SN 1027: Artificial Intelligence - The Status of Encrypted Client Hello
What the status of Encrypted Client Hello (ECH)?
What radio technology would be best for remote inverter shutdown?
Some DNS providers already block newly listed domains.
Knowing when not to click a link can take true understanding.
Why can losing a small portion of a power grid bring the rest down?
Where are we in the "AI Hype Cycle" and is this the first?
Speaking of hype: An AI system resorted to blackmail?
Why are we so quick to imbue AI with awareness?
ChatGPT's latest o3 model ignored the order to shutdown.
Copilot may not be making Windows core code any better.
Venice.AI is an unfiltered and unrestrained LLM
Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
outsystems.com/twit
threatlocker.com for Security Now
canary.tools/twit - use code: TWIT
hoxhunt.com/securitynow
1password.com/securitynow
-------- Â
2:54:28
SN 1026: Rogue Comms Tech Found in US Power Grid - Is AI Replicating Itself?
Chrome to actively refuse admin privileges.
Android Messenger is getting manual key verification.
Pwn2Own to add AI "pwning" as in-scope attack targets.
AI has already been found to be replicating.
Microsoft not killing off Office on Win10 after October.
23andMe's asset purchaser revealed.
Many fun talking points thanks to our listeners.
Steve's review of "Andor", season 2.
What's been discovered inside the U.S. power grid
Show Notes - https://www.grc.com/sn/SN-1026-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
bigid.com/securitynow
material.security
joindeleteme.com/twit promo code TWIT
bitwarden.com/twit
drata.com/securitynow
-------- Â
2:47:03
SN 1025: Secure Conversation Records Retention - FBI Says to Toss Your Old Router
The state of Virginia passes an age-restriction law that has no chance.
New Zealand also tries something similar, citing Australia's lead.
A nasty Python package for Discord survived 3 years and 11K downloads.
The FBI says it's a good idea to discard end-of-life consumer routers.
What's in WhatsApp? Finding out was neither easy nor certain.
The UK's Cyber Centre says AI promises to make things much worse.
A bunch of great feedback from our great listeners, then:
Is true end-to-end encryption possible when records must be retained?
Show Notes - https://www.grc.com/sn/SN-1025-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
threatlocker.com for Security Now
uscloud.com
hoxhunt.com/securitynow
canary.tools/twit - use code: TWIT
-------- Â
2:44:17
SN 1024: Don't Blame Signal - The Real Story Behind the TM SGNL Breach
Microsoft to officially abandon passwords and support their deletion.
Meta's RayBan smart glasses weaken their privacy terms.
30% of Microsoft code is now being written by AI.
Google says prying Chrome from it will damage its security.
Nearly 1,000 six-year-old eCommerce backdoors spring to life.
eM Client moves to version 10.3
A bunch of terrific listener feedback creates talking points.
A little-known, insecure message archiving service comes to light.
Show Notes - https://www.grc.com/sn/sn-1024-notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
bitwarden.com/twit
joindeleteme.com/twit promo code TWIT
drata.com/securitynow
material.security
threatlocker.com/twit
-------- Â
2:46:22
SN 1023: Preventing Windows Sandbox Abuse - Microsoft Says "Don't Delete This Folder"
Why did a mysterious empty "inetpub" directory appear after April's Patch Tuesday?
And what new Windows Update crashing hack did this also create?
North Korea is now creating fake US companies to lure would-be employees.
The "Inception" attack subverts all GPT conversational AIs.
New information about data loss in unpowered SSD mass storage.
Lots of terrific feedback from our listeners.
How malware has taken to hiding inside the Windows Sandbox and what you can do to stop it
Show Notes - https://www.grc.com/sn/SN-1023-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
legatosecurity.com
threatlocker.com for Security Now
outsystems.com/twit
hoxhunt.com/securitynow
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week.
Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
South Africa