SN 951: Revisiting Browser Trust - ICANN RDRS, Beeper Mini, TikTok ban, .meme TLD
12/05/23 • 130 min
- How masked domain owners can be unmasked through ICANN's new Registration Data Request Service (RDRS)
- WhatsApp's addition of Secret Code for extra privacy protection in Chat Lock
- Iranian hackers exploited default passwords in programmable logic controllers at US water facilities
- Attempt by Montana to ban TikTok statewide was stalled by a federal judge ruling
- Over 1 billion Android devices now have RCS messaging enabled
- EU Cyber Resilience Act will improve security of Internet of Things devices sold in the EU
- Black Basta ransomware group has netted over $107 million since early 2022
- Google's new .meme top-level domain allowing meme-related web properties
- CISA's Secure by Design initiative echoes security best practices frequently recommended on the podcast
- France plans to ban use of "foreign" end-to-end encrypted messaging apps like Telegram and require use of French app Olvid instead
- Concerns raised by industry experts Ivan Ristic and Ryan Hurst about EU's eIDAS 2.0 legislation undermining certificate authority trust
Show Notes - https://www.grc.com/sn/SN-951-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
- How masked domain owners can be unmasked through ICANN's new Registration Data Request Service (RDRS)
- WhatsApp's addition of Secret Code for extra privacy protection in Chat Lock
- Iranian hackers exploited default passwords in programmable logic controllers at US water facilities
- Attempt by Montana to ban TikTok statewide was stalled by a federal judge ruling
- Over 1 billion Android devices now have RCS messaging enabled
- EU Cyber Resilience Act will improve security of Internet of Things devices sold in the EU
- Black Basta ransomware group has netted over $107 million since early 2022
- Google's new .meme top-level domain allowing meme-related web properties
- CISA's Secure by Design initiative echoes security best practices frequently recommended on the podcast
- France plans to ban use of "foreign" end-to-end encrypted messaging apps like Telegram and require use of French app Olvid instead
- Concerns raised by industry experts Ivan Ristic and Ryan Hurst about EU's eIDAS 2.0 legislation undermining certificate authority trust
Show Notes - https://www.grc.com/sn/SN-951-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Previous Episode
SN 950: Leo Turns 67 - Fingerprint Security, Do-Not-Track
- Adobe Flash Player Updater is (still) desperately trying to update
- Veracrypt password security
- Firefox moves to 120 with a bunch of very nice new features
- Do-Not-Track is back on track
- "ownCloud" -or- "PwnCloud" ?
- CrushFTP Critical Vulnerability
- Bypassing fingerprint authentication
- ApacheMQ
- TransUnion & Experian both hacked
Show Notes - https://www.grc.com/sn/SN-950-Notes.pdf
Hosts: Steve Gibson and Ant Pruitt
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
Next Episode
SN 952: Quantum Computing Breakthrough - The Clear/Deep/Dark Web, Quad 9 victory, Telegram Flaw
- The government collection of push notification metadata
- Facebook Messenger sets end to end encryption as the default
- Iran's Cyber Av3ngers
- Cisco's Talos Top 10 cyber security exploits this year
- Over 30% of apps are still using a using a vulnerable version the Log4J library
- Quad 9 speaks on their legal victory against Sony
- What are the "Clear Web", "Dark Web", and "Deep Web"?
- A Flaw in Telegram
- Xfinity Mobile wants you to accept a root CA, DO NOT
- Hardware VPN alternative
- A breakthrough in quantum computing
Show Notes - https://www.grc.com/sn/SN-952-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to this show at https://twit.tv/shows/security-now.
Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Sponsors:
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/security-now-audio-297831/sn-951-revisiting-browser-trust-icann-rdrs-beeper-mini-tiktok-ban-meme-39748775"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to sn 951: revisiting browser trust - icann rdrs, beeper mini, tiktok ban, .meme tld on goodpods" style="width: 225px" /> </a>
Copy