SN 814: PwnIt And OwnIt

Beep boop - this is a robot. A new show has been posted to TWiT…

What are your thoughts about today’s show? We’d love to hear from you!

another fine show. I"m not sure we ‘want’ the FLOC thing - remember that sites who know our identities can collect our FLOC values over time and big companies like google twitter and facebook have hooks all over the web to be able to determine the essence of those FLOC IDs.l

1 Like

First off, congrats to Steve. May you and Lorrie (I think I spelled her name properly) have a wonderful life together.

I also noticed that Bitwarden is now a sponsor. We know Steve dug through the LastPass code many years ago. Has he gone through the Bitwarden code?

1 Like

Not to my knowledge but Bitwarden is open source and regularly reviewed by trusted third-parties. I think it’s the most trustworthy of all the commercial password managers. Furthermore, unlike Lastpass, Bitwarden’s business model does not require upgrading free accounts to paid.

I used Lastpass for a decade, but the move to Bitwarden has been easy and painless. It doesn’t seem to have any of the hiccups that Lastpass has experienced of late. We still use Lastpass Enterprise at work, but I’ve been recommending Bitwarden non-stop since Lastpass restricted their free tier capabilities.

Leo, I switched to Bitwarden at the time Lastpass changed their free tier (and I had actually paid for a Lastpass subscription). I am very happy with the software and very happy to see them advertising on TWiT.

I have been a listener of Security Now for several years now. The recent reporting of the Exchange vulnerabilities on SN really saved my company’s bacon. And made me look like a Rockstar in the process. I actually found webshells on our server and removed them. Luckily there was no evidence of any data leaving the server. We were just hit with the initial round of probing.

So when Steve and Leo reported yet another Exchange vulnerability I patched as soon as I could.

Also by chance the review of the latest Fortinet hacks helped prep me for a meeting with our ISP who wants us to move to Fortinet.

Thanks Guys!!

3 Likes

Awesome! I’m so glad you listen and that we could be of help. Security Now is rapidly becoming a must listen.

1 Like

I just want to add that I work for a Fortinet reseller. Depending on your need, the product is decent. Just make sure you stay up to date on patches. This goes true for all edge security products.

1 Like

We are a rather small company 300 people. We are looking at the 80e model up to the 200f. We have a 250 Mbps connection but want room to grow up to a 1 Gbps connection.

Any recommendations?