POPULARITY
9 episodes with BitLocker
5 episodes with BitLocker
7 episodes with BitLocker
5 episodes with BitLocker
3 episodes with BitLocker
6 episodes with BitLocker
5 episodes with BitLocker
4 episodes with BitLocker
5 episodes with BitLocker
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity topics, including newly discovered Windows Zero Days, insights from Verizon's latest Data Breach Investigations Report, and a significant credential leak at CISA. They emphasize the importance of vulnerability management, the evolving threat landscape, and best practices for securing sensitive data. The conversation highlights the need for organizations to adapt quickly to emerging threats and implement robust security measures to protect against breaches.----------------------------------------------------YouTube Video Link: https://youtu.be/DtPgg2jQCyM----------------------------------------------------Documentation: https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html?m=1https://www.verizon.com/business/resources/T158/reports/2026-dbir-data-breach-investigations-report.pdfhttps://arstechnica.com/information-technology/2026/05/in-stunning-display-of-stupid-secret-cisa-credentials-found-in-public-github-repo/----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! Simple 6 signup link https://simple6.co/r/CFUR98 Microsoft releases a temporary mitigation script for "YellowKey," a BitLocker-bypassing Windows zero-day with no permanent fix yet https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/ Researchers uncover FAST16, a state-sponsored cyber-sabotage framework from 2005 that silently corrupted precision engineering calculations — predating Stuxnet by at least five years and linked to NSA tooling https://www.tomshardware.com/software/security-software/decades-old-pre-stuxnet-cyber-sabotage-tool-breaks-cover-nsa-listed-it-as-nothing-to-see-here-fast16-targeted-nuclear-reactors-dam-design-and-other-high-precision-civil-engineering-software-years-before-stuxnet-broke-cover https://www.wired.com/story/fast16-malware-stuxnet-precursor-iran-nuclear-attack/ https://www.sentinelone.com/labs/fast16-mystery-shadowbrokers-reference-reveals-high-precision-software-sabotage-5-years-before-stuxnet/ Riot Games clarifies its Vanguard anti-cheat doesn't brick PCs — it just renders $6,000 worth of DMA cheat hardware completely useless https://www.ign.com/articles/riot-games-says-it-would-not-and-cannot-use-vanguard-anti-cheat-to-brick-pcs-after-rumors-spread https://www.tweaktown.com/news/111774/valorants-vanguard-anti-cheat-now-destroys-dma-cheat-firmware/index.html https://x.com/dexerto/status/2057785616255860991 Apple is developing an "anti-snatch" feature that automatically locks an iPhone the moment sensors detect it's been ripped from a user's hand — and London thieves already prefer iPhones over Samsungs https://appleinsider.com/articles/26/05/27/rumored-anti-snatch-feature-will-automatically-lock-iphones-yanked-out-of-a-users-hand https://appleinsider.com/articles/25/11/18/london-thieves-snatching-iphones-but-dont-want-no-samsung Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Ben - https://www.linkedin.com/in/benjamincorll/
It looks like Bitlocker had a back door in it, how a listener accidentally broke Gitea for users of the snap version, Google accidentally published an unpatched exploit for Chromium-based browsers, why people are starting to ditch Bitwarden, and moving a tech stack away from large corporations. Plugs Support us on patreon and get an ad-free RSS feed with some early episodes How Klara and TrueNAS fixed ZFS's longest standing limitation Webinar: June 25th @ 11am EDT: Understanding AnyRAID with Jon from HexOS News/discussion YellowKey Bitlocker Bypass Vulnerability Microsoft shares mitigation for YellowKey Windows zero-day How I Broke Gitea for Everyone Google publishes exploit code threatening millions of Chromium users The Quiet Renovation at Bitwarden Free consulting We were asked about moving a tech stack away from large corporations. See our contact page for ways to get in touch.
It looks like Bitlocker had a back door in it, how a listener accidentally broke Gitea for users of the snap version, Google accidentally published an unpatched exploit for Chromium-based browsers, why people are starting to ditch Bitwarden, and moving a tech stack away from large corporations. Plugs Support us on patreon and get an ad-free RSS feed with some early episodes How Klara and TrueNAS fixed ZFS's longest standing limitation Webinar: June 25th @ 11am EDT: Understanding AnyRAID with Jon from HexOS News/discussion YellowKey Bitlocker Bypass Vulnerability Microsoft shares mitigation for YellowKey Windows zero-day How I Broke Gitea for Everyone Google publishes exploit code threatening millions of Chromium users The Quiet Renovation at Bitwarden Free consulting We were asked about moving a tech stack away from large corporations. See our contact page for ways to get in touch.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
GitHub Breach https://x.com/github/status/2056949168208552080 Agentic Threat Intelligence Feed - VS Code Extensions https://agentmesh.knostic.ai/extensions More NGINX Vulnerabilities https://x.com/nebusecurity/status/2057071579876753643 https://my.f5.com/manage/s/article/K000161307 Microsoft Publishes YellowKey Mitigation CVE-2026-45585 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585 Incomplete Sonicwall Patch CVE-2024-12802 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001
Chris and Hector break down a major ransomware attack on Foxconn, the growing strain AI data centers are putting on power grids, and new allegations surrounding Microsoft security and cloud infrastructure. They also discuss insider threats, ransomware leaks, BitLocker concerns, and why cybersecurity vendors continue to overwhelm the industry with noise instead of solutions. Join our Patreon for weekly bonus episodes: https://www.patreon.com/c/hackerandthefed Send HATF your questions at questions@hackerandthefed.com
In This Episode: Apple's AI, Google I/O Updates, and the BitLocker Yellow Key Security Flaw This week the TEH Podcast is hosted by Leo Notenboom, the “Chief Question Answerer” at Ask Leo!, and Gary Rosenzweig, the host and producer of MacMost, and mobile game developer at Clever Media. (You’ll find longer Bios on the Hosts page.) Top Stories 0:00 GR: What will the new Siri be like? (WWDC coming up) Stand-alone app Voice assistant that understands what you mean Gemini but not Gemini, Gemini model running on Apple's servers, doing Apple things 12:30 LN: Bitlocker busted? Yellowkey exploit 16:00 How encryption keys are really stored 22:00 GR: Folding Phones? Big deal or niche product? Really looks like Apple is doing this soon (iPhone Ultra) Pixel Fold: https://store.google.com/product/pixel_10_pro_fold?hl=en-US&pli=1 33:00 GR: Google I/O stuff, audio glasses, AI agents Glasses without any visual component: just mic, speaker and camera? 36:00 LN: https://bee.computer/ 41:00 Hot take: People don't want agents, as people don't normally have assistants. Normal people talk to other people (chat) Also: Could it come to a point where it is all just moving too fast? Ain’t it Cool 57:00 GR: I'll Miss Stephen Colbert 1:00:00 LN: New Murderbot – Platform Decay BSP: Blatant Self-Promotion 01:01:16 GR: https://macmost.com/10-reasons-why-you-should-be-using-icloud-photos.html 01:03:43 LR: Has BitLocker Been Broken? What YellowKey Means to You – askleo.com/192620 Transcript teh_267 Video
Send us Fan MailBitLocker feels like a safety net until you see how a single bypass can change the whole risk picture. Today we react to the Yellow Key vulnerability (noted in the news and referenced as CVE 2645585) and use it as a practical CISSP training moment: a public proof of concept is available, a vendor patch is not, and the attack hinges on physical access. That mix forces you to think clearly about what “high risk” actually means, why “critical” is not always the right label, and how real security teams respond when the perfect fix does not exist yet.We connect the story to CISSP domains you are actively tested on. Domain 3 shows up in the basics of data at rest encryption and the uncomfortable truth that encryption is only as strong as its implementation. Domain 7 shows up in zero-day vulnerability management, compensating controls, and the need to have patch deployment ready to move the moment Microsoft ships a fix. We also highlight why secure boot and firmware integrity checks matter, and why endpoint detection may not help when an attacker can silently read files with little to no logging signal.Then we shift into five exam-style questions designed to sharpen your decision-making: how to classify risk using likelihood and impact, how to spot absolute-language distractors, which CIA triad principle is actually failing when data is accessed without detection, and why data minimisation can reduce breach impact more than “adding another tool.” If you're studying for the CISSP exam and want practice that feels like real life, this is built for you.Subscribe for weekly CISSP practice, share this with a study partner, and leave a review so more candidates can find the show. What control would you tighten first if a BitLocker bypass hit your fleet tomorrow?Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
