SN 960: Unforeseen Consequences - CISA's "Secure by Design" Initiative, Fastly's BoringSSL
Security Now (Audio)
Leo Laporte
4.6 • 2.1K Ratings
🗓️ 6 February 2024
⏱️ 124 minutes
🧾️ Download transcript
Summary
- CISA's "Secure by Design" Initiative
- The GNU C Library Flaw
- Fastly CDN switches from OpenSSL to BoringSSL
- Roskomnadzor asserts itself
- Google updates Android's Password Manager
- Firefox gets post-quantum crypto
- Get your TOTP tokens from LastPass
- Inflated iOS app data
- LearnDMARC
- Sync mobile app bug
- SpinRite and Windows Defender
- Crypto signing camera
- Analog hole in digital camera authentication
- iOS and Google's Topics
- The gathering of the Stephvens
- Programmable Logic Controllers
- SpinRite update
- Malware-infected Toothbrush
- The Unforeseen Consequences of Google's 3rd-party Cookie Cutoff
Show Notes - https://www.grc.com/sn/SN-960-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Transcript
Click on a timestamp to play from that location
| 0:00.0 | It's time for security now Steve Gibson is ready. He's got some great stuff to talk about |
| 0:05.0 | including the new CISA recommendations for home routers. I hope they're adopted. |
| 0:12.0 | A massive flaw that really affects every version of Linux. |
| 0:17.0 | It's being patched or has been patched, but you should know about it. |
| 0:21.0 | Post quantum crypto added to our favorite browser and then an unforeseen |
| 0:26.7 | consequence of Google's new anti-tracking changes. That's all coming up next on |
| 0:31.4 | security now. That's all coming up next on Security Now. Podcasts you love. |
| 0:36.4 | From people you trust. |
| 0:38.4 | This is Twit. This is security now with Steve Gibson. |
| 0:47.0 | Episode 960, recorded Tuesday, February 6, 2024, unforeseen consequences. |
| 0:57.4 | Security now is brought to you by |
| 0:59.6 | Melissa, the data quality experts. |
| 1:04.0 | All data expires about 25% per year, |
| 1:09.0 | including the data in your customer database, |
| 1:12.0 | your supplier database, your address records. |
| 1:14.7 | For over 38 years, Melissa has helped companies harness the value of their customer data to drive |
| 1:21.5 | insight, to maintain data quality and support global intelligence. |
| 1:26.0 | Melissa is flexible to fit into any business model. |
| 1:29.0 | Melissa verifies addresses for more than 240 countries on--prem in the cloud, as a SAS app, there's even an |
| 1:35.8 | API, so you can ensure you're only putting valid billing and shipping addresses into your system. |
| 1:42.6 | You can focus your spending where it matters the most. |
| 1:44.6 | Melissa offers free trials, sample codes, and flexible pricing and an ROI guarantee. |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from Leo Laporte, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of Leo Laporte and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.