Steve Gibson
@SGgrc
Followers
63,520
Following
0
Media
118
Statuses
7,076
I didn't want to clutter up the corporate GibsonResearch Twitter account with lots of personal stuff. That's what this one is for.
Southern California
Joined May 2010
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Olympics
• 3454117 Tweets
Venezuela
• 1086210 Tweets
Jesus
• 791756 Tweets
Bitcoin
• 540705 Tweets
Christianity
• 527599 Tweets
Hezbollah
• 411041 Tweets
Last Supper
• 381907 Tweets
Chelsea
• 164745 Tweets
The Villages
• 151099 Tweets
#アイドルへモーニングコール
• 65557 Tweets
Yankees
• 64261 Tweets
Demichelis
• 62602 Tweets
Gallardo
• 49708 Tweets
ワンフェス
• 49133 Tweets
#precure
• 47438 Tweets
Vitória
• 45548 Tweets
#UFC304
• 38429 Tweets
Maresca
• 35317 Tweets
Apollo
• 30884 Tweets
#仮面ライダーガッチャード
• 24690 Tweets
O Palmeiras
• 23057 Tweets
Rony
• 23013 Tweets
Dionysus
• 17091 Tweets
The Penguin
• 13588 Tweets
jota
• 11194 Tweets
Paiva
• 10316 Tweets
年下彼氏
• 10213 Tweets
Someone on the Facebook recovery effort has explained that a routine BGP update went wrong, which in turn locked out those with remote access who could reverse the mistake. Those who do have physical access do not have authorization on the servers. Catch-22.
115
637
2K
GRC's forthcoming “ValiDrive” freeware is running and being tested by our terrific community. It IS finding bad, slow, buggy, error-prone and fraudulent USB drives. 👍 It's expected for release later this week. I'll announce it here when it's ready for everyone.
43
121
930
“ValiDrive”
New GRC Windows utility to quickly spot-check any USB mass storage drive for deliberate sizing fraud and errors:
Over the next day I'll be fleshing out its description page. But the Windows App is ready for the world now! 👍
44
204
879
Reports are that Facebook employees cannot enter their headquarters because their badges don’t work, and those inside are unable to enter various rooms because access is dependent upon obtaining authorization from remote Facebook servers.
Those who live by technology...
54
228
806
Announcing new freeware from GRC (by me): "InSpectre"
Quickly assess and verify any Windows platform -- hardware and software -- for Meltdown and Spectre mitigation function and capability (125kb with no "installation" nonsense.)
73
408
713
By popular demand... I am (briefly) pausing work on SpinRite v6.1 to create a new piece of GRC Freeware which will quickly and non-destructively check the terrain of any USB-connected mass storage drive for “fakery” - It will quickly spot “fake” or badly damaged drives.
39
46
556
OFFICIAL Win10 registry key to allow Win11 upgrading without TPM 2.0 =OR= CPU requirements:
“AllowUpgradesWithUnsupportedTPMOrCPU”
At: "HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup" create a REG_DWORD value with that name above. Set it to '1'.
Voila! Win11 setup will upgrade!!
33
146
539
The world's DNS servers are seeing 30 TIMES more traffic since DNS caches have drained for Facebook, Instagram and WhatsApp. Users are inadvertently pounding on them. (Cloudflare's 1 . 1 . 1 . 1 DNS server(s) are holding and remain speedy.)
9
109
434
Facebook may have "deplatformed" itself, along with Instagram and WhatsApp. Hope no one depends upon "Login with Facebook!" Whoopsie! Somehow, the BGP entries for Facebook's DNS resolvers have been withdrawn from the Internet's routing tables. Insider? Attack? Who knows. Wow.
24
114
416
Google just released a really well-produced, fun, visual, 15 to 19 minute YouTube video series “Hacking Google”. Videos are:
Operation Aurora,
Threat Analysis Group,
Detection & Response,
Red Team,
Bug Hunters,
Project Zero.
HIGHLY recommended:
6
81
398
"Leaving LastPass"
This week we discuss the many issues surrounding LastPass' disclosure that they did, in fact, allow all of their customer's partially-encrypted data to be stolen by unknown malicious actors, why it's time to say goodbye and what's next.
59
76
368
THE absolutely most fabulous table setting placemat I've EVER encountered. (Okay... so there hasn't been much competition... but still!!)
12
96
364
Short Version: WPA2 is not dead. Only a single boolean flag needs to be added to code to prevent the attack. And TLS/HTTPS still saves us.
20
234
349
Only 5000 Iterations!
Direct confirmation from a decade-long LastPass user and Security Now! follower that when he checked just now, his LastPass vault was still set to 5000 iterations of PBKDF2, rather than the 100,100 that was set five years ago in 2018. Not cool, LastPass.
