Security Now and Steve Gibsons Twitter stream combined

Twitter page of Steve Gibson | Security Now page on | Security Now page on

All the entries are in reverse cronological order. The list is meant to be read from bottom to top. So find the episode you are interested in and look at the tweets from Mr. Gibson above the episode title.

Last update: 2020-02-23 17:52 (UTC)

Show all episodes
#754: The Internet of Troubles (2020-02-19) [ Link to ep on Twit ]
2020-02-18 21:26 - "The Internet of Troubles" Security Now #754 Show Notes:  Our regular round up of interesting news of the week, some SQRL and SpinRite news, and then we look at some new and quite worrisome IoT problems! [ Link to Twitter ]
#753: Promiscuous Cookies (2020-02-12) [ Link to ep on Twit ]
2020-02-11 21:11 - "Promiscuous Cookies" Security Now #753 Show Notes:  We're tightening up our browser's default handling of cross-site cookies... but not without consequences. And... lots of other fun security and privacy news of the week. [ Link to Twitter ]
#752: The Little Red Wagon (2020-02-05) [ Link to ep on Twit ]
2020-02-04 19:55 - "The Little Red Wagon" Security Now #752 Show Notes:  A week of varied and interesting news. Lots of fun discussion and the clever hack of the decade involving a little red wagon. :) [ Link to Twitter ]
#751: SHAmbles (2020-01-29) [ Link to ep on Twit ]
2020-01-28 20:34 - "SHAmbles" Security Now #751 Show Notes:  A duo who have been methodically pounding on SHA-1 for years made a breakthrough in defeating its protections. SHA-1 is now a shambles. (And lots of other interesting news of the past week!) [ Link to Twitter ]
2020-01-23 17:11 - "Star Trek: Picard" Premieres Today. It's annoying that it's "CBS All Access", so paid streaming. But just a heads-up for those who might have not caught the release date. :) [ Link to Twitter ]
#750: The Crypto CurveBall (2020-01-22) [ Link to ep on Twit ]
2020-01-21 21:25 - "The CurveBall CryptoAPI" Security Now #750 Show Notes:  This week we cover a bunch of news, including another serious RDP remote code execution exploit that slipped under the radar due to all of the more pressing CurveBall news. [ Link to Twitter ]
#749: Windows 7 - R. I. P. (2020-01-15) [ Link to ep on Twit ]
2020-01-14 21:22 - "Windows 7 - R.I.P." Security Now! #749 Show Notes:  Too Much Hot News this week! The BIGGIE is the new Cable Haunt vulnerability affecting nearly all cable modems. There's the ease of SIM swap identity spoofing... and so much more! [ Link to Twitter ]
#748: Our Malware Lexicon (2020-01-08) [ Link to ep on Twit ]
2020-01-07 20:29 - "Our Malware Lexicon" Security Now! #748 Show Notes:  For our first podcast of 2020, we cover the usual collection of interesting news and events, then we zip though the 7 classifications of malware. :) [ Link to Twitter ]
#747: The Year's Best (2019-12-31) [ Link to ep on Twit ]
2019-12-29 03:41 - Danger Will Robinson!! Danger!! A heads-up that Netflix released all of Season 2 of Lost in Space the day before Christmas. I haven't started into it yet since I JUST found out. Hope to make it last a few nights! :) Happy Holidays All! [ Link to Twitter ]
#746: A Decade of Hacks (2019-12-24) [ Link to ep on Twit ]
2019-12-23 21:04 - "A Decade of Hacks" Security Now #746 Show Notes:  The week brought us more interesting news, so I'm hoping we'll have time to cram in our walk-through all of the events of the past decade! :) [ Link to Twitter ]
#745: PlunderVolt (2019-12-18) [ Link to ep on Twit ]
2019-12-17 20:58 - "PlunderVolt" Security Now #745 Show Notes:  An extra double good episode this week, I think. Several interesting math/science/tech pieces of news, and yet another way to compromize Intel processors. :) [ Link to Twitter ]
