Security Now (Audio)

SN 941: We told you so! - NSA hacked Huawei? MS big AI data blunder, ValiDrive update


Listen Later

  • Apple has quietly removed support for Postscript in macOS Ventura over security concerns with the outdated interpreter language.
  • China has formally accused the NSA of hacking and maintaining access to Huawei servers since 2009, based on documents from Edward Snowden.
  • A misconfigured Azure Shared Access Signature token resulted in 38TB of sensitive internal Microsoft data being exposed, including employee backups with passwords.
  • The Signal messaging platform has added a post-quantum encryption protocol called PQXDH, combining its existing X3DH with the believed quantum-resistant CRYSTALS-Kyber system.
  • A zero-day iOS exploit chain was used to target Egyptian presidential candidate Ahmed Eltantawy, redirecting his traffic to install spyware after visiting a non-HTTPS site.
  • Steve gave an update on the status of his forthcoming ValiDrive USB validation utility, explaining delays due to challenges working at the USB level under Windows.
  • A blog post argued that the complexity of modern web browsers has made it impossible to create competitive new browsers from scratch.
  • An emailer claimed to have a mathematical algorithm that can generate truly random numbers.
  • Another emailer asked whether encrypting and deleting a hard drive could substitute for overwriting with random data.
  • There was an explanation of how public key encryption can be used bidirectionally for both encryption and authentication.
  • Listener questions whether all stolen LastPass vaults will eventually be decrypted.
  • Show Notes - https://www.grc.com/sn/SN-941-Notes.pdf

    Hosts: Steve Gibson and Ant Pruitt

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

    You can submit a question to Security Now at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:

    • joindeleteme.com/twit promo code TWIT
    • GO.ACILEARNING.COM/TWIT
    • Melissa.com/twit
    • ...more
      View all episodesView all episodes
      Download on the App Store

      Security Now (Audio)By TWiT

      • 4.6
      • 4.6
      • 4.6
      • 4.6
      • 4.6

      4.6

      1,932 ratings


      More shows like Security Now (Audio)

      View all
      This Week in Tech (Audio) by TWiT

      This Week in Tech (Audio)

      3,002 Listeners

      Hands-On Tech (Audio) by TWiT

      Hands-On Tech (Audio)

      1,965 Listeners

      MacBreak Weekly (Audio) by TWiT

      MacBreak Weekly (Audio)

      2,013 Listeners

      Windows Weekly (Audio) by TWiT

      Windows Weekly (Audio)

      854 Listeners

      Risky Business by Patrick Gray

      Risky Business

      362 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      633 Listeners

      Intelligent Machines (Audio) by TWiT

      Intelligent Machines (Audio)

      680 Listeners

      Tech News Weekly (Audio) by TWiT

      Tech News Weekly (Audio)

      1,064 Listeners

      iOS Today (Audio) by TWiT

      iOS Today (Audio)

      547 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,008 Listeners

      Smashing Security by Graham Cluley & Carole Theriault

      Smashing Security

      314 Listeners

      Malicious Life by Malicious Life

      Malicious Life

      926 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,812 Listeners

      Hacking Humans by N2K Networks

      Hacking Humans

      312 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      120 Listeners