SN 1020: Multi-Perspective Issuance Corroboration - IoT Done Right, France Phishes, Gmails E2EE
Security Now (Audio)
Leo Laporte
4.6 • 2.1K Ratings
🗓️ 8 April 2025
⏱️ 188 minutes
🧾️ Download transcript
Summary
- Canon printer driver vulnerabilities enable Windows kernel exploitation.
- Astonishing cyber-security awareness from a household appliance manufacturer.
- France tries to hook 2.5 million school children with a Phishing test.
- Wordpress added an abuse prone feature in 2022. Guess what happened?
- Oracle? Is there something you'd like to tell us?
- Utah's governor just signed the App Store Accountability Act. Now what?
- AI bots hungry for new data are DDoSing FOSS projects.
- No Microsoft Account? No Microsoft Windows 11.
- Gmail claims it now offers E2EE. It kinda sorta does. Somewhat.
- A dreaded CVSS 10.0 was discovered in Apache Parquet.
- A bunch of terrific listener feedback.
- What's Multi-Perspective Issuance Corroboration and why must all certificate authorities now do it?
Show Notes - https://www.grc.com/sn/SN-1020-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's time for security now. Steve Gibson is here. |
| 0:02.5 | Lodged to talk about, including a 10.0 CVSS score for a problem in Apache Parquet. |
| 0:10.7 | French school children are not gullible, it turns out. |
| 0:13.6 | The French government tried to trick them and failed. |
| 0:16.2 | And then we'll find out what multi-perspective issuance corroboration is and why you might need it. |
| 0:21.9 | That and a whole lot more. |
| 0:23.0 | Coming up next on Security Now. |
| 0:27.5 | Podcasts you love. |
| 0:29.2 | From people you trust. |
| 0:31.6 | This is Twitter. |
| 0:42.5 | This is Security Now with Steve Gibson. |
| 0:49.7 | Episode 120 recorded April 8th, 2025, multi-perspective issuance corroboration. |
| 0:55.6 | It's time for security now, the show we talk about your safety, your privacy, your security, |
| 1:01.1 | and a bunch of other stuff that geeks are interested in. With this guy right here, I think you officially are the king of geeks, Steve Gibson. I would wear that badge proudly, Leo. Wouldn't you? |
| 1:07.8 | Yes, I would. You have earned it over the years. |
| 1:13.2 | Now 70 of them. |
| 1:13.9 | Congratulations. |
| 1:14.6 | That's amazing. We had a listener who had a T-shirt made and sent me a photo. |
| 1:20.3 | Just say no to Port 80. |
| 1:23.2 | Ha, ha. |
| 1:23.6 | I love it. |
| 1:24.8 | From last week's podcast, which reminded me I had some made a while ago that just said |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.