technology

SN 1003: A Light-Day Away - Digital Epileptic Seizures, Tor Needs You, Zello Password Panic, Wireguard's Open Port Debate
Security Now (Audio)December 04, 2024
1003
2:18:12126.76 MB

SN 1003: A Light-Day Away - Digital Epileptic Seizures, Tor Needs You, Zello Password Panic, Wireguard's Open Port Debate

Steve Gibson and Leo Laporte discuss Microsoft's clarification about AI training data usage, a fascinating breakthrough in understanding autonomous vehicle vulnerabilities, and an urgent call for help from the Tor Network. The show culminates in an in-depth exploration of NASA's incredible Voyager ...

SN 1002: Disconnected Experiences - "Nearest Neighbor" Attack, Repo Swatting, the Return of Recall
Security Now (Audio)November 27, 2024
1002
2:32:04139.44 MB

SN 1002: Disconnected Experiences - "Nearest Neighbor" Attack, Repo Swatting, the Return of Recall

What's the new "nearest neighbor" attack and how do you defend against it? Let's Encrypt just turned 10. What changes has it wrought? Now the Coast Guard is worried about Chinese built ship-to-shore cranes. Pakistan becomes the first country to block Bluesky. There's a new way to get Git repos "swa...

SN 1001: Artificial General Intelligence (AGI) - Gmail Temp Addresses, Russia's Internet Off Switch
Security Now (Audio)November 20, 2024
1001
2:26:44134.55 MB

SN 1001: Artificial General Intelligence (AGI) - Gmail Temp Addresses, Russia's Internet Off Switch

How Microsoft lured the US Government into a far deeper and expensive dependency upon its cybersecurity solutions. Gmail to offer native throwaway email aliases like Apple and Mozilla. Russia to ban several additional hosting companies and give its big Internet disconnect switch another test. Russi...

SN 1000: One Thousand - Windows Server 2025, Malicious Python Typos
Security Now (Audio)November 13, 2024
1000
2:17:4363.22 MB

SN 1000: One Thousand - Windows Server 2025, Malicious Python Typos

Bitwarden reaffirms it's commitment to open source. The rights of German security researchers are clarified. Australia to impose age limits on social media. Free Windows Server 2025 anyone? UAC wasn't getting in the way enough, so they're fixing that. "From Russia with fines" -- obey or else. South...

SN 999: AI Vulnerability Discovery - RT's AI TV Hosts, Windows 10 Updates
Security Now (Audio)November 06, 2024
999
1:53:0551.92 MB

SN 999: AI Vulnerability Discovery - RT's AI TV Hosts, Windows 10 Updates

Google's record-breaking fine by Russia. (How many 0's is that?) RT's editor-in-chief admits that their TV hosts are AI-generated. Windows 10 security updates set to end next October... or are they? When a good Chrome extension goes bad. Windows .RDP launch config files. What could possibly go wron...

SN 998: The Endless Journey to IPv6 - AI-Driven Encryption, Session Messenger, IPv6
Security Now (Audio)October 30, 2024
998
2:53:5679.78 MB

SN 998: The Endless Journey to IPv6 - AI-Driven Encryption, Session Messenger, IPv6

Apple proposes 45-day maximum certificate life. SEC fines four companies for downplaying their SolarWinds attack severity. Google adds 5 new features to Messenger including inappropriate content. Does AI-driven local device-side filtering resolve the encryption dilemma forever? The very nice lookin...

SN 997: Credential Exchange Protocol - DJI Sues DoD, Quantum Vs. RSA, Lost MS Logs
Security Now (Audio)October 23, 2024
997
2:18:3563.59 MB

SN 997: Credential Exchange Protocol - DJI Sues DoD, Quantum Vs. RSA, Lost MS Logs

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chines...

SN 996: BIMI (up Scotty) - NPD Goes Broke, Firefox Under Attack, .io
Security Now (Audio)October 16, 2024
996
2:32:2469.91 MB

SN 996: BIMI (up Scotty) - NPD Goes Broke, Firefox Under Attack, .io

uBlock Origin to the rescue National Public Data files for bankruptcy Will the .IO top level domain be disappearing? Patch Tuesday Firefox under attack Miscellany Sci-Fi The Sequence uBlock Origin Eero Routers Pep Link Router BIMI (up Scotty) Show Notes - https://www.grc.com/sn/SN-996-Notes.pdf Hos...

SN 995: uBlock Origin & Manifest V3 - DDoS Record, N. Korean Workers, Vitamin D
Security Now (Audio)October 09, 2024
995
2:35:2171.28 MB

SN 995: uBlock Origin & Manifest V3 - DDoS Record, N. Korean Workers, Vitamin D

Facebook's parent Meta not hashing passwords A New, forthcoming PayPal default opts their users into merchant data sharing DDoS breaks another record Speaking of these ASUS routers Do you know who you're hiring? Vitamin D The CUPS vulnerablility Routers for normal people uBlock Origin & Manifes...

SN 994: Recall's Re-Rollout - Domain Security, Tor + Tails, VLC Update
Security Now (Audio)October 02, 2024
994
2:16:2262.58 MB

SN 994: Recall's Re-Rollout - Domain Security, Tor + Tails, VLC Update

The Linux remote code execution flaw The CRUCIAL importance of Domain Control Security Roskomnadzor strikes a discordant note VLC gets a security update Tor and Tails Merge Telegram changes its long-standing "zero cooperation" policy Enshittification Bobiverse book 5 Windows 10 notifications Experi...