On this week's show Patrick Gray, Adam Boileau and James Wilson discuss the week's cybersecurity news. They cover: GitHub announced a possible breach CISA leaks important creds, keys in public repo Awful vulnerability in Bitlocker renders it useless without a PIN So. Many. Patches. Polish Government urges officials to ditch Signal for mSzyfr Much, much more This week's show is brought to you by Thinkst Canary. Thinkst's founder, Haroon Meer, is this week's sponsor guest. He joined James Wilson to talk about how doing “the basics” in security isn't trivially easy. This episode is also available on YouTube. Show notes GitHub on X: "We are investigating unauthorized access to GitHub's internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub's internal repositories (such as our customers' enterprises, organizations, and repositories), we are closely" / X CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran Iran hackers: Hackers have breached tank readers at gas stations; officials suspect Iran is responsible | CNN Politics War and Data Centers Are Driving Up the Cost of Fiber-Optic Cable Microsoft on pace to break annual vulnerability record as AI-driven patch wave takes hold | The Record from Recorded Future News NCSC's Ollie Whitehouse on surviving the "bugpocalypse" - Risky Business Media Defense at AI speed: Microsoft's new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog Project Glasswing: what Mythos showed us Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable' First public macOS kernel memory corruption exploit on Apple M5 OpenAI launches Daybreak to combat cyber threats | Cybersecurity Dive Zero-day exploit completely defeats default Windows 11 BitLocker protections - Ars Technica GitHub - Wack0/bitlocker-attacks: A list of public attacks on BitLocker · GitHub Catalin Cimpanu: "The Polish government has advi…" - Mastodon CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday | The Record from Recorded Future News CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) Huawei zero-day attack behind last year's crash of Luxembourg's entire telecoms network | The Record from Recorded Future News Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN | Cybersecurity Dive Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs | The Record from Recorded Future News Streamer Realtime Deepfakes Himself into Mr. Beast, Says He Loves 'Touching Little Boys'
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
A serious new Windows 11 BitLocker vulnerability, open-sourced offensive malware tools, a suspected Iranian cyber campaign targeting U.S. fuel infrastructure, and malware that appears designed to interfere with nuclear weapons simulation systems. Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security. David Shipley breaks down four major cybersecurity stories on Cybersecurity Today. First, a newly disclosed zero-day dubbed YellowKey reportedly defeats default Windows 11 BitLocker protection on systems using TPM-only encryption, giving attackers with physical access a path to unencrypted data through the Windows Recovery Environment. Microsoft is investigating, while security experts are urging stronger BitLocker configurations. The episode also examines the TeamPCP threat group's decision to release offensive tooling publicly, dramatically lowering the barrier for copycat supply-chain attacks. Researchers have already spotted malicious NPM packages borrowing similar techniques, including persistence mechanisms aimed at developer environments such as Visual Studio Code and Claude Code. David also looks at disturbing analysis of the FAST16 malware, which researchers believe was engineered to tamper with nuclear weapons simulation software including LS-DYNA and AutoDyn. And finally, U.S. officials reportedly suspect Iranian actors in cyberattacks targeting internet-exposed gas station automatic tank gauge systems, a reminder that weak operational technology security can quickly become a real-world infrastructure problem. 00:00 Sponsor Message 00:24 Headlines Overview 00:50 BitLocker Zero Day 03:32 TeamPCP Tools Leak 06:13 Copycat NPM Malware 06:50 Fast16 Nuclear Sabotage 08:37 Iran Gas Station Hacks 10:28 Hardening Critical Infrastructure 11:16 Wrap Up And Events 11:59 Sponsor Deep Dive #Cybersecurity #Windows11 #BitLocker #ZeroDay #TeamPCP #IranCyberAttack #SupplyChainAttack #CriticalInfrastructure #CyberSecurityToday
A security researcher just showed that bypassing BitLocker on Windows 11 takes little more than a USB stick and a reboot. I'll discuss what we know, who needs to worry, what the risks are for most people, and what you can do about it right now.
