Radio Leo (MP3)   /     Security Now 1008: HOTP and TOTP

Subtitle
SyncThing, Auto-Updates, Sci-Fi Recs
Duration
2:49:35
Publishing date
2025-01-14 19:56
Link
https://twit.tv/shows/security-now/episodes/1008
Contributors
  TWiT
author  
Enclosures
https://pdst.fm/e/pscrb.fm/rss/p/cdn.twit.tv/libsyn/sn_1008/c18d5d13-9b48-44ea-9b24-b368f6c8d6c7/R1_sn1008.mp3
audio/mpeg

Shownotes

  • Meta winds down 3rd-party content filtering. Is encryption soon to follow?
  • Taking over abandoned Command & Control server domains (strictly for research purposes only).
  • IoT devices to get the "Cyber Trust Mark" — Will anyone notice or care?
  • "SyncThing" receives a (blessedly infrequent) update.
  • Government email is not using encryption? Really?
  • Email relaying prevents point-to-point end-to-end encryption and authentication.
  • Just because Let's Encrypt doesn't support email doesn't mean it's impossible.
  • What Sci-Fi does ChatGPT think I (Steve) should start reading next?
  • To auto-update or not to auto-update? — is that one question or two?
  • And, until today, we've never taken a deep dive into the technology of time-varying 6-digit one time tokens.

Show Notes - https://www.grc.com/sn/SN-1008-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.