2019-12-16 19:58 - I just posted THIS posting number 23,606 to the SQRL development discussion group:  Onward and back to SpinRite! [ Link to Twitter ]
#744: VPN-geddon Denied (2019-12-11) [ Link to ep on Twit ]
2019-12-10 18:49 - "VPN-geddon Denied" Security Now #744 Show Notes:  A bunch of interesting news, my first mention of the new WireGuard VPN (with much more on that to come) and a look at the "critical" trans-VPN problems in most OSes. [ Link to Twitter ]
#743: Android “StrandHogg” (2019-12-04) [ Link to ep on Twit ]
2019-12-03 22:06 - Android "StrandHogg" Security Now #743 Show Notes:  [ Link to Twitter ]
#742: Pushing "DoH" (2019-11-27) [ Link to ep on Twit ]
2019-11-26 21:57 - "Pushing" DoH - Security Now #742 Show Notes:  A nice helping of the past week's security news and events. Then we take a close look at DoH (DNS over HTTPS) and discover something unexpected! :) [ Link to Twitter ]
#741: TPM-FAIL (2019-11-20) [ Link to ep on Twit ]
2019-11-19 20:08 - "TPM-FAIL" Security Now #741 Show Notes:  Lots of interesting news and updates on stories we've been following. And then we examine newly discovered and revealed failures in TPM secret keeping. [ Link to Twitter ]
#740: Credential Delegation (2019-11-13) [ Link to ep on Twit ]
2019-11-12 21:24 - "Credential Delegation" Security Now! #740 Show Notes:  LOTS of news of the past week, and then we examine a new emerging IETF standard for creating and managing ultra-short-lived TLS certificates. :) [ Link to Twitter ]
#739: DOH and Bluekeep (2019-11-06) [ Link to ep on Twit ]
2019-11-05 20:01 - "DoH & BlueKeep" Security Now! #739 Show Notes:  Lots of interesting news of the week, including news on the mounting DoH controversy and the appearance (at long last) of active BlueKeep vulnerability exploitation. [ Link to Twitter ]
#738: A Foregone Conclusion (2019-10-30) [ Link to ep on Twit ]
#737: Biometric Mess (2019-10-23) [ Link to ep on Twit ]
2019-10-22 20:22 - "Biometric Mess" Security Now #737 Show Notes:  The most interesting news of the week and a bit of miscellany. Then Jason and I look at two recent high-profile failures of consumer biometric authentication and consider the implications. :) [ Link to Twitter ]
#736: CheckM8 (2019-10-16) [ Link to ep on Twit ]
2019-10-15 20:32 - "CheckM8" - Security Now #736 Show Notes:  We cover a wide range of recent news ((no mention of ransomware!) and take a close look at the recently discovered and widely revealed unpatchable Apple Boot ROM exploit to Jailbreak most iDevices. [ Link to Twitter ]
2019-10-15 16:25 - (I failed to note that Ian and Kyle, who included SQRL in their password security guide, are Google Cloud Solutions Architects :) -  -  [ Link to Twitter ]
2019-10-15 16:16 - Ian (@IanAMaddox) & Kyle (@KyleMoschetto): A BIG THANK YOU for your mention of SQRL in your perfect "Modern password security for system designers" and "... for users" guides:  The guides are very well done. [ Link to Twitter ]
#735: Makes Ya WannaCry (2019-10-09) [ Link to ep on Twit ]
2019-10-08 20:38 - "Makes Ya WannaCry" Security Now #735 Show Notes:  We cover the news of the past several weeks (more ransomware craziness), and we conclude by looking at a miracle that prevented the end of the world two years ago! [ Link to Twitter ]
2019-10-07 14:28 - The OWASP Gothenburg, Sweden chapter created a terrific video of my presentation there 10 days ago:  This video FULLY demonstrates and EXPLAINS SQRL to anyone who is interested. Share it with other techies! :) [ Link to Twitter ]
2019-10-03 19:10 - Ready to start… [ Link to Twitter ]
2019-10-03 16:48 - The Gothenburg, Sweden group recorded the SQRL presentation there. It came out very nice:  [ Link to Twitter ]
2019-10-03 16:45 - Back in the States from a great time talking about SQRL at OWASP groups in Dublin and Sweden. Now in Boston with Leo & Lisa for a fun panel discussion on the topic of Trends in Identity. [ Link to Twitter ]
#734: The Joy of Sync (2019-10-02) [ Link to ep on Twit ]
#733: Top 25 Bug Classes (2019-09-25) [ Link to ep on Twit ]
2019-09-21 21:00 - "The Top 25 Bug Classes" Security Now #733 Show Notes:  Another week of security craziness including some very interesting security findings from a summary of 4000 small businesses. :) [ Link to Twitter ]
2019-09-19 17:32 - iOS 13 Available for iPhones! :) [ Link to Twitter ]
#732: SIM Jacking (2019-09-18) [ Link to ep on Twit ]
2019-09-17 20:02 - "SIM Jacking" Security Now #732 Show Notes:  A surprising universal widespread privacy attack on all SIM-based phones, and a LOT of additional cool news of the week. :) [ Link to Twitter ]
2019-09-15 16:46 - It’s not clear to me what problem this solves. Yes, time of display & recording WOULD be verifiable. But an authentic pattern could simply be patched into any faked video by claiming the same time of recording. And false positive DeepFake verification would be worse than none.  [ Link to Twitter ]
2019-09-14 20:45 - Early Release of: "The Joy of Sync" Security Now #734, Show Notes:  A bit of non-Sync discussion of the move toward DoH (DNS over HTTPS), then we look into the two terrific Sync solutions I have found and love! :) [ Link to Twitter ]
#731: DeepFakes (2019-09-10) [ Link to ep on Twit ]
2019-09-09 19:51 - "DeepFakes" Security Now! #731 Show Notes:  The most interesting news of the week followed by our first discussions on the podcast of the growing problem of "DeepFake" audio and video. :) [ Link to Twitter ]
2019-09-06 22:40 - Confirmed that the latest "Sync" client for Windows (v2.0.5), under Win7, no longer consumes excess RAM. Yay! "Sync" is my choice for the most cost effective client-side encrypted (TNO) cloud backup, with multi-machine directory sync & versioning. Full details in podcast #734. [ Link to Twitter ]
2019-09-06 15:32 - Excellent news from the @Sync guys at : The memory consumption I've been seeing on my Sync'd Win7 machines are/were caused by Win7's leaky old IE engine used for their UI. They're on it and should have it fixed shortly! Whew! [ Link to Twitter ]
#730: The Ransomware Epidemic (2019-09-04) [ Link to ep on Twit ]
2019-09-03 20:30 - "The Ransomware Epidemic" Security Now! #730 Show Notes:  This week, rather than covering many small topics, we take some deeper dives into just a few topics... and most notably, the worrisome explosion of ransomware attacks. [ Link to Twitter ]
2019-09-03 18:52 - Thanks everyone. I'm settling on: So dee' no kee bee It's also fun to say. :) [ Link to Twitter ]
2019-09-03 16:46 - The latest ransomware to take off is known as "Sodinokibi" (aka REvil). Does anyone have any idea how I should pronounce "Sodinokibi" for the podcast? So-dino-kee-bee? Sod-in-oh-kee-bee? Sod-i-nock-ee-bee? I have NO idea! <g> [ Link to Twitter ]
2019-08-30 19:42 - Update on secure file sync: I want to choose  (@Sync) but it is badly leaking memory on all of my Win7 machines, so I'm unable to recommend it unless/until they fix this problem. I contacted them several days ago. Fingers crossed. [ Link to Twitter ]
#729: Next Gen Ad Privacy (2019-08-28) [ Link to ep on Twit ]
2019-08-27 20:12 - "Next Gen Ad Privacy" Security Now! #729 Show Notes:  We cover the week's most interesting and important news, check-in on SQRL and on my file sync journey, and then we examine a forthcoming formal, non-tracking, system for Internet advertising. [ Link to Twitter ]
2019-08-26 23:16 - RT @lisadlaporte: Who is coming to Boston to meet @leolaporte & @SGgrc? I'll be there too but come on @TWiT fans - sign up and show your s… [ Link to Twitter ]
2019-08-26 23:15 - RT @TWiT: Join TWiT and LastPass for a cybersecurity panel discussion and networking reception Oct. 3 in Boston. Register now for "Cybersec… [ Link to Twitter ]
