DiscoverSecurity Now (Audio)
Security Now (Audio)
Claim Ownership

Security Now (Audio)

Author: TWiT

Subscribed: 36,266Played: 541,631
Share

Description

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte.

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.
191 Episodes
Reverse
Picture of the Week. PayPal Credential Stuffing. iOS 16.3 : Cloud encryption for all. InfoSecurity Magazine: "ChatGPT Creates Polymorphic Malware". CheckPoint Research: OPWNAI : Cybercriminals Starting to Use ChatGPT. "Meta" fined for the third time. Bitwarden acquires "Passwordless.dev". Closing the Loop. SpinRite. Credential Reuse. Show Notes: https://www.grc.com/sn/SN-907-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: GO.ACILEARNING.COM/TWIT expressvpn.com/securitynow drata.com/twit
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two Show notes: https://www.grc.com/sn/sn-906-notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: plextrac.com/twit bitwarden.com/twit barracuda.com/securitynow
Picture of the Week. LastPass Aftermath. LastPass Vault De-Obfuscator. What more do we know this week regarding LastPass? The most alarming discovery by listeners. Understanding the scale of GPU-enhanced password cracking. On the true strength of passwords. Feedback from listeners regarding LastPass. Show Notes https://www.grc.com/sn/SN-905-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: tanium.com/twit drata.com/twit
Picture of the Week. SpinRite. Leaving LastPass. Is there reason for concern? Well known password cracker Jeremi Gosney's LastPass rant. Steve shares his plan regarding LastPass. What is Steve's next password manager? What should LastPass users do to protect themselves? Show Notes https://www.grc.com/sn/SN-904-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: fortra.com canary.tools/twit - use code: TWIT
Anatomy of a Log4j Exploit. Will Russia Disconnect? FCC Says Kaspersky Labs is a National Security Threat. Lenovo UEFI Firmware Troubles. That "Passkeys" Thing. Dis-CONTI-nued: The End of Conti? Steve's Take on the LastPass Breach. Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow kolide.com/securitynow
Picture of the Week. A malware operation known as URSNIF. Pwn2Own Toronto 2022. Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities. Patch Tuesday. Another Uber breach? Elon Botches 'Bot Blockage. Vivaldi integrates Mastodon in its desktop browser. 5,200 Dutch government warnings. CIB: "Coordinated Inauthentic Behavior" GitHub to require 2FA by the end of next year. Bye bye SHA-1. WordFence's VERY useful looking WordPress add-on vulnerability database. Closing The Loop. SpinRite. A Generic WAF Bypass. Show Notes https://www.grc.com/sn/SN-902-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: plextrac.com/twit
Picture of the Week. Chrome does Passkeys. SYNC.COM suffered its first outage. Medibank reboot. Totally fake cryptocurrency trading platforms. Malware on Telegram. Texas gets in on the TikTok banning. The LastPass class action lawsuit. Rackspace had a big embarrassing problem. Rackspace is now facing at least three class action lawsuits. Another country goes on the offensive. Closing The Loop. SpinRite. Miscellany. Apple Encrypts the Cloud. Show Notes https://www.grc.com/sn/SN-901-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow bitwarden.com/twit expressvpn.com/securitynow
Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil's full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. Android Platform Certs Escape. South Dakota says: No more Tik-Tok. Albania blames its IT staff. Good news on the memory safe languages front. Black Hat USA 2022. Another Chrome 0-day bites the dust. Anker's Eufy Camera debacle. An amazing-looking WiFi-6 router... $119. Elon really said this. Closing the Loop. SpinRite. LastPass Again.   Show Notes https://www.grc.com/sn/SN-900-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow canary.tools/twit - use code: TWIT plextrac.com/twit
Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The dilemma of closed-source Chinese networking products. The Cyber Defense Index. Malicious Docker Hub images. Since we've been tracking 0-days for a while. CISA on Mastodon. Miscellany. Closing The Loop. SpinRite. Show Notes https://www.grc.com/sn/SN-899-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow plextrac.com/twit nordlayer.com/twit
Picture of the Week. Firefox v107 was released last Tuesday. Google settles for a cool $391.5 million. Red Hat Signing its ZIP file Packages. The FBI purchased Pegasus for "research and development purposes". Greece bought Predator for €7 million. A passkeys support directory. Quantum decryption deadline. Attorneys General ask the FTC for online privacy regulation. Closing The Loop. SpinRite. Wi-Peep. Show Notes https://www.grc.com/sn/SN-898-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: tanium.com/twit barracuda.com/securitynow Secureworks.com/twit
Picture of the Week. Patch Tuesday review. Shennina Framework - Automating Host Exploitation with AI. GitHub's welcome new feature. Three LightSpeed vulnerabilities. Shufflecake: Plausible deniability encrypted Linux volumes. Australia has decided to get proactive! Apple's iOS 16.1.1 everyone file sharing time-limits to 10 minutes in China. A couple of Decentralized Finance notes because I can't help myself. "The Helm" was unable to survive COVID-19. Elon meets Twitter. Closing The Loop. SpinRite. Memory-Safe Languages. Show Notes - https://www.grc.com/sn/SN-897-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit expressvpn.com/securitynow grammarly.com/tone
