Cover art for podcast Risky Business

Risky Business

20 EpisodesProduced by Patrick GrayWebsite

Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a secu… read more

Risky Business #594 -- How ESNIs will change censorship and NDR

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • WeChat joins TikTok in the naughty corner
  • TLS 1.3 with ESNI will have a massive impact on censorship AND security
  • Belarus goes dark after dodgy election
  • Capital One fined $80m
  • Much, much more

We’ll be hearing from Dan Guido of Trail of Bits in this week’s sponsor interview. They’ve developed a generic macOS EDR package that you, dear vendor, should absolutely license from them. Dan joins us to explain why.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes America's clean path is slippery - Risky Business Trump issues executive orders that will ban TikTok, WeChat in 45 days - CyberScoop China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI | ZDNet Cat and mouse: Privacy advocates fight back after China tightens surveillance controls | The Daily Swig DEF CON: New tool brings back 'domain fronting' as 'domain hiding' | ZDNet Belarus Has Shut Down the Internet Amid a Controversial Election | WIRED Ohio becomes first state to release vulnerability policy for election-related websites Top voting vendor ES&S publishes vulnerability disclosure policy Microsoft bug bounty payouts trebled to reach nearly $14 million in the last year | The Daily Swig US offers $10 million reward for hackers meddling in US elections | ZDNet Mozilla lays off 250 employees while it refocuses on commercial products | ZDNet US financial regulator fines Capital One $80 million over data breach FBI says an Iranian hacking group is attacking F5 networking devices | ZDNet Citrix releases fix for software bug that hackers ‘will move quickly to exploit’ Hacker leaks passwords for 900+ enterprise VPN servers | ZDNet Hacking group has hit Taiwan's prized semiconductor industry, Taiwanese firm says A mysterious group has hijacked Tor exit nodes to perform SSL stripping attacks | ZDNet FBI issues warning over Windows 7 end-of-life | ZDNet Anti-encryption laws yet to be used by Asio or AFP to compel tech firms' help, inquiry told | Australian security and counter-terrorism | The Guardian WordPress 5.5 rolls out with auto-updates for plugins, themes | The Daily Swig Snapdragon chip flaws put >1 billion Android phones at risk of data theft | Ars Technica Researchers found another way to hack Android cellphones via Bluetooth Insecure satellite Internet is threatening ship and plane safety | Ars Technica When TLS hacks you: Security friend becomes a foe | The Daily Swig Top hacks from Black Hat and DEF CON 2020 | The Daily Swig Security bugs let these car hackers remotely control a Mercedes-Benz | TechCrunch Black Hat 2020: New HTTP request smuggling variants levied against modern web servers | The Daily Swig Black Hat 2020: Web cache poisoning offers fresh ways to smash through the web stack | The Daily Swig (12) Dan Guido on Twitter: "Last Thursday, I was locked out of my cloud MDM, my data was deleted, and MDM agents for every device @trailofbits were silently removed by the vendor, leaving the entire company unmanaged. There was no advance notice and no explanation. This is a warning: Never use Kandji." / Twitter Sinter: New user-mode security enforcement for macOS | Trail of Bits Blog
Educational emoji reaction


Interesting emoji reaction


Funny emoji reaction


Agree emoji reaction


Love emoji reaction


Wow emoji reaction


Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to Risky Business


A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens