Security Now 1031: How Salt Typhoon Gets In

• China's Salt Typhoon claims another victim (or two).


• State healthcare portals are tracking and leaking. No kidding.


• Apple adopts FIDO's Passkeys and other credentials transport.


• Facebook gets Passkey logon.


• TikTok continues ticking for at least another 90 days.


• Canadian telco admits they were infiltrated by Salt Typhoon.


• Microsoft to remove unwanted (and hopefully unneeded) hardware drivers.


• The Austrian government legislates court-warranted message decryption.


• I (Steve) finally get full clarity on what today's "AI" means.


• A deep dive into the Salt Typhoon's operation and how they got in

Show Notes - https://www.grc.com/sn/SN-1031-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to Security Now at https://twit.tv/shows/security-now.

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Join Club TWiT for Ad-Free Podcasts!

Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Sponsors:

• 1password.com/securitynow


• hoxhunt.com/securitynow


• outsystems.com/twit


• bigid.com/securitynow


• zscaler.com/security