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
OpenAI, Microsoft, and Google are racing to unleash next-gen AI that hunts for software vulnerabilities and hacks at scale. This episode explores how these advancements could shake up everything we thought we knew about cybersecurity. Microsoft rethinks Edge's "intended behavior" after it gets press. Chaotic Eclipse hacker strikes again with a Bitlocker bypass. Google's threat analysis group documents malicious AI use. Canada hasn't learned the lessons of the EU and the UK. AI chatbots may be far more addictive than social media. Project: Hail Mary now available to stream. An apparently-serious zero-point quantum vacuum energy source. A bit of listener feedback. OpenAI's & Microsoft's vulnerability discovery systems Show Notes - https://www.grc.com/sn/SN-1079-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit hoxhunt.com/securitynow zscaler.com/security meter.com/securitynow canary.tools/twit - use code: TWIT joindeleteme.com/twit promo code TWIT
Microsoft hat gerade etwas Stress: Sicherheitsforscher:in Chaotic Eclipse/Nightmare Eclipse hat unter anderem einen 0day-Exploit veröffentlicht, mit dem man auf äußerst einfachem Weg vollen Zugriff auf Laufwerke bzw. Partitionen erhält, die mit Bitlocker verschlüsselt wurden. Laut Chaotic Eclipse sind die dafür nötigen Elemente nur in der Windows Recovery Environment enthalten, nirgends sonst, auch nicht im Internet. Weshalb es nahe liegen könnte, dass es sich hierbei nicht um einen Bug handelt, sondern eine Backdoor. Positiv hingegen für Nutzer von älteren AMD-Grafikkarten: Der ML-basierte Upscaler FSR 4.1 soll nun endlich doch auch offiziell für Radeon 6000 (RDNA 2) und 7000 (RDNA 3) kommen. Für Radeon 7000 sogar schon im Juli 2026, was praktischerweise recht gut zum vermuteten Release der Steam Machines passen würde. Nutzer von Grafikkarten der 6000er Serie müssen sich leider noch bis Anfang 2027 gedulden. Oder weiter auf die inoffizielle INT8-Version per Optiscaler odgl. setzen. Viel Spaß mit Folge 307! Sprecher:innen: Meep, Michael Kister, Mohammed Ali DadAudioproduktion: Michael KisterVideoproduktion: Mohammed Ali Dad, Michael KisterTitelbild: MeepBildquellen: Microsoft/PixabayAufnahmedatum: 15.05.2026 Besucht unsim Discord https://discord.gg/SneNarVCBMauf Bluesky https://bsky.app/profile/technikquatsch.deauf Youtube https://www.youtube.com/@technikquatsch https://www.youtube.com/@technikquatschgamingauf TikTok https://www.tiktok.com/@technikquatschauf Instagram https://www.instagram.com/technikquatschauf Twitch https://www.twitch.tv/technikquatsch RSS-Feed https://technikquatsch.de/feed/podcast/Spotify https://open.spotify.com/show/62ZVb7ZvmdtXqqNmnZLF5uApple Podcasts https://podcasts.apple.com/de/podcast/technikquatsch/id1510030975Deezer https://www.deezer.com/de/show/1162032 00:00:00 Herzlich willkommen zu Technikquatsch Folge 307! 00:08:58 Ein Controller namens Wilhelmhttps://bsky.app/profile/wario64.bsky.social/post/3mloyh34myc2w 00:12:15 Der ML-basierte Upscaler FSR 4.1 kommt offiziell auch für RDNA 3 (Juli 2026) und RDNA 2 (2027).https://www.computerbase.de/news/grafikkarten/ki-upsampling-amd-bringt-fsr-4-1-offiziell-auf-rdna-3-und-rdna-2.97362/ 00:17:42 HDMI 2.1 auf AMD unter Linux nähert sich der Fertigstellung.https://www.gamingonlinux.com/2026/05/further-expanded-amd-hdmi-2-1-support-is-coming-to-linux-now-with-frl-and-dsc/ 00:20:45 Backdoor in Microsoft Bitlockerhttps://www.golem.de/news/nach-zoff-mit-microsoft-forscher-leakt-zero-day-exploit-fuer-bitlocker-2605-208630.htmlhttps://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/https://deadeclipse666.blogspot.com/2026/05/two-more-public-disclosures-it-will.html 00:36:22 Probleme mit Dell Support Assisthttps://borncity.com/blog/2026/05/15/windows-11-dell-bestaetigt-probleme-des-support-assist-mit-windows-updates-mai-2026/ 00:40:10 Hands-on Macbook Neo 00:41:23 Treiber-Rollback durch Windows Update geplanthttps://www.heise.de/news/Stabileres-Windows-Cloud-gestuetzte-Treiber-Wiederherstellung-fuer-Windows-Update-11295257.html 00:54:31 Treffer durch KI-Erkennungssoftware allein reicht nicht für einen Haftbefehl.https://www.heise.de/news/Haftbefehl-abgelehnt-KI-Treffer-ist-fuer-Richter-nur-ein-vager-Hinweis-11295643.html 01:03:19 Mike hat Drova weitergespielt 01:09:13 Mario 64 als Deckbuilder per ROM-Hack, Roguelike-Deckbuilder Dawncaster, Final Fantasy 16 angespielthttps://romhacking.com/hack/bazrhttps://dawncaster.wanderlost.games/ 01:17:00 Vielen Dank, bis zum nächsten Mal!
