2.5 Admins

2.5 Admins 174: Guess Who’s Watching

Dec 21, 2023

The podcast discusses the recent SSH vulnerability and its potential consequences for sensitive networks. They also highlight a privacy issue with cloud-connected security cameras and the lack of end-to-end encryption. Additionally, they address listener questions about ZFS encryption and discuss a bug related to encrypted streams in ZFS.

31:31

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

SSH vulnerabilities in OpenSSH can weaken security and caution is advised for users of third-party SSH apps.

The privacy breach with ubiquity security cameras highlights the risks of relying on cloud-based solutions for security camera footage storage.

Deep dives

Terrapin SSH Vulnerabilities

The podcast episode discusses a series of three vulnerabilities known as Terrapin that affect SSH. The first vulnerability allows an attacker to interfere during the SSH setup process and potentially disable newer features in OpenSSH. The second and third vulnerabilities specifically impact async SSH, a Python SSH server. While most users of Linux or BSD machines that utilize SSH are not at high risk, caution is advised for those who use third-party SSH apps on Android or Windows, such as Juice SSH or PuTTY. However, the vulnerabilities are being actively patched in OpenSSH, and ensuring both the client and server are updated should help mitigate the risks.

Introduction

4min

SSH vulnerabilities and the importance of patching

7min

Privacy Breach and Lack of Encryption in Security Cameras

7min

Sponsor Appreciation and Discussion on ZFS Encryption with Send and Receive Functionality

2min

ZFS Encrypted Streams Bug and Space Allocation Error

12min

What you need to know about the recent SSH vulnerability, yet another privacy issue with cloud-connected security cameras, why it’s difficult to get to the bottom of an obscure ZFS encryption bug, and more.

Plug

Support us on patreon and get an ad-free RSS feed with early episodes sometimes

News

SSH protects the world’s most sensitive networks. It just got a lot weaker

UniFi devices broadcasted private video to other users’ accounts

Free Consulting

We were asked about the state of ZFS encryption, and Syncoid snapshots.

See our contact page for ways to get in touch.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

2.5 Admins

2.5 Admins 174: Guess Who’s Watching

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Terrapin SSH Vulnerabilities

Ubiquity Security Camera Privacy Breach

ZFS Native Encryption and Send/Receive

Syncoid Snapshots and Sanoid Management

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

2.5 Admins

2.5 Admins 174: Guess Who’s Watching

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Terrapin SSH Vulnerabilities

Ubiquity Security Camera Privacy Breach

ZFS Native Encryption and Send/Receive

Syncoid Snapshots and Sanoid Management

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights