We're sunsetting PodQuest on 2025-07-28. Thank you for your support!
Export Podcast Subscriptions
cover of episode SN 998: The Endless Journey to IPv6 - AI-Driven Encryption, Session Messenger, IPv6

SN 998: The Endless Journey to IPv6 - AI-Driven Encryption, Session Messenger, IPv6

2024/10/30
logo of podcast Security Now (Audio)

Security Now (Audio)
AI Deep Dive AI Chapters Transcript
People
S
Steve Gibson
网络安全专家和企业家,创立了多个影响深远的安全工具和播客。
Topics
Steve Gibson详细阐述了苹果公司提议将SSL证书有效期缩短至45天的方案,并分析了该方案的优缺点以及可能带来的问题,包括对非ACME兼容设备的影响以及对证书吊销机制的质疑。他还讨论了SEC对四家公司因淡化SolarWinds攻击严重性而处以罚款的事件,以及谷歌Messenger应用新增功能,特别是AI驱动的敏感内容警告功能。此外,他还介绍了Session Messenger应用从澳大利亚迁移至瑞士的事件,并分析了该事件反映出的加密通讯应用面临的政府监管压力。最后,他深入探讨了互联网向IPv6迁移的现状,指出尽管IPv4地址已耗尽,但由于NAT和SNI等技术的应用,互联网仍然能够正常运行,并且IPv6的普及率远低于预期,原因在于域名已成为关键资源,IP地址的重要性降低。 Leo Laporte主要与Steve Gibson就上述话题进行互动和讨论,并提出一些问题和补充说明。他参与讨论了苹果公司缩短证书有效期的方案、SolarWinds攻击事件、谷歌Messenger新功能、Session Messenger迁移以及互联网向IPv6迁移等话题,并对Steve Gibson提出的观点和分析进行回应和补充。

Deep Dive

Chapters
Apple proposes reducing maximum web server certificate life to 45 days, which raises concerns about automation and practicality for non-web server applications.
  • Apple's proposal aims to reduce certificate lifetimes gradually to 45 days.
  • Automation is crucial for managing short-lived certificates, but many devices and applications are not equipped to handle frequent updates.
  • The proposal could push everyone to the lowest common denominator of domain validation certificates, reducing security assurance.

Shownotes Transcript

  • Apple proposes 45-day maximum certificate life.

  • SEC fines four companies for downplaying their SolarWinds attack severity.

  • Google adds 5 new features to Messenger including inappropriate content.

  • Does AI-driven local device-side filtering resolve the encryption dilemma forever?

  • The very nice looking "Session" messenger leaves Australia for Switzerland.

  • Another quick look at the question of the EU's software liability moves.

  • Fake North Korean employees WERE found to install backdoor malware.

  • How to speed up an SSD without using SpinRite.

  • Using ChatGPT to review and suggest improvements in code.

  • And Internet governance has been trying to move the Internet to IPv6 for the past 25 years, but the Internet just doesn't want to go. Why not? And will it ever?

Show Notes - https://www.grc.com/sn/SN-998-Notes.pdf)

Hosts: Steve Gibson) and Leo Laporte)

Download or subscribe to this show at https://twit.tv/shows/security-now).

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit)

You can submit a question to Security Now at the GRC Feedback Page).

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com), also the home of the best disk maintenance and recovery utility ever written Spinrite 6).

Sponsors: