SN 997: Credential Exchange Protocol - DJI Sues DoD, Quantum Vs. RSA, Lost MS Logs


Oct 22 2024 138 mins   155

  • Did Chinese researchers really break RSA encryption? What did they do?

  • What next-level terror extortion is being powered by the NPD breach data?

  • The EU to hold software companies liable for software security?

  • Microsoft lost weeks of security logs. How hard did the try to fix the problem?

  • The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones.

  • The DoJ wishes to acquire "DeepFake" technology to create fake people.

  • Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant.

  • A bit of BIMI logo follow-up, then...

  • A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability

Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf


Hosts: Steve Gibson and Leo Laporte


Download or subscribe to this show at https://twit.tv/shows/security-now.


Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit


You can submit a question to Security Now at the GRC Feedback Page.


For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.


Sponsors: