cover of episode SN 1000: One Thousand - Windows Server 2025, Malicious Python Typos

SN 1000: One Thousand - Windows Server 2025, Malicious Python Typos

2024/11/13
logo of podcast Security Now (Video)

Security Now (Video)
AI Deep Dive AI Chapters Transcript
People
L
Leo Laporte
创立TWiT网络,推动技术教育和安全意识的著名技术主播和媒体人物。
S
Steve Gibson
网络安全专家和企业家,创立了多个影响深远的安全工具和播客。
Topics
本期节目是《安全播报》播客的一千期,回顾了节目的发展历程,并讨论了最新的安全新闻,包括Bitwarden是否转向闭源、德国安全研究人员的权利得到澄清、澳大利亚将对社交媒体实施年龄限制、微软修复用户帐户控制(UAC)、俄罗斯对不遵守规定的公司处以罚款、韩国因严重的用户隐私违规行为对Meta处以罚款、Synology的严重零点击远程代码执行漏洞、恶意Python包的错别字攻击、谷歌将强制所有云服务用户启用多因素身份验证以及Mozilla基金会裁员30%。 节目中还讨论了如何安全地将家庭自动化控制器暴露到互联网上,以及对AI的信任度问题。

Deep Dive

Chapters
Bitwarden reassures users that it remains open-source despite a packaging bug causing confusion. The company has switched its SDK to GPLv3, maintaining its commitment to open-source licensing.
  • Bitwarden remains committed to open-source licensing.
  • A packaging bug was misunderstood as a move to closed-source.
  • The SDK has been switched to GPLv3 for improved licensing clarity.

Shownotes Transcript

  • Did Bitwarden go closed-source?

  • The rights of German security researchers are clarified.

  • Australia to impose age limits on social media.

  • Free Windows Server 2025 anyone?

  • UAC wasn't getting in the way enough, so they're fixing that.

  • "From Russia with fines" -- obey or else.

  • South Korea fines Meta over serious user privacy violations.

  • Synology's (very) critical zero-click RCE flaw.

  • Malicious Python packages invoked by typos.

  • Google to enforce full MFA for all cloud service users.

  • Mozilla Foundation lays off 30%? Is Firefox safe?

  • Some feedback from Dave's Garage (https://grc.sc/dave)

  • GRC email

  • CTL: AI Debugging

  • CTL: Chat GPT vs YouTube Shorts

  • CTL: Update on the "Train Tracks" Pic of the Week

  • CTL: DNS Benchmark compatibility

  • CTL: The accuracy of AI

  • CTL: Exposing NAS to the Internet

  • CTL: Congrats on 1000!

Show Notes - https://www.grc.com/sn/SN-1000-Notes.pdf)

Hosts: Steve Gibson) and Leo Laporte)

Download or subscribe to this show at https://twit.tv/shows/security-now).

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit)

You can submit a question to Security Now at the GRC Feedback Page).

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com), also the home of the best disk maintenance and recovery utility ever written Spinrite 6).

Sponsors: