Ep 906 - Google Drive


(00:02:50):Hmm. What did Chrome just do Which followed Microsoft and Firefox And is the chromium beginning to rust will, will Microsoft ever actually protect us from exploitation by old known vulnerable kernel drivers Hmm. What does it mean that real words almost never appear in random character strengths And what is Google's rule of two and why does our entire future depend upon it The answers to those questions and more will be revealed during this next gripping episode of security. Now, now that's a T Steve congratulate Golf clap. Very well done, . I can't wait to find out all of the answers to those questions. Ah, there are some goodies and a good picture of the week. Ah, yes. But first, before we get underway, or I guess we're underway, but before we get full head of steam going, let's talk about our sponsor. The folks at PlexTrac your security team's secret weapon.

(00:10:54):I I mean that if they wanted to close it, why not remove it . I mean, like, you know, get out the jackhammer and break this concrete up and haul it off. But no, it's there a puzzle. It a perfectly functioning sidewalk, which no one can use unless they walk around this barricade and look, oh, it works. The sidewalk still works. Leo, even it's like, once I remember, this is long time ago I let my car insurance lapse. Yes. And I thought, oh, I can't drive, but I got in the car and turned the key and it still works. It still worked. It was amazing. . It's a miracle. Anyway, anyway, yeah. So, wow. Okay. I originally ti was gonna to title this podcast a brief glimmer of hope over a pursuit that's took me, I think it was like six or seven hours until I realized how it turned out at how brief the glimmer was.

(00:29:43):Okay. So all of this that we've been talking about, they in last pass, for example, where you are, you're, you're doing this pbk DF two to get a key. That key that you get isn't the actual decryption key for the vault. Ah, it's the key that decrypts the key. So there's a, there there's a, there's a level of indirection there. And the reason that's done is that you're, you're able to change your encryption key without having to re-key the vault. Mm-Hmm. mm-hmm. . And, and thanks to that level of, of, of indirection, it's, it's very much like if, if you had a password protecting a hard drive and you wanted to change the password, well if you, if you actually change the key, you have to, you have Tory everything, encrypt the whole hard drive and then re-encrypt the whole hard drive. Right So instead nobody does that.

(00:55:26):Family organization love this one. Six users premium features $3 and 33 cents a month for the whole family. Bitwarden supports importing and migrating from many other programs to, I could tell you, and I know Steve did this. In fact he talked about how to do it. It's tra it's so simple to move from last pass to Bit Warden. You just export, BitWarden will read it and your Bob's your uncle, you're done. It's as simple as that. When I moved to Bit Warden, it took me minutes and I have more than 4,000 saved passwords. The only thing I mentioned this I had to do is it doesn't transfer over it's last pass. Doesn't export any binary data, pictures of passports or driver's license. So you just save those out and put 'em back into Bit Warden and they're all in my bit warden now.

(01:01:13):You know, you gotta start somewhere. So, you know, and you may have noted as I said, the Google's announcement mentioned this rule of two, which we'll be taking an in-depth look at here in a minute. But first we have another instance of B Y O V D. Bring your own vulnerable driver. It was just in the news this past wee


