Discover
Security Now (Audio)

Security Now (Audio)
Author: TWiT
Subscribed: 36,266Played: 541,631Subscribe
Share
© This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
Description
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
191 Episodes
Reverse
Picture of the Week.
PayPal Credential Stuffing.
iOS 16.3 : Cloud encryption for all.
InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware".
CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT.
"Meta" fined for the third time.
Bitwarden acquires "Passwordless.dev".
Closing the Loop.
SpinRite.
Credential Reuse.
Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
GO.ACILEARNING.COM/TWIT
expressvpn.com/securitynow
drata.com/twit
Picture of the Week
About Password Iterations
EBC or CB
Norton Lifelock Troubles
Chrome Follows Microsoft and Firefox
Chromium is Beginning to Rust
BYOVD and Windows Defender Failures
Closing the Loop (feedback)
The Rule of Two
Show notes: https://www.grc.com/sn/sn-906-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
plextrac.com/twit
bitwarden.com/twit
barracuda.com/securitynow
Picture of the Week.
LastPass Aftermath.
LastPass Vault De-Obfuscator.
What more do we know this week regarding LastPass?
The most alarming discovery by listeners.
Understanding the scale of GPU-enhanced password cracking.
On the true strength of passwords.
Feedback from listeners regarding LastPass.
Show Notes https://www.grc.com/sn/SN-905-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
tanium.com/twit
drata.com/twit
Picture of the Week.
SpinRite.
Leaving LastPass.
Is there reason for concern?
Well known password cracker Jeremi Gosney's LastPass rant.
Steve shares his plan regarding LastPass.
What is Steve's next password manager?
What should LastPass users do to protect themselves?
Show Notes https://www.grc.com/sn/SN-904-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
fortra.com
canary.tools/twit - use code: TWIT
Anatomy of a Log4j Exploit.
Will Russia Disconnect?
FCC Says Kaspersky Labs is a National Security Threat.
Lenovo UEFI Firmware Troubles.
That "Passkeys" Thing.
Dis-CONTI-nued: The End of Conti?
Steve's Take on the LastPass Breach.
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
expressvpn.com/securitynow
kolide.com/securitynow
Picture of the Week.
A malware operation known as URSNIF.
Pwn2Own Toronto 2022.
Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities.
Patch Tuesday.
Another Uber breach?
Elon Botches 'Bot Blockage.
Vivaldi integrates Mastodon in its desktop browser.
5,200 Dutch government warnings.
CIB: "Coordinated Inauthentic Behavior"
GitHub to require 2FA by the end of next year.
Bye bye SHA-1.
WordFence's VERY useful looking WordPress add-on vulnerability database.
Closing The Loop.
SpinRite.
A Generic WAF Bypass.
Show Notes https://www.grc.com/sn/SN-902-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsor:
plextrac.com/twit
Picture of the Week.
Chrome does Passkeys.
SYNC.COM suffered its first outage.
Medibank reboot.
Totally fake cryptocurrency trading platforms.
Malware on Telegram.
Texas gets in on the TikTok banning.
The LastPass class action lawsuit.
Rackspace had a big embarrassing problem.
Rackspace is now facing at least three class action lawsuits.
Another country goes on the offensive.
Closing The Loop.
SpinRite.
Miscellany.
Apple Encrypts the Cloud.
Show Notes https://www.grc.com/sn/SN-901-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
barracuda.com/securitynow
bitwarden.com/twit
expressvpn.com/securitynow
Picture of the Week.
Don't mess with Australia.
Facebook / Meta fined by Ireland.
REvil's full Medibank dump.
Is nothing sacred?
Mozilla yanks a (no longer) trusted root.
Android Platform Certs Escape.
South Dakota says: No more Tik-Tok.
Albania blames its IT staff.
Good news on the memory safe languages front.
Black Hat USA 2022.
Another Chrome 0-day bites the dust.
Anker's Eufy Camera debacle.
An amazing-looking WiFi-6 router... $119.
Elon really said this.
Closing the Loop.
SpinRite.
LastPass Again.
Show Notes https://www.grc.com/sn/SN-900-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
itpro.tv/securitynow
canary.tools/twit - use code: TWIT
plextrac.com/twit
Picture of the Week.
iSpoof you no more.
Here come the Freebie Bots!