65
53
349
How are various organizations organized? Not tomorrow's picture of the week... but funny:
17
47
334
Meanwhile... there's been a noted global decrease in reports of teenage depression and poor self image. Mental health is on the rise. But fear not, BGP is sure to be restored soon. :-/
12
45
330
Microsoft FINALLY publishes a comprehensive 948-page Windows Command Reference PDF!:
Yay!!
18
129
326
Merry Christmas All!! And, while I really didn't plan it this way, the first release of the long-awaited ReadSpeed Benchmark went public on Christmas Eve. You can see an overview, watch a video of it running (with my narration) then try it for yourself!
23
33
317
This week's fun & funny tech photo:
"And that's how computers are made"
14
178
314
A wonderful tee shirt, which Security Now! listeners will especially appreciate (and understand)...
10
137
286
This Week's "Picture of the Week" wins the all time sublime perfection Darwin award. Funniest perfect thing I've ever seen!...
43
142
281
Buckle Up!
If you have access to Amazon Prime and enjoy Sci-Fi action movies, I can recommend Chris Pratt in “The Tomorrow War.” Non-stop action, fun, astonishing special effects (how'd they do those alien monsters?) and more. I can't imagine that it would disappoint!
37
18
259
"SQRL Explained" 17-page technical overview document.
See for details, GRC's reference SQRL client for Windows, and more. :)
19
83
256
New Freeware from GRC: "Never10." Tiny (82k) utility allows easy disable or re-enable Win7/8 OS upgrade to Win10.
39
173
251
:-( Security Researcher Dan Kaminsky died Saturday at age 42 of complications (ketoacidosis) from diabetes, which he had struggled with for years.
Security Now! researchers know of Dan's discovery of a critical weakness in the DNS servers at the time.
He will be missed.
13
32
254
I just posted THIS posting number 23,606 to the SQRL development discussion group:
Onward and back to SpinRite!
19
28
250
Everyone: I have no doubt that the title of next week’s podcast will be “Vault 7”.
28
27
231
“The Mystery of CVE-2023-38606”
Security Now!
#955
show notes.
A quick SpinRite update and some customer feedback, Then a seriously deep dive into what can only reasonably be described as a deliberate backdoor that was engineered into the past 5 generations of Apple's silicon.
19
26
236
Everyone:
Here's one to share. An amazing animated explanation of human viral physiology, and what we can do:
13
114
224
The OWASP Gothenburg, Sweden chapter created a terrific video of my presentation there 10 days ago:
This video FULLY demonstrates and EXPLAINS SQRL to anyone who is interested. Share it with other techies! :)
5
85
223
Danger Will Robinson!! Danger!!
A heads-up that Netflix released all of Season 2 of Lost in Space the day before Christmas. I haven't started into it yet since I JUST found out. Hope to make it last a few nights! :) Happy Holidays All!
25
11
221
We're losing the "Right to Repair"
REALLY interesting and thought-provoking piece in Motherboard. :)
14
99
221
GRC is back online.
It was a dead port on their switch.
Bizarre.
But happy to be back online!
17
10
217
Announcing “InControl”: GRC's latest Windows freebie which gives users control over Windows' out-of-control updating and upgrading. 82 kbytes of no-installation-needed x86 assembly language:
Clean & simple, anyone can use it to control Windows Update.
14
59
218
Tomorrow's Security Now! will provide full and deep coverage of BOTH the KRACK and ROCA attacks. :)~
13
66
201
The latest Netflix series “Travelers” is fabulously binge-worthy! I’ll be describing it on Tuesday’s podcast, but you may not want to wait!
39
36
199
Q: How many people would prefer not to have Windows 10?
A: At least One Million: "Never10" downloads just crossed ONE MILLION.
31
105
201
Everyone: Thank you SO MUCH for your "GRC is DOWN" support. I will update my dusty blog with a full rundown if we remain off the air. :)
64
37
198
Title for tomorrow's Security Now! podcast, based upon what you get if you go to www(.)facebook(.)com:
“Something Went Wrong” :)
Indeed.
24
14
190
A Blast from the past! Leo and me together in 1998... and more!
I just updated GRC's old page of classic TechTV videos from WMV to MP4. We young once! <grin>
The video collection is here:
18
14
180
(Geek Alert!) Every time I see this brilliantly conceived photographic statement, I laugh again. It's so brilliant.
http://t.co/rNcLLpdOSY
8
165
180
Sunday's Dilbert: Sad (true?)... but wonderfully Dilbert...
(thanks to
@MatDeWater
for the tip.)
10
72
175
To =ALL= Security Now Listeners:
I'm currently listening to Alex Stamos on Wednesday's "This Week in Google." Alex has not let anyone get a word in edgewise because he has SO MUCH amazing information to share. Without reservation, I RECOMMEND listening to this. It's FANTASTIC!