2019-08-24 17:40 - You're Invited!: If you are in the Boston USA area on Thursday, October 3rd, Leo and I and others will be having a panel discussion about Identity. Join us!:  [ Link to Twitter ]
#728: The KNOB is Broken (2019-08-21) [ Link to ep on Twit ]
2019-08-20 19:28 - "The KNOB is Broken" Security Now #728 Show Notes:  Our usual round up of the past week's most significant security news. Lots of fun stuff for this first podcast of our 15th year, including coverage of the latest Bluetooth pairing security disaster. :| [ Link to Twitter ]
2019-08-19 22:06 - Slick trick for "native" folder syncing for  or DropBox: Move native folder under the cloud provider's folder, then use "mklink" command (or Mac/Linux equivalent) to create a Symlink to the original folder location. Works perfectly! :) More details soon! [ Link to Twitter ]
2019-08-19 22:00 - RT @haral: Join us at OWASP OC's Thursday, Aug 22, dinner meeting. Steve Gibson from GRC is talking about SQRL - Secure Quick Reliable Logi… [ Link to Twitter ]
2019-08-19 21:53 - One problem with  is no native Linux support. But I'm all Windows on the desktop. Everything else & mobile is covered. But that might be a deal breaker for some. [ Link to Twitter ]
2019-08-19 21:45 - So far I've experimented with Dropbox, ownCloud, nextcloud, SyncThing,  and several others. (Got SyncThing to sync to the cloud, too!) I'll be doing a full feature and experience rundown for Security Now #734 on October 1st... after much more experimenting. [ Link to Twitter ]
2019-08-19 21:41 - I'm experimenting with, and liking, the " " service. This referral link will start you out with an extra free 1GB of storage (total of 6GB) for free:  I've got native folder encryption working, and more! :) [ Link to Twitter ]
2019-08-19 21:39 - Currently testing: 5GB free cloud folder/file instant sync with end-to-end TNO encryption, ability to securely share arbitrary file links, prior file version history (ransomware protection) optional offline storage to free up local space, transparent, using existing folders. [ Link to Twitter ]
2019-08-14 21:06 - FYI: I'm heading toward a hybrid solution with zero-cost or paid options, warrant-proof (TNO) cloud storage, optional archival non-local storage, file versioning, ransomware protection, fully cross-platform, and more. :) [ Link to Twitter ]
2019-08-14 20:17 - I am checking out " " as a superior Dropbox alternative. It does true TNO client-side encryption and paid accounts are much more storage for much less $$. If you're curious, this referral link gets us BOTH an extra 1GB for free:  [ Link to Twitter ]
#727: BlackHat & DefCon (2019-08-14) [ Link to ep on Twit ]
2019-08-13 20:04 - "Black Hat & Def Con" | Security Now! #727 Show Notes:  Some of the news arising from the recently concluded annual Las Vegas hacking events, and a bunch of other interesting news, views and feedback. [ Link to Twitter ]
2019-08-08 05:20 - RT @mryan2011: Looking forward to seeing @SGgrc in #Dublin in September @OWASPDublin. Thanks @owaspgbg for sharing and to @MMKIreland for… [ Link to Twitter ]
2019-08-08 05:16 - RT @owaspgbg: We will send out info about how to get tickets to the event with Steve Gibson @SGgrc 26th of september through our mailinglis… [ Link to Twitter ]
#726: Steve's File Sync Journey (2019-08-07) [ Link to ep on Twit ]
2019-08-06 20:20 - "Steve's File Sync Journey" Security Now! #726 Show Notes:  Our typical grab bag of interesting security news. Then I share the result of my multi-month search for a reliable and transparent multi-site file-sync. [ Link to Twitter ]
#725: Urgent/11 (2019-07-31) [ Link to ep on Twit ]