In dieser Folge sprechen Tobi und Rüdiger über: - Warum Kinder heute keine Telefonnummern mehr auswendig kennen - Die Android-Spionageplattform „KidsProtect“ - Warum geklaute, entsperrte iPhones besonders wertvoll sind - KI-Systeme, die nach mehrfacher Nachfrage plötzlich verbotene Inhalte verraten - Einen Hackerkrieg zwischen Microsoft und einem Sicherheitsforscher - Eine mögliche BitLocker-Backdoor namens „Yellow Key“ - Honeypot-Fallen in Webformularen - Iranische Hacker an US-Tankstellen - Apple-Sicherheitsfunktionen vs. KI - Die absurdeste Senioren-Story des Monats: Polizei-Einsatz wegen Gaming -- Links zur Folge immer auf https://podcast.ichglaubeeshackt.de/ Wenn Euch unser Podcast gefallen hat, freuen wir uns über eine Bewertung! Feedback wie z.B. Themenwünsche könnt Ihr uns über sämtliche Kanäle zukommen lassen: Email: podcast@ichglaubeeshackt.de Web: podcast.ichglaubeeshackt.de Instagram: http://instagram.com/igehpodcast Außerdem: Die lauteste Tastatur-App der Welt („Klack“) Notepad++ auf dem Mac Warum API-Limits bei KI nicht immer echte Limits sind KI-generierte Superheldenbilder für Kinderbesuch
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! Cyb3r Operations https://www.cyb3roperations.com/ https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/ https://www.tomshardware.com/tech-industry/cyber-security/microsoft-bitlocker-protected-drives-can-now-be-opened-with-just-some-files-on-a-usb-stick-yellowkey-zero-day-exploit-demonstrates-an-apparent-backdoor YellowKey Zero-Day: An unpatched BitLocker bypass dubbed "YellowKey" allows physical attackers to unlock encrypted Windows 11 and Server 2022/2025 drives using just a USB stick — no password or recovery key needed — and the frustrated researcher behind it is threatening more disclosures after Microsoft allegedly ignored previous reports. https://calmatters.org/economy/technology/2026/05/california-went-big-on-canvas-the-worst-happened/ https://databreaches.net/2026/05/08/one-size-does-not-fit-all-sometimes-victims-probably-should-pay-ransom/ https://www.bleepingcomputer.com/news/security/us-govt-seeks-instructure-testimony-on-massive-canvas-cyberattack/ Canvas Ransomware Attack: ShinyHunters breached education platform Canvas twice within a week, stealing data from an estimated 275 million users across nearly 9,000 institutions globally, disrupting final exams across California and beyond — and now the U.S. House Committee on Homeland Security is demanding Instructure executives testify, while analysts debate whether refusing to pay the initial ransom made the fallout far worse. https://insider-gaming.com/forza-horizon-6-leak-drops-155-gb-content/ Forza Horizon 6 Leak: Playground Games accidentally uploaded the complete, unencrypted 155GB build of Forza Horizon 6 to Steam ten days before its May 19 release, making the full game available to pirates — and Playground has since issued lifetime bans to players who streamed the leaked footage. https://www.rotowire.com/soccer/article/2026-world-cup-groups-full-group-by-group-preview-analysis-projections-and-dark-horses-100836 https://au.news.yahoo.com/head-knocks-ultra-violence-viral-231852371.html 2026 World Cup Preview: With the expanded 48-team tournament kicking off June 11 across the U.S., Canada, and Mexico, Spain, France, and England headline the favorites — but the new format means more upsets, more dark horses, and storylines ranging from Messi's likely final campaign to Iraq's return to the World Cup stage for the first time since 1986. Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Buck - https://www.linkedin.com/in/buck-rogers-9952446a/
This is a recap of the top 10 posts on Hacker News on May 17, 2026. This podcast was generated by wondercraft.ai (00:30): Mozilla to UK regulators: VPNs are essential privacy and security toolsOriginal post: https://news.ycombinator.com/item?id=48166459&utm_source=wondercraft_ai(02:00): Security researcher says Microsoft built a Bitlocker backdoor, releases exploitOriginal post: https://news.ycombinator.com/item?id=48168856&utm_source=wondercraft_ai(03:31): I don't think AI will make your processes go fasterOriginal post: https://news.ycombinator.com/item?id=48168221&utm_source=wondercraft_ai(05:02): At least 25 Flock cameras have been destroyed in five states since April 2025Original post: https://news.ycombinator.com/item?id=48170798&utm_source=wondercraft_ai(06:33): Native all the way, until you need textOriginal post: https://news.ycombinator.com/item?id=48168058&utm_source=wondercraft_ai(08:04): AI subscriptions are a ticking time bomb for enterpriseOriginal post: https://news.ycombinator.com/item?id=48168056&utm_source=wondercraft_ai(09:35): AI is a technology not a productOriginal post: https://news.ycombinator.com/item?id=48168626&utm_source=wondercraft_ai(11:06): Apple Silicon costs more than OpenRouterOriginal post: https://news.ycombinator.com/item?id=48168198&utm_source=wondercraft_ai(12:37): I turned a $80 RK3562 Android tablet into a Debian Linux workstationOriginal post: https://news.ycombinator.com/item?id=48168668&utm_source=wondercraft_ai(14:08): WHO declares Ebola outbreak a global health emergencyOriginal post: https://news.ycombinator.com/item?id=48168708&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai
Elon Musk perde la causa contro OpenAI. Eric Schmidt fischiato all'università. La backdoor di Bitlocker. Bitwarden cancella la licenza gratuita. ChatGPT e il conto in banca. Recupera i bitcoin grazie a Claude AI. Queste e molte altre le notizie tech commentate nella puntata di questa settimana.Dallo studio distribuito di digitalia:Franco Solerio, Michele Di MaioProduttori esecutivi:Jose, Mario Giammona, Simone Podico, Marco Grechi, Jacopo Conti, Manuel Giannatempo, Calogero Augusta, Michelangelo Rocchetti, Andrea Guido, Vito Astone, Davide Tinti, Alessandro Morgantini, Daniele Bastianelli, Andrea Malesani, Silvio Mariuzzo, Fabio Brunelli, Jean Dal Bo, Gabriele Marinelli, Enrico, Fiorenzo Pilla, Luca Ubiali, Umberto Marcello, Alessio Ferrara, Edoardo Volpi Kellerman, Beconsulting, Ivan, Cristian De Solda, Donato Gravino, Enrico Carangi, Giorgio Puglisi, Emanuele Libori, Davide Porta, Paolo Tegoni, Denis Grosso, Paolo Bernardini, Vincenzo Ingenito, Nicola Grilli, Andrea Giovacchini, Carlo Tomas, Riccardo Famà, Manuel Zavatta, Cristian Pastori, Diego Arati, Andrea Picotti, Mario Cervai, Giuliano ArcinottiSponsor:Squarespace.com - utilizzate il codice coupon "DIGITALIA" per avere il 10% di sconto sul costo del primo acquisto.Links:Elon Musk loses court battle against Sam Altman and OpenAIFabricated citations: an audit across 25 million biomedical papersLIA non ha rotto la scienza. Lha smascherataSecurity researcher says MS secretly built a backdoor into BitLockerBitwarden scrubs 'Always free' from its websiteConcerns Over Bitwarden Moving Away from Open SourceI see 1Password is stepping on the rake againWhat we learned using AI agents to refactor a monolithFBI remotely scrubs Russian malware from compromised devicesChatGPT Wants Access to Your Bank AccountOpenAI now wants ChatGPT to access your bank accountsOpenAI seals deal in Malta to give all Maltese access to ChatGPT PlusDigitalia DistillataChatbots at the drive-thru are just the beginningAI vigilante trap snares alleged paedophile ex-teacher in FranceAnthropic blames dystopian sci-fi for training AI models to act evilBitcoin trader recovers $400,000 using Claude AIGoogle's Android-powered laptops are called GooglebooksWill I be OK? Teen died after ChatGPT pushed deadly mix of drugsThe funniest thing about the Trump arcade game is how good it isTeam America: World Police Theme SongGingilli del giorno:Pro-level travel tips - consigli per i viaggi per geekPaperless AI Assist - automatizza Paperless-ngx con l'AISupporta Digitalia, diventa produttore esecutivo.
