logo
episode-header-image
May 2024
2h 11m

SN 972: Passkeys: A Shattered Dream? - I...

TWiT
About this episode
  • GCHQ: No more default passwords for consumer IoT devices!
  • What happened with Chrome and 3rd-party cookies?
  • Race conditions and multi-threading
  • GM "accidentally" enrolled millions into "OnStar Smart Driver +" program
  • Steve recommends Ryk Brown's "Frontiers Saga"
  • SpinRite update
  • Passkeys: A Shattered Dream?

Show Notes - https://www.grc.com/sn/SN-972-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Up next
Feb 2025
SN 1014: FREEDOM Administration Login - Apple's UK Privacy Showdown, $1.5 Billion Crypto Heist
Apple disables Advanced Data Protection for new UK users. Paying ransoms is not as cut and dried as we might imagine. Elon Musk's "X" social media blocks "Signal.me" links. Spain's soccer league blocks Cloudflare and causes a mess. Two new (and rare) vulnerabilities discovered in ... Show More
2h 39m
Feb 2025
SN 1011: Jailbreaking AI - Deepseek, "ROUTERS" Act, Zyxel Vulnerability
Why was DeepSeek banned by Italian authorities? What internal proprietary DeepSeek data was found online? What is "DeepSeek" anyway? Why do we care, and what does it mean? Did Microsoft just make OpenAI's strong model available for free? Google explains how generative AI can be a ... Show More
3h 1m
Dec 2024
SN 1006: Best of 2024 - Apple's Secret Backdoor, CrowdStrike Catastrophe, Recall's Privacy Nightmare
Leo revisits some of the year's top Security Now segments of 2024. 956. Apple's Hardware Backdoor: Steve reflects on the previous week's 'The Mystery of CVE-2023-38606' deep-dive. Did Apple deliberately designed a secure backdoor? 960. Unforeseen Consequences of Google's 3rd-part ... Show More
2h 32m
Recommended Episodes
Aug 2023
549: Unauthorized Trash Can
<ul> <li>Pre-show: <ul> <li>Marco&#8217;s box truck <ul> <li><a href="https://truckmap.com">TruckMap</a></li> <li><a href="http://truckerpath.com">Trucker Path</a></li> </ul></li> </ul></li> <li>🗣️ New <a href="https://atp.fm/survey">ATP Membership Survey</a> 🗣️<br /> (Thi ... Show More
1h 59m
Dec 2024
When AI goes offline.
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. “AuthQuake” allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophistica ... Show More
27m 10s
Sep 2
Blizzard warning: Amazon freezes midnight hack.
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claim ... Show More
32m 11s
May 2025
Episode 537: Userlist with Benedikt Deicke
Benedikt used to be a freelance software engineer and co-founded Userlist in 2017 as a side project with his co-founder Jane Portman. They went full-time on it in 2020. Benedikt enjoys database query optimization just as much as pushing around pixels on the front-end Show Notes * ... Show More
28m 17s
Mar 2024
578: Weird Can Be Beautiful
Pre-show: ATP Overtime ATP Insider: John’s Windows ATP 96: The Windows of Siracusa County ATP Membership FAQ AppStories Follow-up: Callsheet available on visionOS “Put me on Aux” (via Sam Davies) Spotify & free users (via Colin Meney) 256 GB M3 MacBook Air has 2× 128 GB NAND chip ... Show More
1h 51m
Feb 2025
Hacked in plain sight.
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGE’s negligent cybersecurity practices. Critical vuln ... Show More
24m 56s
Jan 2025
Siri Settlement, $60 Fitness Tracker & WiFi Password Worries
Rich talks about the Apple eavesdropping settlement. Here’s how to adjust the privacy settings on your smart devices like Siri, Google Assistant and Alexa. Joe in Riverside wants to know if the LG M4 OLED TV will go on sale in the U.S. Samsung’s $60 Galaxy Fit3 goes on sale in th ... Show More
1h 46m
Listen to millions of songs and podcasts on Anghami