10
11
180
GRC is DOWN HARD.
No idea what happened yet.
Everything appears to be fine at the data centers.
Incoming link is up, but no bandwidth appears to be incoming. Looks like a routing problem at Level3/Century Link end. I'm on it! :)
30
16
178
The Gothenburg, Sweden group recorded the SQRL presentation there.
It came out very nice:
6
39
175
Netflix original series “Stranger Things” is UNBELIEVABLY WONDERFUL. If you have access to Netflix do NOT miss it!! Season 1 is 8 episodes.
32
35
173
Security Now Listeners!: Another charitable "Humble Bundle" offer of terrific security related eBooks:
19
102
167
Remember last week's latest new Apache STRUTS vulnerability?
Uh huh.
Well, the bar has been forever raised on vulnerability disclosure and demo sites:
5
53
162
GRC's (new) email system now allows Security Now! feedback email to be sent from known addresses to "securitynow" (@) .
Anyone may register their address at: and there is NO NEED to subscribe to any email lists if not interested.
12
19
165
MALWARE REMOVER: New from Microsoft, free, bootable malware/rootkit remover:
http://connect.microsoft.com/systemsweeper
4
205
159
It appears we know where TrueCrypt came from. It's a bit disturbing. LONG article. Skip halfway down to E4M icon:
19
87
156
Re: Today's Mega Twitter Hack:
I'll be on live with Jason Thursday morning at 11am Pacific to discuss everything we know about today's hack. See you there! :)
11
19
153
“I've got problems with the WiFi”
We cannot play this during tomorrow's Security Now! podcast due to a conflict with YouTube. But if you haven't seen it, it's just SO perfect:
17
28
160
What should you eat? THIS fabulous (long) article explains why Western diet advice has been so deeply flawed:
11
56
147
iOS users: Time to update (again). Last week's update left a worrisome (bad) remote WiFi attack possible. Grab v10.3.1 when you can. /Steve.
19
144
143
A shout out to
@StopForumSpam
. GRC's forums were drowning in forum spam, because forum spammers are people, typically in the Eastern bloc, who create temp GMAIL accounts and manually bypass all CAPTCHA challenges. But after adding StopForumSpam -- not a SINGLE fake registration!
2
9
146
Paypal's Venmo API defaults to publicly posting transaction details. What?!?!
This link will show you the most recent one:
37
81
140
FYI: I'm heading toward a hybrid solution with zero-cost or paid options, warrant-proof (TNO) cloud storage, optional archival non-local storage, file versioning, ransomware protection, fully cross-platform, and more. :)
27
11
139
Anyone seeking additional pain can now obtain the official Windows 11, directly from Microsoft.
(I would call it the "final" Windows 11 ... but who are we kidding?)
13
27
137
“Passkeys: A Shattered Dream?”
Security Now! show notes:
A stunning new UK law promises to change IoT security globally and immediately! Chrome's 3rd-party cookies, feedback and eMail, and an insider developer bemoans the failure of Passkey authentication.
7
24
137
Step-By-Step HOWTO to run SpinRite in a Virtual Machine on a PC, Mac, Linux, etc.:
http://t.co/qabapwpo
(the bitly link is "srvm")
17
37
136
I watched the first episode of the new Start Trek “Strange New Worlds” last night. I cannot imagine that anyone who grew up with the original series or The Next Generation would not LOVE this as I do! It's REALLY spot on.
ArsTechnica's review nailed it:
11
16
131
Security Now! Followers: I found a very nice $50 router:
(Needs 12v power supply.)
We'll discuss it next week! :)
50
30
129
Star Trek “Beyond” was perfect. Funny, fun, fast & fantastic. Everything you want after 50 years of Trek. Happy Anniversary!!
14
26
128
High Quality Star Trek Sounds:
http://www.stdimension.org/MediaLib/computere.htm
Many people have asked where I found mine. :)
15
46
129
A VERY cool example of browser-based voluntary cryptocurrency mining. At "max", how many hashes/sec does your PC do?
46
72
121
The most tweeted-to-me link in recent times: John Oliver on last night's "Last Week Tonight"
He did a FABULOUS job!
2
52
120
HOWTO create your own SUPER SECURE personal cloud storage with BitTorrnet Sync, OwnCloud, and a Raspberry Pi:
http://t.co/TloC4bhxjU
11
102
124
"Star Trek: Picard" Premieres Today.
It's annoying that it's "CBS All Access", so paid streaming. But just a heads-up for those who might have not caught the release date. :)
30
13
122
In case you missed it... THE BEST political ad of this season. Why can't they all be so fun & positive?
9
63
122