Bitlocker may not be as locked as we thought!, AI Note takers for you Dr visit is screwing up 60% of the time! Caller wants a new laptop, Whatnot seller but keeps buffering, Flashdrive issues write protection, Proton VPN/Mail accounts,
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Proxying the Unproxyable? Sending EXE traffic to a Proxy https://isc.sans.edu/diary/Proxying%20the%20Unproxyable%3F%20Sending%20EXE%20traffic%20to%20a%20Proxy/32982 New Nightmare Eclipse Vulnerabilities Disclosed https://github.com/Nightmare-Eclipse/YellowKey https://github.com/Nightmare-Eclipse/GreenPlasma Adobe Patches https://helpx.adobe.com/security.html
Foxconn confirms North American factory attack BitLocker zero-day accesses protected drives MDASH patches 16 Windows flaws Get the show notes here: https://cisoseries.com/cybersecurity-news-foxconn-factory-attacks-bitlocker-zero-day-accesses-protected-drives-mdash-patches-windows-flaws/↗ Huge thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar face on a call. But Doppel sees through the disguise. Our AI-native platform detects and disrupts attacks across every channel, while training employees to recognize deepfakes and deception. We fight relentlessly to protect your business, brand, and people. Doppel. Outpacing what's next in social engineering. Learn more at doppel.com.
Infosec Decoded Season 6 #35: Bitlocker BypassWith sambowne@infosec.exchange and Doug SpindlerLinks: https://samsclass.info/news/news_051426.htmlRecorded Thu, May 14, 2026
The episode identifies a structural shift in the evaluation and deployment of AI within organizations: decision-making is now driven by governance, control, and auditability rather than by features or capabilities of AI tools. This mechanism is anchored in the need for defendable practices amidst heightened scrutiny from institutions, regulators, and insurers. The change is observable in companies such as Anthropic and OpenAI, as well as in regulatory and procurement activities tracked by outlets like The New York Times and Business Insider, signaling that market adoption is tightly coupled to liability, enforcement, and institutional risk visibility. A primary area of evidence is cybersecurity, where state-sponsored attackers have leveraged AI to automate infiltration attempts, according to reporting on Anthropic's disclosures concerning Chinese actors targeting dozens of companies and agencies. The same sources note that Anthropic's AI identified over 500 previously unknown zero-day vulnerabilities in open-source software, demonstrating increased operational tempo and automation on both sides of the cybersecurity equation. In procurement, declining app download metrics for Claude, following its involvement in U.S. security policy narratives, showcase how reputational and geopolitical risk can quickly alter adoption patterns. Additional developments reinforce this trend. Machine learning conferences have systematically audited and penalized the use of AI-generated peer review, leading to hundreds of paper rejections and mass article retractions, according to Semaphore and Nature. On the hardware front, HP, AMD, and Intel are collaborating to address BitLocker vulnerabilities via an industry standard rather than proprietary features, illustrating how vendors are responding to systemic risk through structural controls and standards. Channelholic's references to workforce limitations underscore that automation's workload cannot be absorbed by labor alone. For MSPs and IT service providers, these developments mean the core value proposition shifts from offering AI tools to governing their use, ensuring full documentation, traceability, and defensibility. Failure to treat this as a governance issue leads to underpricing, overlooked controls, and transfer of liability for autonomously executed actions. Providers must now develop acceptable use policies, audit AI agent activity logs, and systematically vet vendors on audit trail, policy, and breach notification—otherwise risking exclusion from regulated deals and exposure to contractual and compliance penalties. 00:00 The Visibility Problem 03:45 Platform Lock-In 06:30 Governed or Liable 09:35 Why Do We Care? Supported by: CometBackUp and TimeZest
