.9 | when hashes collide. |
| 0:50.7 | Security now is brought to you by Bitwarden, get the open source password manager that |
| 0:56.1 | can help you stay safe online, get started with the free teams or enterprise plan trial |
| 1:02.1 | or get started for free across all devices as an individual user at bitwarden.com slash |
| 1:08.4 | twit. |
| 1:09.6 | And by, delete me, reclaim your privacy by removing personal data from online sources, protect |
| 1:16.4 | yourself and reduce the risk of fraud, spam, cyber security threats and more by going |
| 1:22.4 | to joindeleteme.com slash twit and using the code twit for 20% off. |
| 1:29.1 | And by, DRADA, all too often security professionals undergo the tedious and arduous task of manually |
| 1:35.4 | collecting evidence with DRADA companies can complete audits, monitor controls and expand |
| 1:40.9 | security assurance efforts to scale, say goodbye to manual evidence collection. |
| 1:46.0 | And hello to automation, all done at DRADA speed, visit DRADA.com slash twit to get a demo |
| 1:53.0 | and 10% off implementation. |
| 1:56.2 | It's time for security now, the show we cover the latest news from the security world with |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.