2019-07-30 19:57 - "Urgent/11" Security Now #725 Show Notes:  The episode =was= going to be titled "Your NAS is Grass!" ... until yesterday's news about 2 Billion VxWorks devices with CRITICAL Remote Code Execution flaws! Stay Tuned! :) [ Link to Twitter ]
2019-07-26 17:14 - The best thing about Netflix's much anticipated incredibly unbelievably awful and disappointing science fiction series "Another Life" are the reviews on IMDB. Believe them:  [ Link to Twitter ]
#724: Hide Your RDP Now! (2019-07-24) [ Link to ep on Twit ]
2019-07-23 20:26 - "Hide Your RDP Now!" Security Now! #724 Show Notes:  A frightening RDP honeypot report from Sophos and a lot of very interesting browser-oriented news of the week. :) [ Link to Twitter ]
#723: Encrypting DNS (2019-07-17) [ Link to ep on Twit ]
2019-07-16 20:20 - "Encrypting DNS" Security Now! #723 Show Notes:  Our typical weekly roll-up of all the week's most interesting security and privacy news, and then a overview survey of the state of DNS Encryption for privacy and security. :) [ Link to Twitter ]
#722: Gem Hack & Ghost Protocol (2019-07-10) [ Link to ep on Twit ]
2019-07-09 20:07 - "Gem Hack & Ghost Protocol" Security Now! #722 Show Notes:  This week we stumble over a number of instances where technology appears to be colliding with the status quo. How could DNS over HTTPS be controversial?? :-/ [ Link to Twitter ]
2019-07-07 19:50 - The SQRL for Wordpress Plug-in is up and running on "Brian of London's" blog:  SQRL's Wordpress plug-in is developing and maturing rapidly. :)  [ Link to Twitter ]
#721: Exposed Cloud Databases (2019-07-03) [ Link to ep on Twit ]
2019-07-02 20:07 - "Exposed Cloud Databases" Security Now! #721 Show Notes:  This week's collection of interesting security news and updates, and the redefinition of "IoT" to mean "Installation of Trojan" [ Link to Twitter ]
2019-07-02 19:23 - SophosLabs BlueKeep (CVE-2019-0708) exploit proof-of-concept on Vimeo  [ Link to Twitter ]
#720: Bug Bounty Business (2019-06-26) [ Link to ep on Twit ]
2019-06-25 20:13 - The "Bug Bounty Business" Security Now #720 Show Notes:  We take a look at all the action over at HackerOne and also cover all of the week's interesting security and privacy news. ;) [ Link to Twitter ]
#719: Exim Under Siege (2019-06-19) [ Link to ep on Twit ]
2019-06-18 20:11 - "Exim Under Siege" Security Now! #719 Show Notes:  An extra-spiffy-good podcast today, I suspect, with lots of fun and interesting news. Exim, RAMBleed, Tavis Ormandy, BlueKeep, GandCrab, the new Linux SACK nightmare... and more! :) [ Link to Twitter ]
#718: Update Exim Now! (2019-06-12) [ Link to ep on Twit ]
2019-06-11 20:37 - "Update Exim Now!" Security Now! #718 Show Notes:  57% of the Internet's Mail Servers are likely vulnerable remote commend execution as root! Whoopsie. And lots of other interesting news. :) [ Link to Twitter ]
2019-06-10 23:48 - "SQRL Explained" 17-page technical overview document. See  for details, GRC's reference SQRL client for Windows, and more. :) [ Link to Twitter ]
#717: The Nansh0u Campaign (2019-06-05) [ Link to ep on Twit ]
2019-06-04 20:18 - "The Nansh0u Campaign" Security Now #717 Show Notes:  The anatomy of a powerful state-level attack, apparently now in the hands of amateurs. (And, of course, a bunch of additional interesting news.) [ Link to Twitter ]
#716: RDP - Really Do Patch (2019-05-29) [ Link to ep on Twit ]
2019-05-28 20:15 - "RDP: Really Do Patch" Security Now! #716 Show Notes:  Lots and lots of interesting news this week. And nearly ONE MILLION confirmed currently exploitable RDP servers just waiting to be owned! [ Link to Twitter ]
2019-05-28 17:41 - How to obtain the new Windows 10 Feature Update 1903 without waiting:  This will download a small 5.9MB update trigger file from Microsoft. [ Link to Twitter ]
#715: (2019-05-22) [ Link to ep on Twit ]
