SN 960: Unforeseen Consequences - CISA's "Secure by Design" Initiative, Fastly's BoringSSL

CISA's "Secure by Design" Initiative

The GNU C Library Flaw

Fastly CDN switches from OpenSSL to BoringSSL

Roskomnadzor asserts itself

Google updates Android's Password Manager

Firefox gets post-quantum crypto

Get your TOTP tokens from LastPass

Inflated iOS app data

LearnDMARC

Sync mobile app bug

SpinRite and Windows Defender

Crypto signing camera

Analog hole in digital camera authentication

iOS and Google's Topics

The gathering of the Stephvens

Programmable Logic Controllers

SpinRite update

Malware-infected Toothbrush

The Unforeseen Consequences of Google's 3rd-party Cookie Cutoff

Show Notes - https://www.grc.com/sn/SN-960-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

Melissa.com/twit

joindeleteme.com/twit promo code TWIT

GO.ACILEARNING.COM/TWIT

vanta.com/SECURITYNOW