Security Now

• GCHQ: No more default passwords for consumer IoT devices!
• What happened with Chrome and 3rd-party cookies?
• Race conditions and multi-threading
• GM "accidentally" enrolled millions into "OnStar Smart Driver +" program
• Steve recommends Ryk Brown's "Frontiers Saga"
• SpinRite update
• Passkeys: A Shattered Dream?

Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• business.eset.com/twit
• vanta.com/SECURITYNOW
• 1bigthink.com
• lookout.com

• What do you call "Stuxnet on steroids"??
• Voyager 1 update
• Android 15 to quarantine apps
• Thunderbird & Microsoft Exchange
• China bans Western encrypted messaging apps
• Gentoo says "no" to AI
• Cars collecting diving data
• Freezing your credit
• Investopedia
• Computer Science Abstractions
• Lazy People vs. Secure Systems
• Actalis issues free S/MIME certificates
• PIN Encryption
• DRAM and GhostRace
• AT&T Phishing Scam
• Race Conditions and Multi-core processors
• An Alternative to the Current Credit System
• SpinRite Updates
• Chat (out of) Control

Show Notes - https://www.grc.com/sn/SN-971-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• canary.tools/twit - use code: TWIT
• lookout.com
• kolide.com/securitynow
• zscaler.com/zerotrustAI

• An update on the AT&T data breach
• 340,000 social security numbers leaked
• Cookie Notice Compliance
• The GDPR does enforce some transparency
• Physical router buttons
• Wifi enabled button pressers
• Netsecfish disclosure of Dlink NAS vulnerability
• Chrome bloat
• SpinRite update
• GhostRace

Show Notes - https://www.grc.com/sn/SN-970-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• kolide.com/securitynow
• bitwarden.com/twit
• vanta.com/SECURITYNOW
• 1bigthink.com

Out-of-support DLink NAS devices contain hard coded backdoor credentials

Privnote is not so "Priv"

Crowdfense is willing to pay millions

Engineers Pinpoint Cause of Voyager 1 Issue, Are Working on Solution

SpinRite Update

Minimum Viable Secure Product

Show Notes - https://www.grc.com/sn/SN-969-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• zscaler.com/zerotrustAI
• business.eset.com/twit
• lookout.com
• joindeleteme.com/twit promo code TWIT