SN 993: Kaspersky exits the U.S. - Exploding Pagers, Passkeys in Chrome
Security Now (Audio)September 25, 2024
993
2:27:0567.5 MB

SN 993: Kaspersky exits the U.S. - Exploding Pagers, Passkeys in Chrome

The case of the exploding pagers and walkie-talkies "Ford seeks patent for tech that listens to driver conversations to serve ads" Another large chunk of personal data exposed Passkeys takes a big step forward: Now supported by Chrome A nascent 9.9 Linux Unauthenticated RCE? Freezing Credit Credit ...

SN 992: Password Manager Injection Attacks - Aging Media, Naval Starlink, adam:ONE
Security Now (Audio)September 18, 2024
992
2:23:3965.91 MB

SN 992: Password Manager Injection Attacks - Aging Media, Naval Starlink, adam:ONE

Windows Endpoint Security Ecosystem Summit Aging storage media does NOT last forever How Navy chiefs conspired to get themselves illegal warship Wi-Fi adam:ONE named the #1 best Secure Access Service Edge (SASE) solution AI Talk Password Manager Injection Attacks Show Notes - https://www.grc.com/sn...

SN 991: RAMBO - Cloned YubiKeys, Telegram vs. Signal, French Elevators, Unix Time
Security Now (Audio)September 11, 2024
991
2:19:3164.01 MB

SN 991: RAMBO - Cloned YubiKeys, Telegram vs. Signal, French Elevators, Unix Time

Offer to uninstall Recall was a bug, not a feature YubiKeys can be cloned Miscellany Is WhatsApp secure? Telegram vs Signal French elevators Freezing your credit The Quiet Canine Unix time Bobiverse book 5 Exodus: The Achemedes Engine Watching SpinRite RAMBO Show Notes - https://www.grc.com/sn/SN-9...

SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?
Security Now (Audio)September 04, 2024
990
2:09:19118.59 MB

SN 990: Is Telegram an Encrypted App? - CrowdStrike Exodus, DDoS-as-a-Service, 'Active Listening' Ad Tech?

Telegram puts End-to-End Privacy in the Crosshairs Free security logging is good for everyone CrowdStrike hemorrhaging customers Microsoft to meet privately with EDR (Endpoint Detection & Response) vendors Yelp's Unhappy with Google Telegram as the hotbed for DDoSass – DDoS as a Service Chrome ...

SN 989: Cascading Bloom Filters - Key Card Backdoors, Fake Cisco Gear
Security Now (Audio)August 28, 2024
989
2:10:0559.74 MB

SN 989: Cascading Bloom Filters - Key Card Backdoors, Fake Cisco Gear

CrowdStrike Exec's "Most Epic Fail" Award Hardware backdoors discovered in Chinese-made key cards Counterfeit CISCO networking gear SpinRite Errata NPD breach updates from listeners Looking back at old SN episodes Cascading Bloom Filters Show Notes - https://www.grc.com/sn/SN-989-Notes.pdf Hosts: S...

SN 988: National Public Data - Big Patch Tuesday, The Biggest Data Breach
Security Now (Audio)August 21, 2024
988
2:14:2461.71 MB

SN 988: National Public Data - Big Patch Tuesday, The Biggest Data Breach

Revocation Update GRC's next experiment Patch Tuesday "The Famous Computer Café" IsBootSecure GRC Email Working through WiFi Firewalls Transferring DNS OCSP attestation vs. TLS expiration Platform key expiration National Public Data Show Notes - https://www.grc.com/sn/SN-988-Notes.pdf Hosts: Steve ...

SN 987: Rethinking Revocation - SinkClose, IsBootSecure, Another Bad RCE
Security Now (Audio)August 14, 2024
987
2:18:2163.49 MB

SN 987: Rethinking Revocation - SinkClose, IsBootSecure, Another Bad RCE

Sitting Ducks DNS attack A Bad RCE in another Microsoft server SinkClose The CLFS.SYS BSoD IsBootSecure Rethinking Revocation Show Notes - https://www.grc.com/sn/SN-987-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get episo...

SN 986: How Revoking! - Crowdstrike Damage, Firefox Cookies
Security Now (Audio)August 07, 2024
986
2:02:0956.06 MB

SN 986: How Revoking! - Crowdstrike Damage, Firefox Cookies

Platform Key Disclosure Firefox's 3rd-party Cookie mess The W3C Finally Weighs-in CrowdStrike Damages. GRC's Email How Revoking! Show Notes - https://www.grc.com/sn/SN-986-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now . Get ep...

SN 985: Platform Key Disclosure - Crowdstrike Post-mortem, Entrust Update
Security Now (Audio)July 31, 2024
985
2:30:1968.95 MB

SN 985: Platform Key Disclosure - Crowdstrike Post-mortem, Entrust Update

Crowdstrike post-mortem PiDP-11 What Crowdstrike is fixing Marcus Hutchins on who is to blame Entrust's Updated Info 3rd-Party Cookie Surprise Security training firm mistakenly hires a North Korean attacker Google and 3rd party cookies Google's influence The auto industry and data brokers DNS Bench...

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

SN 984: CrowdStruck - Crowdstrike, Cellebrite, More Entrust

Cellebrite unlocks Trump's would-be assassin's phone. Cisco reported on a CVSS of 10.0 Entrust drops the other shoe Google gives up on removing 3rd-party cookies Miscellany Snowflake and data warehouse applications CDK auto dealership outage Polyfill.io and resource hashes MITM Blocking Copilot Blo...