Anatomy of the real-time Cryptocurrency heist.
Lookin' for something to do?
Boa server vulnerability.
The dilemma of closed-source Chinese networking products.
The Cyber Defense Index.
Malicious Docker Hub images.
Since we've been tracking 0-days for a while.
CISA on Mastodon.
Miscellany.
Closing The Loop.
SpinRite.
Show Notes https://www.grc.com/sn/SN-899-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
kolide.com/securitynow
plextrac.com/twit
nordlayer.com/twit
Picture of the Week.
Firefox v107 was released last Tuesday.
Google settles for a cool $391.5 million.
Red Hat Signing its ZIP file Packages.
The FBI purchased Pegasus for "research and development purposes".
Greece bought Predator for €7 million.
A passkeys support directory.
Quantum decryption deadline.
Attorneys General ask the FTC for online privacy regulation.
Closing The Loop.
SpinRite.
Wi-Peep.
Show Notes https://www.grc.com/sn/SN-898-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
tanium.com/twit
barracuda.com/securitynow
Secureworks.com/twit
Picture of the Week.
Patch Tuesday review.
Shennina Framework - Automating Host Exploitation with AI.
GitHub's welcome new feature.
Three LightSpeed vulnerabilities.
Shufflecake: Plausible deniability encrypted Linux volumes.
Australia has decided to get proactive!
Apple's iOS 16.1.1 everyone file sharing time-limits to 10 minutes in China.
A couple of Decentralized Finance notes because I can't help myself.
"The Helm" was unable to survive COVID-19.
Elon meets Twitter.
Closing The Loop.
SpinRite.
Memory-Safe Languages.
Show Notes - https://www.grc.com/sn/SN-897-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
bitwarden.com/twit
expressvpn.com/securitynow
grammarly.com/tone
Picture of the Week.
A minor Dropbox breach.
OpenSSL follow-up.
FTC sued and settled with a repeated offender.
$1.2 billion in reported ransomware payments during 2021.
Akamai's Q3 Threat Report.
Initial Access Brokerages.
How do today's bank heists work?
De-Fi De-struction De-jour.
Russia moves to Linux.
We're The Red Cross. Don't attack us, please!
Where there's a will, there's a way.
From China with Love.
The UK's NCSC scan plan.
Miscellany.
Closing The Loop.
SpinRite.
We invite you to read our show notes at https://www.grc.com/sn/SN-896-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
canary.tools/twit - use code: TWIT
drata.com/twit
Picture of the Week.
Windows driver blocklist to be updated next Tuesday.
More Microsoft shenanigans.
An upcoming OpenSSL CRITICAL vulnerability update -- get ready!
A new TCP/IP RCE in Windows.
A study of malicious CVE proof of concept exploits in GitHub.
"Stranger Strings" : An exploitable flaw in SQLite.
PayPal to add support for Passkeys.
A browser exploitation tutorial!
Kathleen Booth: July 9th, 1922 – September 29, 2022.
Closing The Loop.
SpinRite.
After 20 years in GCHQ.
We invite you to read our show notes at https://www.grc.com/sn/SN-895-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
nordlayer.com/twit
kolide.com/securitynow
itpro.tv/securitynow
Picture of the Week.
Firefox 106 is out.
Google's Open Source IoT KataOS and Sparrow.
This Week in CryptoCurrency Craziness.
New Windows 0-day bypasses executable security checks.
Apple's 9th 0-day of the year bites the dust.
The evolutionary demise of banking malware.
VMWare's Critical CVSS 9.8 Update.
Closing The Loop.
Miscellany.
Data Breach Responsibility.
We invite you to read our show notes at https://www.grc.com/sn/SN-894-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
drata.com/twit
Secureworks.com/twit
barracuda.com/securitynow
Picture of the Week.
Microsoft "Won't Fix".
Malicious Kernel Drivers.
Microsoft has finally added an RSS feed for Windows Updates!
Passkeys [dot] Dev.
Largest DDoS attack.
Signal will be dropping its SMS/MMS support.
Brute-force protection for Windows local admin accounts.
Other than that...
SpinRite.
Closing The Loop.
xchg rax, rax and "xorpd"
ZimaBoard Goodness.
Password Change Automation.
We invite you to read our show notes at https://www.grc.com/sn/SN-893-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
wwt.com/twit
canary.tools/twit - use code: TWIT
expressvpn.com/securitynow
Picture of the Week.
Breach of Customer Information
Meta-targeted Malware
Uber's Chief Security Officer Found Guilty
More Cryptocurrency Chaos
The UK to drop GDPR
Summer Internship with the NSA
Many Incident Responders are Stressed Out
Microsoft's newest dual 0-day Exchange Fumbles
SpinRite news
ZimaBoard
Closing the Loop
Source Port Randomization
We invite you to read our show notes at https://www.grc.com/sn/SN-892-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Secureworks.com/twit
newrelic.com/securitynow
bitwarden.com/twit
Picture of the Week. (What Could Possibly Go Wrong)
Microsoft Teams - Unecessarily Insecure
Roskomnadzor blocks Soundcloud
Microsoft Exchange Server Under Attack Again
I'm (Still) Not a Robot!
Google TAG History
Closing the Loop
Poisoning Akamai
We invite you to read our show notes at https://www.grc.com/sn/SN-891-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
ziprecruiter.com/securitynow
itpro.tv/securitynow
kolide.com/securitynow
Picture of the Week.
Can't have it both ways.
Denmark has become the fourth EU member to rule that the use of Google Analytics is illegal.
Rockstar Games hacker is busted!
Mozilla says: No fair!
Vivaldi, Manifest V3, webRequest, and ad blockers.
Sticky Chrome vulnerabilities.
SMB authentication rate limiter now on by default in Windows Insider.
US bill to secure FOSS software.
Iran vs Albania.
Closing The Loop.
The Silver Ships.
SpinRite.
DarkNet Politics.
We invite you to read our show notes at https://www.grc.com/sn/SN-890-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
grammarly.com/securitynow
Secureworks.com/twit
drata.com/twit
Picture of the Week.
This is Patch News-Day.
Lloyd's of London backing away from Cyber-Insurance.
Uber Oops!
Rockstar Games: Grand Theft Auto 6 Massive Leak.
LastPass Breach Update.
A CVSS 9.8 for WordPress.
What cost, Security?
Use-after-freedom: Google's "MiraclePtr"
Closing The Loop.
Spell-Jacking.
We invite you to read our show notes at https://www.grc.com/sn/SN-889-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
barracuda.com/securitynow
bitwarden.com/twit
tanium.com/twit
Picture of the Week.
Cyberwarfare: Albania vs Iran.
Crypto Heist — this or that.
The White House "Tech Platform Accountability" Listening Session.
Changes to the Dutch Intelligence Law.
Another QNAP mess.
D-Link's being taken over by MooBot.
Sci-Fi Discovery: "The Silver Ships".
Closing The Loop.
The EvilProxy Service.
We invite you to read our show notes at https://www.grc.com/sn/SN-888-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now! at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
expressvpn.com/securitynow
canary.tools/twit - use code: TWIT
newrelic.com/securitynow
I really wish there were timestamps in the show notes.
LG gv 3f5mgk Hutt v5ggojlgvgvnngvrtfgvggggfflvgdrr4ftgtO texto copiado aparecerá automaticamente aquiFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixeFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aqui#COVID19 #COVID19PT os fragmentos de texto copiados para impedir que expirem após 1 hora bbhybninthglol vb gig b
Bester Security Podcast IMHO
I really love listening to your podcasts and I love how enthusiastic Steve gets over some news and his voice is really cute 😍 I just wish you guys would give a short definitions of some acronyms or techniques you're talking about, so I won't need to pause and Google, specially when the room is dark 😀
ms
Listen to this podcast, if you want to be entertained and updated on important Cybersecurity news
I love you Steve but PISS OFF on the vaccine proof. not happening. you didn't do voting did you ?
Seagate label: Koolhovenlaan is a street in the city of Tilburg, the Netherlands
I'm offended by the ignorance displayed in the thumbnail with the masq. now I'm wondering how ignorant the rest of the information is installing a petry dish in your airway is irresponsible and dangerous.
