SN 944: Abusing HTTP/2 Rapid Reset - Passkeys, ValiDrive follow-up, 2FA apps, pre-release Spinrite - a podcast by TWiT

• ValiDrive release follow-up


• Passkeys exportability and phishing risk


• Passkeys for device verification like SSH keys


• Possibility of hobby browsers vs. production browsers


• Availability of SpinRite 6.1 pre-release


• Filling drives with crypto noise using VeraCrypt


• Steve and Leo's favorite OTP apps


• Google Docs link rewriting could be to prevent referrer leakage


• Abusing HTTP/2 Rapid Reset

Show notes: https://www.grc.com/sn/SN-944-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• Melissa.com/twit


• cs.co/twit


• bitwarden.com/twit

Further episodes of Security Now (Audio)

Further podcasts by TWiT

Website of TWiT