Picture of the Week. A minor Dropbox breach. OpenSSL follow-up. FTC sued and settled with a repeated offender. $1.2 billion in reported ransomware payments during 2021. Akamai's Q3 Threat Report. Initial Access Brokerages. How do today's bank heists work? De-Fi De-struction De-jour. Russia moves to Linux. We're The Red Cross. Don't attack us, please! Where there's a will, there's a way. From China with Love. The UK's NCSC scan plan. Miscellany. Closing The Loop. SpinRite. We invite you to read our show notes at https://www.grc.com/sn/SN-896-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT drata.com/twit
Picture of the Week. Windows driver blocklist to be updated next Tuesday. More Microsoft shenanigans. An upcoming OpenSSL CRITICAL vulnerability update -- get ready! A new TCP/IP RCE in Windows. A study of malicious CVE proof of concept exploits in GitHub. "Stranger Strings" : An exploitable flaw in SQLite. PayPal to add support for Passkeys. A browser exploitation tutorial! Kathleen Booth: July 9th, 1922 – September 29, 2022. Closing The Loop. SpinRite. After 20 years in GCHQ. We invite you to read our show notes at https://www.grc.com/sn/SN-895-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: nordlayer.com/twit kolide.com/securitynow itpro.tv/securitynow
Picture of the Week. Firefox 106 is out. Google's Open Source IoT KataOS and Sparrow. This Week in CryptoCurrency Craziness. New Windows 0-day bypasses executable security checks. Apple's 9th 0-day of the year bites the dust. The evolutionary demise of banking malware. VMWare's Critical CVSS 9.8 Update. Closing The Loop. Miscellany. Data Breach Responsibility. We invite you to read our show notes at https://www.grc.com/sn/SN-894-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit Secureworks.com/twit barracuda.com/securitynow
Picture of the Week. Microsoft "Won't Fix". Malicious Kernel Drivers. Microsoft has finally added an RSS feed for Windows Updates! Passkeys [dot] Dev. Largest DDoS attack. Signal will be dropping its SMS/MMS support. Brute-force protection for Windows local admin accounts. Other than that... SpinRite. Closing The Loop. xchg rax, rax and "xorpd" ZimaBoard Goodness. Password Change Automation. We invite you to read our show notes at https://www.grc.com/sn/SN-893-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: wwt.com/twit canary.tools/twit - use code: TWIT expressvpn.com/securitynow
Picture of the Week. Breach of Customer Information Meta-targeted Malware Uber's Chief Security Officer Found Guilty More Cryptocurrency Chaos The UK to drop GDPR Summer Internship with the NSA Many Incident Responders are Stressed Out Microsoft's newest dual 0-day Exchange Fumbles SpinRite news ZimaBoard Closing the Loop Source Port Randomization We invite you to read our show notes at https://www.grc.com/sn/SN-892-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: Secureworks.com/twit newrelic.com/securitynow bitwarden.com/twit
Picture of the Week. (What Could Possibly Go Wrong) Microsoft Teams - Unecessarily Insecure Roskomnadzor blocks Soundcloud Microsoft Exchange Server Under Attack Again I'm (Still) Not a Robot! Google TAG History Closing the Loop Poisoning Akamai We invite you to read our show notes at https://www.grc.com/sn/SN-891-Notes.pdf   Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: ziprecruiter.com/securitynow itpro.tv/securitynow kolide.com/securitynow
Picture of the Week. Can't have it both ways. Denmark has become the fourth EU member to rule that the use of Google Analytics is illegal. Rockstar Games hacker is busted! Mozilla says: No fair! Vivaldi, Manifest V3, webRequest, and ad blockers. Sticky Chrome vulnerabilities. SMB authentication rate limiter now on by default in Windows Insider. US bill to secure FOSS software. Iran vs Albania. Closing The Loop. The Silver Ships. SpinRite. DarkNet Politics. We invite you to read our show notes at https://www.grc.com/sn/SN-890-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: grammarly.com/securitynow Secureworks.com/twit drata.com/twit
Picture of the Week. This is Patch News-Day. Lloyd's of London backing away from Cyber-Insurance. Uber Oops! Rockstar Games: Grand Theft Auto 6 Massive Leak. LastPass Breach Update. A CVSS 9.8 for WordPress. What cost, Security? Use-after-freedom: Google's "MiraclePtr" Closing The Loop. Spell-Jacking. We invite you to read our show notes at https://www.grc.com/sn/SN-889-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: barracuda.com/securitynow bitwarden.com/twit tanium.com/twit
Picture of the Week. Cyberwarfare: Albania vs Iran. Crypto Heist — this or that. The White House "Tech Platform Accountability" Listening Session. Changes to the Dutch Intelligence Law. Another QNAP mess. D-Link's being taken over by MooBot. Sci-Fi Discovery: "The Silver Ships". Closing The Loop. The EvilProxy Service. We invite you to read our show notes at https://www.grc.com/sn/SN-888-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow canary.tools/twit - use code: TWIT newrelic.com/securitynow
loading
Comments (32)

