logo
episode-header-image
May 2024
2h 11m

SN 972: Passkeys: A Shattered Dream? - I...

TWiT
About this episode
  • GCHQ: No more default passwords for consumer IoT devices!
  • What happened with Chrome and 3rd-party cookies?
  • Race conditions and multi-threading
  • GM "accidentally" enrolled millions into "OnStar Smart Driver +" program
  • Steve recommends Ryk Brown's "Frontiers Saga"
  • SpinRite update
  • Passkeys: A Shattered Dream?

Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
Oct 7
SN 1046: Google's Developer Registration Decree - The End of Free Android Apps?
Google's new demand for developer registration could spell the end for open-source app stores, while Europe's controversial chat control vote threatens privacy for everyone—Steve and Leo break down what's at stake for devs and users alike. Qantas says no one can releak their stol ... Show More
2h 31m
Sep 30
SN 1045: News and Listener Views - 2.3 Million Cisco Devices Exposed
Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering fal ... Show More
2h 49m
Sep 23
SN 1044: The EU's Online Age Verification - Consumer Reports vs. Microsoft
Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal fl ... Show More
3h 1m
Recommended Episodes
Aug 2023
549: Unauthorized Trash Can
Pre-show: Marco’s box truck TruckMap Trucker Path 🗣️ New ATP Memership Survey 🗣️ (For everyone, not just members) 🗣️ New member special: ATP Tier List: Every iMac 🗣️ Follow-up: iMac Tier List Intel Core vs. Core 2 ∆s (via Michael Gabriel) Marco claims vindication Core Duo Gee ... Show More
1h 59m
Dec 2024
When AI goes offline.
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophistica ... Show More
33m 10s
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
May 2025
Episode 537: Userlist with Benedikt Deicke
Benedikt used to be a freelance software engineer and co-founded Userlist in 2017 as a side project with his co-founder Jane Portman. They went full-time on it in 2020. Benedikt enjoys database query optimization just as much as pushing around pixels on the front-end Show Notes * ... Show More
28m 17s
Mar 2024
578: Weird Can Be Beautiful
Pre-show: ATP Overtime ATP Insider: John’s Windows ATP 96: The Windows of Siracusa County ATP Membership FAQ AppStories Follow-up: Callsheet available on visionOS “Put me on Aux” (via Sam Davies) Spotify & free users (via Colin Meney) 256 GB M3 MacBook Air has 2× 128 GB NAND chip ... Show More
1h 51m
Feb 2025
Hacked in plain sight.
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vuln ... Show More
30m 56s
Jan 2025
Siri Settlement, $60 Fitness Tracker & WiFi Password Worries
Rich talks about the Apple eavesdropping settlement. Here’s how to adjust the privacy settings on your smart devices like Siri, Google Assistant and Alexa. Joe in Riverside wants to know if the LG M4 OLED TV will go on sale in the U.S. Samsung’s $60 Galaxy Fit3 goes on sale in th ... Show More
1h 46m
Listen to millions of songs and podcasts on Anghami