Episode cover
17 Feb 2026
2h 40m

SN 1065: Attestation - Code Signing Gets Tough

Security Now (Audio)

Sign in to continue reading, translating and saving this episode.

Continue

Summary

Security Now (Audio) - SN 1065: Attestation - Code Signing Gets Tough

Shownotes

<p>How secure are your Chrome extensions and certificate signings really? This episode pulls back the curtain on a massive spyware discovery and exposes the convoluted hoops developers must jump through to prove their identity in 2026.</p><ul> <li>Websites can place high demands upon limited CPU resources.</li> <li>Microsoft appears to back away from its security commitment.</li> <li>What's Windows 11 26H1 and where do I get it.</li> <li>Chrome 145 brings Device Bound Session Credentials.</li> <li>More countries are moving to ban underage social media use.</li> <li>The return of Roskomnadzor.</li> <li>Discord to require proof of adulthood for adult content.</li> <li>Might you still be using WinRAR 7.12 -- I was.</li> <li>Paragon's Graphite can definitely spy on all instant messaging.</li> <li>30 malicious Chrome Extensions.</li> <li>287 Chrome extensions from spying on 37.4 million users.</li> <li>The first malicious Outlook add-in steals 4000 user's credentials.</li> <li>Some AI "vibe" coding thoughts.</li> <li>What I just went through to obtain a new code signing certificate</li></ul> <p>Show Notes - <a href="https://www.grc.com/sn/SN-1065-Notes.pdf">https://www.grc.com/sn/SN-1065-Notes.pdf</a></p> <p><strong>Hosts:</strong> <a href="https://twit.tv/people/steve-gibson">Steve Gibson</a> and <a href="https://twit.tv/people/leo-laporte">Leo Laporte</a></p> <p>Download or subscribe to <em>Security Now</em> at <a href="https://twit.tv/shows/security-now">https://twit.tv/shows/security-now</a>.</p> <p>You can submit a question to <em>Security Now</em> at the <a href="https://www.grc.com/feedback.htm" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="https://www.grc.com/securitynow.htm" target="_blank">grc.com</a>, also the home of the best disk maintenance and recovery utility ever written <a href="https://www.grc.com/sr/spinrite.htm" target="_blank">Spinrite 6</a>.</p> <p><strong>Join Club TWiT for Ad-Free Podcasts!</strong><br /> Support what you love and get ad-free audio <em>and</em> video feeds, a members-only Discord, and exclusive content. Join today: <a href="https://twit.tv/clubtwit" rel="payment">https://twit.tv/clubtwit</a></p> <p><strong>Sponsors:</strong><ul> <li><a href="http://canary.tools/twit" target="_blank" rel="sponsored">canary.tools/twit - use code: TWIT</a></li> <li><a href="http://joindeleteme.com/twit" target="_blank" rel="sponsored">joindeleteme.com/twit promo code TWIT</a></li> <li><a href="http://meter.com/securitynow" target="_blank" rel="sponsored">meter.com/securitynow</a></li> <li><a href="http://zscaler.com/security" target="_blank" rel="sponsored">zscaler.com/security</a></li> <li><a href="http://hoxhunt.com/securitynow" target="_blank" rel="sponsored">hoxhunt.com/securitynow</a></li> </ul></p>