Picture of the Week. HP = "Huge Pile" The ".ZIP" TLD — What could possibly go wrong? PyPI gets more serious about security AND privacy. "No logs saved anywhere"??? Twitter in the EU? Bitwarden's support for Passkeys. A €1.2 billion fine will grab your attention. Editing WhatsApp messages. A new Google Bug Bounty. SpinRite. Brave's Brilliant Off the Record Request. Show Notes: https://www.grc.com/sn/SN-925-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cs.co/twit drata.com/twit Melissa.com/twit

Picture of the Week. Tracker Follow-Up. Automatic IoT device updating. HP 9020e - error code 83C0000B. Section 230 Stands. The KeePass Vulnerability. Apple joins Samsung, Amazon and Verizon in banning ChatGPT. Google's Privacy Sandbox moves forward. The FBI heavily misused FISA powers. Supply Chain Nightmare. SpinRite. VCaaS – Voice Cloning as a Service. Show Notes: https://www.grc.com/sn/SN-924-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: expressvpn.com/securitynow athleticgreens.com/securitynow lookout.com

Picture of the Week. SpinRite. Location Tracker Behavior. Formal definitions from the specification. Bluetooth LE devices have MAC addresses and therein lies a problem. All devices are serialized. And now, that "pairing registry". Privacy considerations. Show Notes: https://www.grc.com/sn/SN-923-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit GO.ACILEARNING.COM/TWIT

Picture of the Week. Google & Passkeys. TP-Link routers DO auto-update. US Marshals Service: Where's the backup?? T-Mobile keeps getting breached. Chrome: No more LOCK icon. Apple's new "Rapid Security Response" system. Elon Musk, making friends wherever he goes... A quick Mastodon aside. Here come the fake AI-generated "news" sites. Russia to replace "American" TCP/IP with "Russian Internet". Vint Serf's 3 mistakes. Detecting Unwanted Location Trackers. Show Notes: https://www.grc.com/sn/SN-922-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsor: kolide.com/securitynow

Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. Closing the Loop. A new UDP reflection attack vector. Google Authenticator Updated. Does Israel use NSO Group commercial spyware? A Russian OS? TP-Link routers compromised. A pre-release security audit. Another Intel side-channel attack. Windows users: Don't remove cURL! AI comes to VirusTotal.  Show Notes    https://www.grc.com/sn/SN-921-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT joindeleteme.com/twittv drata.com/twit