Security Now (Audio‪)‬ Security Now

Out-of-support DLink NAS devices contain hard coded backdoor credentials

Privnote is not so "Priv"

Crowdfense is willing to pay millions

Engineers Pinpoint Cause of Voyager 1 Issue, Are Working on Solution

SpinRite Update

Minimum Viable Secure Product

Show Notes - https://www.grc.com/sn/SN-969-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
zscaler.com/zerotrustAI
business.eset.com/twit
lookout.com
joindeleteme.com/twit promo code TWIT

A near-Universal (Local) Linux Elevation of Privilege vulnerability
TechCrunch informed AT&T of a 5 year old data breach
Signal to get very useful cloud backups
Telegram to allow restricted incoming
HP exits Russia ahead of schedule
Advertisers are heavier users of Ad Blockers than average Americans!
The Google Incognito Mode Lawsuit
Canonical fights malicious Ubuntu store apps
Spinrite update
A Cautionary Tale
Show Notes - https://www.grc.com/sn/SN-968-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
1bigthink.com
kolide.com/securitynow
Melissa.com/twit
vanta.com/SECURITYNOW

Apple vs U.S. DOJ
G.M.'s Unbelievably Horrible Driver Data Sharing Ends
Super Sushi Samurai
Apple has effectively abandoned HomeKit Secure Routers
The forthcoming ".INTERNAL" TLD
The United Nations vs AI.
Telegram now blocked throughout Spain
Vancouver Pwn2Own 2024
China warns of incoming hacks
Annual Tax Season Phishing Deluge
SpinRite update
Authentication without a phone
Are Passkeys quantum safe?
GoFetch: The Unpatchable vulnerability in Apple chips
Show Notes - https://www.grc.com/sn/SN-967-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
zscaler.com/zerotrustAI
bitwarden.com/twit
canary.tools/twit - use code: TWIT
panoptica.app
kolide.com/securitynow

Voyager 1 update
The Web turned 35 and Dad is disappointed
Automakers sharing driving data with insurance companies
A flaw in Passkey thinking
Passkeys vs 2fa
Sharing accounts with Passkeys
Passkeys vs. Passwords/MFA
Workaround to sites that block anonymous email addresses
Open Bounty programs on HackerOne
Steve on Twitter
Ways to disclose bugs publicly
Security by obscurity
Something you have/know/are vs Passkeys
Passkeys vs TOTP
Inspecting Chrome extensions
Passkey transportability
Morris the Second
Show Notes - https://www.grc.com/sn/SN-966-Notes.pdf

Hosts: Steve Gibson and Mikah Sargent

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
zscaler.com/zerotrustAI
robinhood.com/boost
GO.ACILEARNING.COM/TWIT
joindeleteme.com/twit promo code TWIT
vanta.com/SECURITYNOW

VMware needs immediate patching
Midnight Blizzard still on the offensive
China is quietly "de-American'ing" their networks
Signal Version 7.0, now in beta
Meta, WhatsApp, and Messenger -meets- the EU's DMA
The Change Healthcare cyberattack
SpinRite update
Telegram's end-to-end encryption
KepassXC now supports passkeys
Login accelerators
Sites start rejecting @duck.com emails
Tool to detect chrome extensions change owners
Sortest SN title
Passkeys vs 2FA
Show Notes - https://www.grc.com/sn/SN-965-Notes.pdf

Hosts: Steve Gibson and Mikah Sargent

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
vanta.com/SECURITYNOW
joindeleteme.com/twit promo code TWIT
kolide.com/securitynow
business.eset.com/twit

"Death, Lonely Death" by Doug Muir, about the decades-old Voyager 1 explorer
Cory Doctorow's Visions of the Future Humble Book Bundle
CTRL-K shortcut for search on a browser
Direct bootable image downloading for GRC's servers
Closing the loop on compromised emails
Taco Bell's passwordless app
A solution for Bcrypt's password length limit of 72 bytes
Data as the missing piece for law enforcement and privacy advocates
The token solution for email-only login
Apple's Password Manager Resources on Github
The risk of long-term persistent cookies in browsers
Why mainframe industries still require weak passwords
A conundrum involving an exploitable Response Header error and a bounty payment.
An inspection of Apple's new Post-Quantum Encryption upgrade
Show Notes - https://www.grc.com/sn/SN-964-Notes.pdf





Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:
GO.ACILEARNING.COM/TWIT
Melissa.com/twit
bitwarden.com/twit
kolide.com/securitynow