Full disclosure: @leo administers the Mastodon instance I belong to, which is associated with the #ThisWeekInTech podcast network that #securitynow is on. I'm a donor to the podcast network. Nobody asked me for a recommendation though.

/2

More on #Google #Topics and the #adtech and #privacy implications from people who are smarter than me, check out the discussion on the #securitynow podcast by @leo Laporte and #stevegibson (the latter is not on Mastodon).

You can read and search the episode transcripts on Steve's website. Start with Episode 935, "TOPICS" ARRIVES. https://www.grc.com/securitynow.htm

/1

Excuse me @leo please ask Steve Gibson :steve: of #securitynow :sn: to find us a resource on how to disable internet connection or LTE capabilities in various makes and models of automobile. Asking for a friend!

For some cars there are probably ways to switch it off that you can find in the owner’s manual, or you can just not connect it to your phone or something.

https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

I response to this, i want to remind everyone that #SteveGibson 's SQUIRL password system exists. You should legitimately have a looksee: https://www.grc.com/sqrl/sqrl.htm
If you don't know who Steve Gibson is, you should check out #SecurityNow by @leo

@leo Regarding the Secure Time Heuristic issue, I'd think the requirement for that to be enabled by default would be that there is a validation that the server one pulls a timestamp out of the ssl packet from happens to be an IIS server. #SN936 #SecurityNow

On a (the most?) recent #SecurityNow podcast, Steve and Leo maybe got confused about "consecutive letters" when talking about a bank's password rules?

I think they took it to mean 2 in a row, like "letter + any other letter". Like "ad" or "xg"

I took it to mean "letter + the next letter in the alphabet". Like "ab" or "lm".

Still a very silly rule, but makes a bit more sense maybe? The bank wants to avoid "abcdefgh" as a password, for example.

(Still a silly rule, though.)

#TWiT @leo

I'm very excited that #SteveGibson is going to continue with #SecurityNow on the #Twit Network past episode 999. #infosec #podcast

Day off today. Should I be productive? Or watch this week’s #TWiG and #SecurityNow

I'm sooo happy that @SGgrc is going to stay on the #SecurityNow podcast past episode 999! I was honestly dreading his last episode. He alone is responsible for getting me into cybersecurity.

Yaay! SecurityNow will go beyond episode 999!

Great news!

Now we only need to get Steve on Mastodon 🙂 (wink, wink, @leo)

#security #securityNow

The Centauri Rowhammer paper Steve Gibson talked about on #SecurityNow 930 in which RAM hardware can be fingerprinted simply by writing and reading memory a lot and looking for unique patterns of bitflip tendencies in contiguous 2MB chunks of memory. No root permissions needed.

https://arxiv.org/abs/2307.00143

#SecurityNow picture of the week:

#securitynow What happened to this week's episode?

@leo and this weeks #SecurityNow podcast, Leo and Steve discuss the very annoying low battery alarms that occur around your home. these often go off in the middle of the night and can be difficult to locate. being #Blind., I employ audio direction finding techniques to track them down. Leo wants Steve to develop a chirp finder. I think this would be a great #Arduino project. #RaspberryPie. #ADC #Triangulation.

Sad times for podcasting: Leo peddling vitamin D as ad for #SecurityNow :

We keep repeating the basic #security flaws (or not mitigating well known flaws) #moveit (#securitynow with @SGgrc) https://www.youtube.com/watch?v=e9IDEb2QBZ0

@leo I heard you say on the latest #securitynow :sn: podcast that you’re coming around to the view that the problems of #cryptocurrency outweigh the benefits. Welcome to the club! I have been on the “JUST BAN IT” train for years now.

#SecurityNow : pics of the week:

QR codes that look like photos created with generative AI:

Since "Crackbreak Weekly" always turns into a mini-telethon length show after a Crapple announcement, I knew right off, when it was still going on 5 minutes before #SecurityNow was due to start, I'd have MORE than enough time to go watch today's "Eastenders" episode beforehand .

@PA0ETE

I'll listen on the Google podcast Security Now.

#tech #SecurityNow