All TWiT.tv Shows (Video-LO)   /     Security Now 1005: 6-Day Certificates? Why?

Subtitle
Android Anti-Tracking, MFA lLogin Bypass, BIMI
Duration
2:24:42
Publishing date
2024-12-17 19:18
Link
https://twit.tv/shows/security-now/episodes/1005
Contributors
  TWiT
author  
Enclosures
https://pscrb.fm/rss/p/cdn.twit.tv/video/sn/sn1005/sn1005_h264m_1920x1080.mp4
video/mp4

Shownotes

  • Is AI the Wizard of Oz? Or is it more?
  • Microsoft's long standing effective MFA login bypass.
  • Is TPM 2.0 not required after all for Windows 11?
  • Meet 14 North Korean IT workers who made $88 million from the West.
  • Android updates its Bluetooth tracking with anti-tracking.
  • The NPM package manager repository has had 540,000 malicious packages discovered hiding in plain sight.
  • The AskWoody site remains alive, well, and terrific.
  • My iPhone is linked to Windows and it's wonderful. Yay.
  • How has email been finding logos before BIMI?
  • If we use Him and Her for people, how about Hal for AI?
  • Another very disturbing conversation with ChatGPT.
  • What's going on with the new ChatGPT o1 model? It wants to escape? What??
  • Let's Encrypt plans to reduce its certificate lifetime from 90 to just 6 days. Why in the world?
  • And all the best holiday wishes. See you in January

Show Notes - https://www.grc.com/sn/SN-1005-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors: