Security Now 1008: HOTP and TOTP
Meta winds down 3rd-party content filtering. Is encryption soon to follow? Taking over abandoned Command & Control server domains (strictly for research purposes only). IoT devices to get the "Cyber Trust Mark" — Will anyone notice or care? "SyncThing" receives a (blessedly infrequent) update. Government email is not using encryption? Really? Email relaying prevents point-to-point end-to-end encryption and authentication. Just because Let's Encrypt doesn't support email doesn't mean it's impossible. What Sci-Fi does ChatGPT think I (Steve) should start reading next? To auto-update or not to auto-update? — is that one question or two? And, until today, we've never taken a deep dive into the technology of time-varying 6-digit one time tokens. Show Notes - https://www.grc.com/sn/SN-1008-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT uscloud.com joindeleteme.com/twit promo code TWIT 1password.com/securitynow zscaler.com/security