Helman Frow

I really wish there were timestamps in the show notes.

Nov 6th
Reply

Filipe Costa

LG gv 3f5mgk Hutt v5ggojlgvgvnngvrtfgvggggfflvgdrr4ftgtO texto copiado aparecerá automaticamente aquiFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixeFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaFixe os fragmentos de texto copiados para impedir que expirem após 1 horaO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aquiO texto copiado aparecerá automaticamente aqui#COVID19 #COVID19PT os fragmentos de texto copiados para impedir que expirem após 1 hora bbhybninthglol vb gig b

Jul 12th
Reply

Oliver Bleckmann

Bester Security Podcast IMHO

Jun 1st
Reply

Maryam Kamali

I really love listening to your podcasts and I love how enthusiastic Steve gets over some news and his voice is really cute 😍 I just wish you guys would give a short definitions of some acronyms or techniques you're talking about, so I won't need to pause and Google, specially when the room is dark 😀

Jan 14th
Reply

Neal Shaver

ms

Aug 18th
Reply

Ron King

Listen to this podcast, if you want to be entertained and updated on important Cybersecurity news

Aug 5th
Reply

David Kraft

I love you Steve but PISS OFF on the vaccine proof. not happening. you didn't do voting did you ?

Jun 2nd
Reply

Chris Abele

Seagate label: Koolhovenlaan is a street in the city of Tilburg, the Netherlands

Oct 2nd
Reply

David Kraft

I'm offended by the ignorance displayed in the thumbnail with the masq. now I'm wondering how ignorant the rest of the information is installing a petry dish in your airway is irresponsible and dangerous.

Sep 15th
Reply

Chris Abele

Evil M(a)IT attack

May 14th
Reply

Dghhfcb Vvdzthnk

Tracking is ridiculous and turning off your phone or factory resetting it defeats efforts which are not needed. Deaths while under the treatment of respirators should not be counted as this virus steals iron from the blood, it does not fill your lungs with fluids I am reading from doctors, which is necessary to use a ventilator! They give you paralyzing drugs and if your lungs are dry that machine has a 50% it will kill you, and your body will immediately cremated, nothing for trial lawyers to exhume? Epidemiological experts say this is just another flu, do not let these political hacks kill you as they ignore warnings mitigation efforts prolong the virus? That is why the bat lady from China on day one said try malaria drugs, they open a channel into the virus so zinc or something else can bind instead of oxygen robbing iron stolen from your body? Would you help politicians round up people to put them in killing machines they could blame on a virus? I don't think so. You delay respiratory virus long enough to pump the supply chain and put out a warning to the weak (2 weeks) then let it rip through the population in about 4 weeks it is done with 99% of the people getting a runny nose, that's it. Mass immunity. Drip drip drip drip mitigation efforts prolong the time 80+ year olds (those suspected most at risk) have to hide. A 30 year old vegan is not going to do well if not taking iron supplements and other vitamins, are they? We need common sense, not a dry run of the Chinese social credit scoring system.

