Podcasts

Apple just rewrote the rules of device security with a chip-level upgrade that could wipe out most iPhone vulnerabilities overnight. Find out how "memory integrity enforcement" aims to make exploits a thing of the past—and why it took half a decade to pull off.

• Are Bitcoin ATMs anything more than scamming terminals.
• Ransomware hits the Uvalde school district and Jaguar.
• Did "Scattered LapSus Hunters" just throw in the towel.
• Germany, for one, to vote "no" on Chat Control.
• Russia's new MAX messenger has startup troubles.
• Samsung follows Apple's WhatsApp patch chain.
• Shocker: UK school hacks are mostly by students.
• HackerOne was hacked.
• Connected washing machines in Amsterdam hacked.
• DDoS breaks another record.
• Bluesky to implement conditional age verification.
• Enforcement actions for Global Privacy Control.
• Might Apple have finally beaten vulnerabilities

Show Notes - https://www.grc.com/sn/SN-1043-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• joindeleteme.com/twit promo code TWIT
• vanta.com/SECURITYNOW
• threatlocker.com for Security Now
• bitwarden.com/twit
• Melissa.com/twit

• iPhone 17 event live blog: on the ground at Apple's keynote
• Google Court Doc: Open Web Is In Rapid Decline
• Anthropic Judge Rejects $1.5 Billion AI Copyright Settlement (1)
• The Software Engineers Paid to Fix Vibe Coded Messes
• What to expect from Meta Connect
• SpaceX strikes $17B deal to buy EchoStar's spectrum for Starlink's direct-to-phone service
• Tesla Wants Out of the Car Business
• Tesla Offers Elon Musk an Unprecedented $1 Trillion Pay Package
• Gen Z protests in Nepal, sparked by a social media ban, have killed nearly 2 dozen and injured hundreds. Here's what to know
• Microdramas are TikTok turned up to 11, and they're coming for your time and money
• Tiny Vinyl is a new pocketable record format for the Spotify age
• Kodak's mini camera fits on your keyring and is smaller than an AirPods case
• Geek News Central Mourns the Loss of Todd Cochrane

Host: Leo Laporte

Guests: Dan Patterson, Victoria Song, and Jason Hiner

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• expressvpn.com/twit
• bitwarden.com/twit
• oracle.com/twit
• shopify.com/twit
• NetSuite.com/TWIT

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring.

• My experience with 'X' vs email.
• Google TIG blackmailed to fire two security researchers.
• 1.1.1.1 DNS TLS certificate mis-issued.
• Artists blackmailed with threats of training AI on their art.
• Firefox extended end-of-life for Windows 7 to next March.
• Is the renewal of cybersecurity info sharing coming soon.
• Should security analysis be censored due to vibe-coding.
• UK versus Apple may not be settled after all.
• Another very serious supply chain attack.
• Can the software supply-chain ever be trustworthy.
• Why did BYTE Magazine die.
• What happens if Google and others go on the attack

Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• uscloud.com
• canary.tools/twit - use code: TWIT
• bigid.com/securitynow
• zscaler.com/security
• expressvpn.com/securitynow

Google walks away from another monopoly ruling with barely a scratch, while tech giants gather at the White House to praise a president who holds their futures in the balance. Inside, our panel questions whether "playing the game on the field" is killing tech innovation and U.S. privacy for good.

• Google avoids harshest penalties in landmark search monopoly ruling
• Google fined $3.5 billion by EU over ad-tech business
• Probe finds Houston police using surveillance tool like a search engine
• iPhone 17 specifications leak, 'Air' model rumors, and what to expect at Apple's Awe Dropping' event
• Instagram coming to iPad after 15 years
• Anthropic to pay $1.5 billion to settle author copyright claims
• Apple accused of training AI models on pirated books
• Trump hosts tech CEOs at first event in newly renovated Rose Garden
• Postal traffic to the US down over 80% amid tariffs, UN says
• Satellite companies like SpaceX ignore astronomers' calls to save the night sky
• Microsoft says Azure service affected by damaged Red Sea cables
• Meta still hasn't given up on the Facebook poke after 21 years
• Fake celebrity chatbots send risqué messages to teens on top AI app
• First brain-wide map of decision-making charted in mice
• NVIDIA's sale-and-leaseback chip schemes raise questions about AI bubble
• Tesla changes meaning of 'full self-driving' and gives up on autonomy promise
• Atlassian agrees to acquire The Browser Co. for $610 million
• Warner Bros. Discovery sues AI company Midjourney for copyright infringement in major legal battle

Host: Leo Laporte

Guests: Alex Wilhelm and Harry McCracken

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• zscaler.com/security
• miro.com
• smarty.com/twit
• ZipRecruiter.com/twit
• canary.tools/twit - use code: TWIT

When even the Department of Defense can't properly vet its software dependencies, what chance do the rest of us have? Steve Gibson reveals how "fast-glob" became a case study in supply chain blindness, explores whether AI can ever truly be controlled after Meta's celebrity chatbot disaster, and celebrates BYTE Magazine's 50th anniversary with a look at how far we've come (and how vulnerable we still are).