2019-05-21 20:23 -  ( ) Security Now #715 Show Notes:  As always, we catch-up on another interesting week of security revelations and we take a closer look at last week's head-spinning new Intel processor troubles. [ Link to Twitter ]
#714: Android 'Q' (2019-05-15) [ Link to ep on Twit ]
2019-05-14 20:13 - Android "Q" Security Now #715 Show Notes:  We look at many significant Google I/O security and privacy announcements, the new "ZombiLoad" Intel Chip problem <sigh> and then the MAJOR progress Google is making with Android "Q". :) [ Link to Twitter ]
#713: Post-Coinhive Cryptojacking (2019-05-08) [ Link to ep on Twit ]
2019-05-07 21:05 - “Post-Coinhive Cryptojacking” Security Now #713 Show Notes:  The way this podcast's topics came out, it might be called the web browser world update. Which is it say... lots of browser news! :) [ Link to Twitter ]
#712: Credential Stuffing Attacks (2019-05-01) [ Link to ep on Twit ]
2019-04-30 19:59 - "Credential Stuffing Attacks" Security Now! #712 Show Notes:  The strong economic incentives underlying the explosive growth of widespread automated username and password guessing... and the Dark Web. [ Link to Twitter ]
#711: DNSpionage (2019-04-24) [ Link to ep on Twit ]
2019-04-23 19:52 - "DNSpionage" Security Now! #711 Show Notes:  Lots of interesting news of the week and a look inside a multi-year sophisticated DNS hijacking campaign by a nation-state actor. [ Link to Twitter ]
2019-04-19 04:06 - @SGgrc gets "Blog v2.0":  The SQRL forums needed PHP. So I set up a dedicated server isolated from . Since I then had a nice PHP installation, I decided to host my own blog (was at . :) [ Link to Twitter ]
#710: DragonBlood (2019-04-17) [ Link to ep on Twit ]
2019-04-16 20:17 - "DragonBlood" Security Now! #710 Show Notes:  The first (successful) attacks against the forthcoming WPA3 protocol which will be replacing our current WPA2. And a bunch of other news of the week. [ Link to Twitter ]
#709: URL “Ping” Tracking (2019-04-10) [ Link to ep on Twit ]
2019-04-09 20:13 - "URL "ping" Tracking" Show Notes:  The final browser capitulation to unblockable tracking of our actions and behavior across the Internet. But also lots of other less depressing news! :) [ Link to Twitter ]
#708: Android Security (2019-04-03) [ Link to ep on Twit ]
2019-04-02 20:17 - "Android Security" (quotes not meant to demean: impressive results at Android's 10th birthday.) Security Now! #708 Show Notes:  And a bunch of other news and follow-ups! :) [ Link to Twitter ]
#707: Tesla, Pwned (2019-03-27) [ Link to ep on Twit ]
2019-03-26 20:05 - "Tesla, Pwned" Security Now! #707 Show Notes:  Waaaay too much to talk about this week, including the results of last week's 3-day Pwn2Own competition. [ Link to Twitter ]
#706: Open Source eVoting (2019-03-20) [ Link to ep on Twit ]
2019-03-19 19:50 - "Open Source eVoting" (DARPA) Security Now #706 Show Notes:  A good assortment of interesting new and a few follow-ups on recent topics. Should be another useful couple of hours! :) [ Link to Twitter ]
#705: SPOILER (2019-03-13) [ Link to ep on Twit ]
2019-03-12 20:37 - "SPOILER" Security Now #705 Show Notes:  Spectre meets RowHammer and the result is not good. And we also had a TON of interesting news this past week. So... another interesting podcast, I think. :) [ Link to Twitter ]
#704: Careers in Bug Hunting (2019-03-05) [ Link to ep on Twit ]
2019-03-05 21:32 - "Careers in Bug Hunting" Security Now! #704 Show Notes:  Looks like it's going to be another of our "how much can we cram into 2 hours" news-of-the-week podcast! :) [ Link to Twitter ]
#703: Out in the Wild (2019-02-27) [ Link to ep on Twit ]
2019-02-26 21:18 - "Out in the Wild" Security Now #703 Show Notes:  Another busy week with lots of interesting news! :) [ Link to Twitter ]
Show all episodes
Fork me on GitHub