Schedule

Schedule

Saturday, November 1

1414864800 The Tech Guy

Sunday, November 2

1414954800 The Tech Guy
1414969200 This Week in Tech

Monday, November 3

1415037600 Tech News Today
1415041200 Triangulation
1415046600 iPad Today
1415059200 Tech News 2Night

Tuesday, November 4

1415124000 Tech News Today
1415127600 MacBreak Weekly
1415134800 Security Now
1415142000 Before You Buy
1415145600 Tech News 2Night
1415149200 All About Android
1415158200 Padre's Corner

Wednesday, November 5

1415205000 FLOSS Weekly
1415210400 Tech News Today
1415214000 Windows Weekly
1415221200 This Week in Google
1415232000 Tech News 2Night
1415239200 Ham Nation

Thursday, November 6

1415296800 Tech News Today
1415300400 Know How...
1415304000 Marketing Mavericks
1415309400 Coding 101
1415313000 Home Theater Geeks
1415318400 Tech News 2Night
1415320200 The Giz Wiz

Friday, November 7

1415383200 Tech News Today
1415386800 This Week in Law
1415394000 Android App Arena
1415404800 Tech News 2Night

Saturday, November 8

1415473200 The Tech Guy

Sunday, November 9

1415559600 The Tech Guy
1415574000 This Week in Tech

Monday, November 10

1415642400 Tech News Today
1415646000 Triangulation
1415651400 iPad Today
1415664000 Tech News 2Night

Most Recent Episodes

Tech News 2Night

The FCC is close to reclassifying ISPs.

This Week in Law

The FTC takes AT&T to court for throttling customers with unlimited data.

Android App Arena
Episode #19: Spooky Games October 31st, 2014

Hands-on reviews of Five Nights at Freddy's, Zombie Gunship, The Spookening, and Inbox by Gmail.

Tech News Today

FCC Net Neutrality, Passcode vs Fingerprint, and Hacking Food.

This Week in Computer Hardware

DCS LIVA Mini PC, Intel Broadwell-E, and the MSI GT80 Titan.

The Giz Wiz

Spark Watch, blacklight flashlight, and more.

Home Theater Geeks

Brian Vessa and SMPTE report on cinema sound.

Tech News 2Night

Microsoft Health Announced

Know How...

Project Loon 2.0, Quad Motors & Props

Coding 101
Episode #41: Mark Smith October 30th, 2014

Speaking with "Smitty", master of the microcontroller.

  • The file could not be created.
  • The selected file /tmp/fileD0IbFE could not be uploaded, because the destination js/js_91a0878bf17d617a1b0933a255727aaa.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/fileUugVND could not be uploaded, because the destination js/js_91a0878bf17d617a1b0933a255727aaa.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/filed4nbOe could not be uploaded, because the destination js/js_91a0878bf17d617a1b0933a255727aaa.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/fileRceuQP could not be uploaded, because the destination css/css_513434880a82739dd4082f9183315cc6.css is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/fileREaTcH could not be uploaded, because the destination css/css_513434880a82739dd4082f9183315cc6.css is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/file3Us88C could not be uploaded, because the destination js/js_91a0878bf17d617a1b0933a255727aaa.js is not properly configured.
  • The selected file /tmp/filecaGfeN could not be uploaded, because the destination css/css_b3ebf5431b0c94b60f7dce22320d9cac.css is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/fileg3p4tm could not be uploaded, because the destination js/js_53d6748465dd8deea207b05f1ed3cc15.js is not properly configured.
  • The file could not be created.
  • The selected file /tmp/filey7ePqJ could not be uploaded, because the destination js/js_53d6748465dd8deea207b05f1ed3cc15.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/filexRCXI4 could not be uploaded, because the destination css/css_b3ebf5431b0c94b60f7dce22320d9cac.css is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/filehTCcfL could not be uploaded, because the destination css/css_50d0e2b128d938c51754d9e8b8df9b1f.css is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/filenVxLlO could not be uploaded, because the destination js/js_7b31e5441e7b8862a9c976e8639472eb.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The selected file /tmp/filenBmQBY could not be uploaded, because the destination js/js_7b31e5441e7b8862a9c976e8639472eb.js is not properly configured.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.
  • The file could not be created.

Know How... 89

Heartbleed, LastPass, and Make Windows Faster

April 17 2014

The Heartbleed exploit explained with jellybeans, tweak Windows 7 or 8 for extra speed, manage your passwords with LastPass, and a first look at the WRT 1900AC.

Heatbleed

What is the Hearbeat?
* The problem lies in the "Hearbeart"
- It's a way to keep a SECURE TLS session alive /// to keep it from "timing out"
- The Heartbeat is a payload of arbitrary data which is sent from one end of the connection to the other, and back again.
- If the heartbeat makes the round trip intact, then both sides of the connection know that the connection is still active and still secure.