Apr 15th
Reply

Sahil Bisht

stop taking long breakkkkkk

Dec 24th
Reply

Richard Smith

I used to enjoy this show. Now it's become the "I like to insert my politics into everything - Leo" show. Stick to the core subject! Even Steve sounds uncomfortable.

Nov 9th
Reply

Bryan

A great tech podcast thanks to Steve Gibson. Leo Laporte lets him speak in depth without getting in the way unlike some of the other TWIT podcasts.

Oct 10th
Reply

Fred Twigt

How about Syncthing?

Aug 11th
Reply

La Shaun Pearl

zoa

Jan 4th
Reply

Steven Dx

Another poorly done show discussing constitutional rights. The fifth amendment and right to remain silent is not affected by a judge issuing a warrant. Encryption is a right, and the movie `Breach' and historical events such as WWII demonstrate not all politicians or government employees can be trusted, establishing the need for such protections. This requires we do things like not have open borders, or limit the damage from crime like carry a concealed weapon. No encryption should be considered secure, as even so called heavily reviewed open source programs have existed for years with flaws. But conceptually, the 5th amendment affirms the fourth and adds another layer of protection. This is a serious concept to understand as it requires we label decrypted documents as violations of the fifth amendment, as the act of decryption is compelling a person to testify against one self. Par for course in an age of amnesia by so many public servants? Review of the facebook bug was fake news as Facebook claimed they did not know which users were affected when servers have logs? Steve just shoved that under the carpet? palm face. children photos are not poker cards.

Dec 23rd
Reply

Steve D

great show. no no no no google. If you want native apps that can read and write files, develop a native app. You can not remove the sandbox, in fact they need to fix Android shared spaces, especially sd cards. If you did try this, it would have to be a folder for each web site sand boxed to no execute, no wildcard or directory tranversal. folder www.google.com pic.jpg doc.pdf no system files no java script sub folder adsense.www.google.com So just like you delete cookies, poof! you can erase folders (they want cookies users can not delete). great show pointing this stuff out. also perms specific to not only web sites but web pages. you may not want softcondomsfakesite.com access to mail.google.com! why am i writing this, are we all that stupid now?

Dec 7th
Reply

Steve D

so if steve posts 1 gigabyte video on grc.com he should be forced to host to 4 billion ip addresses if they want it @ $5000 a day or would he want to 'throttle' that? Twisting fcc and doj rules as described in podcast demonstrate steve does not understand legal language. sad.

Oct 5th
Reply

Steve Xxx

I like the long format that allows a sense of humor and there is not someone screaming "abandon ship" every five minutes. Steve does a great foundation up approach, and that takes hand holding sometimes. The latest episode with Chrome (I am actually thinking banning that browser on my websites), highlights that auto updates can be more dangerous than traditional malware attacks. The autoupdate pushed malware into systems unkown to the attackers that were clean. Even worse, we dont know if or when malware is rolled back, horrors, if one not paying attention. So something like a password manager, that auto updates itself, could disable certificate protections, phone back to home base, then roll back changes, as even code signing, can be part of the vector for clever attacks. We need out of the box security, and a nice bon fire of all the published document "worse is better". Google is off the rails with subdomains and search bar formatting. None of their business, and created security problems, such as "what am I looking at". Years ago I not only deleted the executible for Google product updates on Windows, but other vendors too. I need to know when updates are done so I can do the backup of the system. Very sloppy practices by tech people who develop code in insecure environments, lack of training, etc. Stop expecting to update products, and dont package the entire C language in your interperters when all I need are simple graphics, text handling, and no object based, or network tools. A web browser should not have any scripting language in my opinion, as people are abusing that system, running up to 120 scripts per page ( especially support pages of Chinese firms)! I would rather have server overhead, then broken trust and crippled networks.

Sep 13th
Reply
Download from Google Play
Download from App Store