• A look back at issue #1 of BYTE magazine exactly 50 years ago
• The enforcement of the SHAKEN & STIR Telecom protocols
• Breaking: Judge rules against forced Google divestitures in monopoly case
• The inherent danger of consolidating authentication
• Can AI be controlled?
• Vivaldi says a big "no" to AI-enhanced web browsers
• How WhatsApp figured into Apple's recent 0-day attacks
• Leveraging AI as an attack aid
• The latest TransUnion data breach
• Two scummy websites sue the UK over age requirements
• OpenSSH reminds its users to adopt post-quantum crypto
• The DOD uses open source maintained by a Russian national
• Much great feedback from our terrific listeners
• Sci-Fi news from "The Frontiers Saga" Ryk Brown

Show Notes - https://www.grc.com/sn/sn-1041-notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• go.acronis.com/twit
• threatlocker.com/twit
• bitwarden.com/twit
• bigid.com/securitynow
• joindeleteme.com/twit promo code TWIT

Cloudflare's latest moves to police who can access the internet and governments' push for age verification set off alarms for the future of the open web, as panelists debate the hidden costs of centralization and regulation.

• Microsoft fires four workers for on-site protests over company's ties to Israe
• Taco Bell rethinks AI drive-through after man orders 18,000 water
• Nvidia says two mystery customers accounted for 39% of Q2 revenu
• FBI cyber cop: Salt Typhoon pwned 'nearly every American
• Mastodon says it doesn't 'have the means' to comply with age verification law
• UK's Online Safety Act censors the internet — a preview of US proposal
• Meta updates chatbot rules to avoid inappropriate topics with teen user
• Meta reportedly allowed unauthorized celebrity AI chatbots on its service
• UK's demand for Apple backdoor may have been broader than previously though
• Bluesky now platform of choice for science communit
• SpaceX's giant Starship Mars rocket nails critical 10th test flight in stunning comeback
• FCC rejects calls for cable-like fees on broadband providers
• The web does not need gatekeepers
• Intel warns a US equity stake could trigger "adverse reactions"
• US firms are racing through a $1 trillion buyback spree in record time
• Microsoft reveals two in-house AI models
• Authors celebrate "historic" settlement coming soon in Anthropic class action
• A rule exempting small packages from tariffs is ending today
• Framework is working on a giant haptic touchpad, Trackpoint nub, and eGPU for its laptops
• Germany fines economist Thomas Vierhaus €16,100 for sarcastic X posts1
• Google wants to make sideloading Android apps safer by verifying developers' identities
• South Korea bans smartphones in all middle and elementary school classrooms

Host: Leo Laporte

Guests: Shoshana Weissmann, Cory Doctorow, and Louis Maresca

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• shopify.com/twit
• ZipRecruiter.com/twit
• NetSuite.com/TWIT
• zscaler.com/security
• smarty.com/twit

Alarm bells are ringing over a supposed browser zero-day, but is the threat as bad as it sounds? Steve reveals why "clickjacking" might be more whac-a-mole than breaking news, and what that really means for your passwords.

• Germany may soon outlaw ad blockers
• What's happening in the courts over AI
• The U.K. drops its demands of Apple
• New Microsoft 365 tenants being throttled
• Is Russia preparing to block Google Meet?
• Bluesky suspends its service in Mississippi
• How to throttle AI
• A tricky SSH-busting Go library
• Here comes the Linux desktop malware
• Apple just patched a doozy of a vulnerability
• A trivial Docker escape was found and fixed
• Why the recent browser 0-day clickjacking is really just whac-a-mole

Show Notes - https://www.grc.com/sn/sn-1040-notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• 1password.com/securitynow
• zscaler.com/security
• bigid.com/securitynow
• uscloud.com

• You should buy a faster CPU
• The Trump-Intel deal is official
• Trump signals fourth delay of TikTok ban
• Trump to tap Airbnb co-founder as first government design chief
• Meet Macrohard, Elon Musk's AI simulation of Microsoft
• Google announces Pixel 10 lineup with heavy AI integration
• Gemini for Home is Google's biggest smart home play in years
• Copilot app gets a glowup, new features, for Windows 11
• Apple explores using Google Gemini AI to power revamped Siri
• Bluesky blocks service in Mississippi over age assurance law
• 4chan will refuse to pay daily online safety fines, lawyer tells BBC
• Sports streaming enters a bold new era
• Waymo can now test its self-driving vehicles in New York City
• Oura secures decisive legal victory with ITC patent ruling
• T-Mobile claimed selling location data without consent is legal—judges disagree
• Developer gets prison time for sabotaging former employer's network with a 'kill switch'
• Nonprofit search engine Ecosia offers $0 for control of Chrome
• Perplexity's Comet AI browser tricked into buying fake items online
• Agentic browser security: indirect prompt injection in Perplexity Comet
• New zero-day startup offers $20 million for tools that can hack any smartphone
• YouTuber Mark Rober is getting a Netflix series
• German court revives case that could threaten ad blockers
• Satya Nadella says Microsoft must move beyond Bill Gates' software factory vision
• More frozen shrimp recalled for possible radioactive contamination

Host: Leo Laporte

Guests: Daniel Rubino and Paris Martineau

Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech

Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• zscaler.com/security
• expressvpn.com/twit
• canary.tools/twit - use code: TWIT
• smarty.com/twit
• helixsleep.com/twit