What is the Exploit?
* The exploit is in the way that OpenSSL responds to the heartbeat.
- The SENDER of the "keep alive" packet gets to decide how much arbitrary data it sends.
-- The sender sends heartbeat of a certain size, then tells the receiver how much data must be sent back
*** Here's the rub... along with that data, the sender tells the receiver (running OpenSSL) how much data should be sent back... and OpenSSL doesn't check that number with the size of the incoming data.
-- Since the SENDER decides how big the arbitrary heatbeat data will be, and because OpenSSL trusts the sender as to how much data is in that heartbeat, the SENDER can sent a heartbeat that will return data that was NOT originally sent by the sender.
-- In other words, an attacker can make the compromised system send data that was intended to be secure and private.

How is the Exploit Used?
* To use the exploit, an attacker would first establish a SSL connection to a compromised system.
* The attacker would then send a heartbeat to the compromised system with a 1byte payload
* However, the attacker tells the compromised system that it must return 64k Bytes
* The compromised system sends back a 64k heartbeat response, giving the attacker 63,999 bytes of data that is SHOULDN'T have released.
* The attacker keeps doing the attack until they have the compromised systems certificates and any other information that is in memory.

What is the impact
* If the attacker is able to steal the credentials of the compromised system, they are able to do a number of things:
1. A MITM attack on people connecting to the site -- An attack in which EVERYTHING is in the clear
2. The ability to create "spoof sites" with the authentic certificate of the compromised site

Speed Up Windows

"Remote Assistance" is a service that runs in the background of Windows 7 & 8, allows a remote "helper" to log into your computer to fix problems while you watch. Most people will never never use the service, and it can actually be a security hole.

"System Restore" is a background service that keeps track of "save points" - Theoretically it will allow you to return to one of these "healthy" save points should something happen to your OS. It's a useful feature of Windows, but it CAN'T clear viruses and it can only return to save points that is has created... meaning that it almost never gets you back to a completely healthy image.

To Turn Off these Services
1. Right click the "Computer" icon on the desktop and choose "Properties"
2. To the left of you computer's stats, you'll see "Control Panel Home" along with four shielded options. Click "Remote Settings"
3. You'll see a field for "Allow Remote Assistance Connections to this computer"- uncheck that option and click "apply".
4. Click on the "Remote Assistance" tab and look for "Protection Settings" - Select the drive on which protection in enabled and click "Configure"
5. Select the radio button to "Turn off system protection" and apply the change.

LastPass Password Manager

- After the Heartbleed security breech and just everyday use of Multi-site logins, you should be using strong passwords and different passwords for every site.
- Lastpass keeps your passwords in a Vault and helps you generate new random passwords and works on all platforms
- Your passwords are encrypted, which is only stored on your machine. That means even LastPass doesn't know your password. It's called the "Trust No One" approach
- Don't believe me? Watch Leo and Steve Gibson go into detail not only about Heartbleed but Lastpass and Trucypt

Leo's introduction to LastPass on TWiT Live Specials

Security Now Episode: 450 & 451, Leo & Steve go into detail about Heartbleed & more.

Security Now Episode: 450

LastPass Security Page
LastPass FAQ
LastPass "Heartbleed" Blog Post

Install LastPass and Start saving Passwords
- Lastpass has extensions for Chrome, Firefox, Safari and works for all platforms, Windows, OS X, Linux, and Mobile OS like iOS, Android Windows Phone and even Blackberry...

Audit and Update your Passwords
- Make sure not to save your passwords in the browser options, and start using LastPass
- Lastpass can scan your passwords and give you a rating and show you sites thave have duplicate passwords
- It'll even tell you if any of your Usernames have been used in a Security breach

How do you improve your score?
- Eliminate Duplicate Passwords
- Weak Passwords
- Don't store passwords in email, docs, pieces of paper, your hand...

Install on your Mobile Devices
- Login with your Lastpass password. Before a recent update you use to have to log into Lastpass and use their web browser through the app. But not anymore!
- Lastpass will help you log into apps without having to copy it from the Lastpass app.

Alternitives

1Password $34.99

KeePass (Free)

Linksys Router Madness!

WRT54G
* 2.4Ghz Only
* 10/100 LAN & WAN Ports
* Broadcom 125Mhz processor (updated to 216Mhz)
* 4MB Flash Storage // 16MB System Memory (Later Versions had 2MB / 8MB)
* No external storage options

Linksys WRT1900AC
* 2.4 & 5 Ghz SIMULTANEOUSLY
* 802.11a/b/g/n/ac
* Beamforming Tech
* 4 Gigabit LAN Ports
* 1 Gigabit WAN Port
* Dual Core 1.2Ghz CPU
* 128MB Flash Storage // 256MB DDR3 System Memory
* USB 3.0 & eSATA connectors // Support of FAT/NTFS/HFS

Connect with us!
Don't forget to check out our large library of projects on this site. If you want to search for a topic, try this custom search engine. Also, check out our transcripts.
- Google+ Community at gplus.to/twitkh
- Tweet at us at @padresj and @Cranky_Hippo
- Email us at knowhow@twit.tv