• Picture of the Week.
• Most to least common 4-digit pins.
• Enhanced LORAN.
• Passkeys.
• Microsoft's Head in the Clouds.

Show Notes - https://www.grc.com/sn/SN-974-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• 1bigthink.com
• zscaler.com/zerotrustAI
• kolide.com/securitynow
• joindeleteme.com/twit promo code TWIT

• The vulnerability of GPS
• Is the sky falling on all VPN systems?
• Multi-user Passkeys, YubiKeys?
• The iCloud Keychain
• The UK and Google's Topics

Show Notes - https://www.grc.com/sn/SN-973-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Melissa.com/twit
• kolide.com/securitynow
• lookout.com
• bitwarden.com/twit

• GCHQ: No more default passwords for consumer IoT devices!
• What happened with Chrome and 3rd-party cookies?
• Race conditions and multi-threading
• GM "accidentally" enrolled millions into "OnStar Smart Driver +" program
• Steve recommends Ryk Brown's "Frontiers Saga"
• SpinRite update
• Passkeys: A Shattered Dream?

Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• business.eset.com/twit
• vanta.com/SECURITYNOW
• 1bigthink.com
• lookout.com

• What do you call "Stuxnet on steroids"??
• Voyager 1 update
• Android 15 to quarantine apps
• Thunderbird & Microsoft Exchange
• China bans Western encrypted messaging apps
• Gentoo says "no" to AI
• Cars collecting diving data
• Freezing your credit
• Investopedia
• Computer Science Abstractions
• Lazy People vs. Secure Systems
• Actalis issues free S/MIME certificates
• PIN Encryption
• DRAM and GhostRace
• AT&T Phishing Scam
• Race Conditions and Multi-core processors
• An Alternative to the Current Credit System
• SpinRite Updates
• Chat (out of) Control

Show Notes - https://www.grc.com/sn/SN-971-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• canary.tools/twit - use code: TWIT
• lookout.com
• kolide.com/securitynow
• zscaler.com/zerotrustAI

• An update on the AT&T data breach
• 340,000 social security numbers leaked
• Cookie Notice Compliance
• The GDPR does enforce some transparency
• Physical router buttons
• Wifi enabled button pressers
• Netsecfish disclosure of Dlink NAS vulnerability
• Chrome bloat
• SpinRite update
• GhostRace

Show Notes - https://www.grc.com/sn/SN-970-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• kolide.com/securitynow
• bitwarden.com/twit
• vanta.com/SECURITYNOW
• 1bigthink.com

Out-of-support DLink NAS devices contain hard coded backdoor credentials

Privnote is not so "Priv"

Crowdfense is willing to pay millions

Engineers Pinpoint Cause of Voyager 1 Issue, Are Working on Solution

SpinRite Update

Minimum Viable Secure Product

Show Notes - https://www.grc.com/sn/SN-969-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• zscaler.com/zerotrustAI
• business.eset.com/twit
• lookout.com
• joindeleteme.com/twit promo code TWIT

• A near-Universal (Local) Linux Elevation of Privilege vulnerability
• TechCrunch informed AT&T of a 5 year old data breach
• Signal to get very useful cloud backups
• Telegram to allow restricted incoming
• HP exits Russia ahead of schedule
• Advertisers are heavier users of Ad Blockers than average Americans!
• The Google Incognito Mode Lawsuit
• Canonical fights malicious Ubuntu store apps
• Spinrite update
• A Cautionary Tale

Show Notes - https://www.grc.com/sn/SN-968-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• 1bigthink.com
• kolide.com/securitynow
• Melissa.com/twit
• vanta.com/SECURITYNOW

• Apple vs U.S. DOJ
• G.M.'s Unbelievably Horrible Driver Data Sharing Ends
• Super Sushi Samurai
• Apple has effectively abandoned HomeKit Secure Routers
• The forthcoming ".INTERNAL" TLD
• The United Nations vs AI.
• Telegram now blocked throughout Spain
• Vancouver Pwn2Own 2024
• China warns of incoming hacks
• Annual Tax Season Phishing Deluge
• SpinRite update
• Authentication without a phone
• Are Passkeys quantum safe?
• GoFetch: The Unpatchable vulnerability in Apple chips

Show Notes - https://www.grc.com/sn/SN-967-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• zscaler.com/zerotrustAI
• bitwarden.com/twit
• canary.tools/twit - use code: TWIT
• panoptica.app
• kolide.com/securitynow