Evil M(a)IT attack
Tracking is ridiculous and turning off your phone or factory resetting it defeats efforts which are not needed. Deaths while under the treatment of respirators should not be counted as this virus steals iron from the blood, it does not fill your lungs with fluids I am reading from doctors, which is necessary to use a ventilator! They give you paralyzing drugs and if your lungs are dry that machine has a 50% it will kill you, and your body will immediately cremated, nothing for trial lawyers to exhume? Epidemiological experts say this is just another flu, do not let these political hacks kill you as they ignore warnings mitigation efforts prolong the virus? That is why the bat lady from China on day one said try malaria drugs, they open a channel into the virus so zinc or something else can bind instead of oxygen robbing iron stolen from your body? Would you help politicians round up people to put them in killing machines they could blame on a virus? I don't think so. You delay respiratory virus long enough to pump the supply chain and put out a warning to the weak (2 weeks) then let it rip through the population in about 4 weeks it is done with 99% of the people getting a runny nose, that's it. Mass immunity. Drip drip drip drip mitigation efforts prolong the time 80+ year olds (those suspected most at risk) have to hide. A 30 year old vegan is not going to do well if not taking iron supplements and other vitamins, are they? We need common sense, not a dry run of the Chinese social credit scoring system.
stop taking long breakkkkkk
I used to enjoy this show. Now it's become the "I like to insert my politics into everything - Leo" show. Stick to the core subject! Even Steve sounds uncomfortable.
A great tech podcast thanks to Steve Gibson. Leo Laporte lets him speak in depth without getting in the way unlike some of the other TWIT podcasts.
How about Syncthing?
zoa
Another poorly done show discussing constitutional rights. The fifth amendment and right to remain silent is not affected by a judge issuing a warrant. Encryption is a right, and the movie `Breach' and historical events such as WWII demonstrate not all politicians or government employees can be trusted, establishing the need for such protections. This requires we do things like not have open borders, or limit the damage from crime like carry a concealed weapon. No encryption should be considered secure, as even so called heavily reviewed open source programs have existed for years with flaws. But conceptually, the 5th amendment affirms the fourth and adds another layer of protection. This is a serious concept to understand as it requires we label decrypted documents as violations of the fifth amendment, as the act of decryption is compelling a person to testify against one self. Par for course in an age of amnesia by so many public servants? Review of the facebook bug was fake news as Facebook claimed they did not know which users were affected when servers have logs? Steve just shoved that under the carpet? palm face. children photos are not poker cards.
great show. no no no no google. If you want native apps that can read and write files, develop a native app. You can not remove the sandbox, in fact they need to fix Android shared spaces, especially sd cards. If you did try this, it would have to be a folder for each web site sand boxed to no execute, no wildcard or directory tranversal. folder www.google.com pic.jpg doc.pdf no system files no java script sub folder adsense.www.google.com So just like you delete cookies, poof! you can erase folders (they want cookies users can not delete). great show pointing this stuff out. also perms specific to not only web sites but web pages. you may not want softcondomsfakesite.com access to mail.google.com! why am i writing this, are we all that stupid now?
so if steve posts 1 gigabyte video on grc.com he should be forced to host to 4 billion ip addresses if they want it @ $5000 a day or would he want to 'throttle' that? Twisting fcc and doj rules as described in podcast demonstrate steve does not understand legal language. sad.
I like the long format that allows a sense of humor and there is not someone screaming "abandon ship" every five minutes. Steve does a great foundation up approach, and that takes hand holding sometimes. The latest episode with Chrome (I am actually thinking banning that browser on my websites), highlights that auto updates can be more dangerous than traditional malware attacks. The autoupdate pushed malware into systems unkown to the attackers that were clean. Even worse, we dont know if or when malware is rolled back, horrors, if one not paying attention. So something like a password manager, that auto updates itself, could disable certificate protections, phone back to home base, then roll back changes, as even code signing, can be part of the vector for clever attacks. We need out of the box security, and a nice bon fire of all the published document "worse is better". Google is off the rails with subdomains and search bar formatting. None of their business, and created security problems, such as "what am I looking at". Years ago I not only deleted the executible for Google product updates on Windows, but other vendors too. I need to know when updates are done so I can do the backup of the system. Very sloppy practices by tech people who develop code in insecure environments, lack of training, etc. Stop expecting to update products, and dont package the entire C language in your interperters when all I need are simple graphics, text handling, and no object based, or network tools. A web browser should not have any scripting language in my opinion, as people are abusing that system, running up to 120 scripts per page ( especially support pages of Chinese firms)! I would rather have server overhead, then broken trust and crippled networks.