Martin, Andy, and Steve finally manage to get schedules set and talk.  Unfortunately Joseph can't come out to play this week so the old guys have the mike.  Quick note and apologies about some of the audio quality - we're working to fix it.

Just Andy and Joseph this week, but we hit some fairly hefty topics, particularly the breaches that seem to keep springing up every day lately.

First, Derek Newton has discovered a very interesting flaw in Dropbox's host authentication.
http://dereknewton.com/2011/04/dropbox-authentication-static-host-ids/

Then, we discussed the breaches of the week: Barracuda, Hartford, and US Airways.
http://www.theregister.co.uk/2011/04/11/barracuda_networks_attack/
https://www.threatpost.com/en_us/blogs/hartford-hacked-040711
https://www.threatpost.com/en_us/blogs/insider-allegedly-leaked-data-belonging-3000-us-airways-pilots-041111

And in the "too close to home for comfort" category, we finished up with the Texas Comptroller breach:

http://www.statesman.com/blogs/content/shared-gen/blogs/austin/politics/entries/2011/04/11/comptroller_personal_id_inform.html
http://blogs.chron.com/texaspolitics/archives/2011/04/personal_inform.html

As always, you can find the podcast here: http://sfspodcast.libsyn.com/rss

And if you have any feedback, drop us a comment or find us at @SFSPodcast on twitter.

Well, the boys are short the News Yankee this week...

Joseph is back from South By Southwest and BSides Austin and gives a brief rundown on the doings there.

Martin interviews Larry Ponemon about the "Cost of Compliance" study recently published by the Ponemon Institute.

Andy?  He's just hanging out with the infant.