professorjrod@gmail.comChoosing the right Windows edition is a critical decision in technology education and IT skills development. In this episode, we explore the differences between Windows Home, Pro, Enterprise, and Education editions — explaining why a seemingly simple choice can affect your ability to join domains, enforce security policies, and manage devices remotely. Whether you're prepping for CompTIA exams or looking to deepen your tech expertise, understanding Windows editions will save you from months of troubleshooting and rework. Join us as we break down these essentials to boost your tech exam prep and workplace efficiency.I explain what each edition is built to do and what it cannot do, using practical scenarios that match how IT support and small businesses actually operate. We hit the features that matter when you need centralized management and security: domain join, Group Policy, Remote Desktop, BitLocker encryption, enterprise deployment, and volume licensing. If you're studying for CompTIA A+ or supporting real users, you'll hear the exam clues and the technician mindset that separates “it boots” from “it's built right.”Then we shift into the architecture choices that cause the sneakiest performance problems: 32-bit vs 64-bit Windows. We break down the 4GB RAM limit, why a modern PC can feel mysteriously slow even with plenty of memory installed, and the compatibility rules for running 32-bit and 64-bit apps. I also cover Windows N editions and why missing media features can be about EU regulations, plus the key rule that an architecture change from 32-bit to 64-bit requires a clean install and proper backups.If you've ever wondered why one Windows install feels effortless and another becomes a constant support headache, this is the blueprint. Subscribe, share this with a friend who is setting up a new PC, and leave a review if it helps, then reply with what you're running right now: Home, Pro, or something else?Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod
Join The Full Nerd gang as they talk about the latest PC building news. In this episode the gang is joined by Certified Ethical Hacker (CEH) Mike Danseglio to talk about the Intel Core Ultra 7 270K Plus reviews, Microsoft's promise to improve Windows 11, a deep dive into Bitlocker with the person who created BitLocker, and more. And of course we answer questions live! Links: - 270K Plus review: https://www.pcworld.com/article/3095697/intel-core-ultra-7-270k-plus-5-key-things-to-know.html - Windows 11 pledge: https://www.pcworld.com/article/3093997/windows-11-reset-microsoft-pledges-more-speed-stability-and-control.html - Copilot scaling back: https://www.pcworld.com/article/3094059/microsoft-says-windows-11-will-get-faster-as-it-scales-back-copilot.html Join the PC related discussions and ask us questions on Discord: https://discord.gg/UWhjwg778a Follow the crew on X and Bluesky: @AdamPMurray @BradChacos @MorphingBall @WillSmith ============= Read PCWorld! Website: http://www.pcworld.com Newsletter: http://www.pcworld.com/newsletters/signup ============= Learn more about your ad choices. Visit megaphone.fm/adchoices
Author caught using AI to publish a book that was 78 percent AI generated, Water Company Startup used AI to make an engineering decision that turned out incorrect at scale, JP Morgan using Bossware to make sure their Jr Bankers don't work too hard, BitLocker turned on without my awareness so now what? Slow Chrome on a site vs other browsers, Dumpster Laptop is still not working, How can they tell the content is AI generated?
Neste episódio falamos sobre os principais temas de segurança digital e privacidade das últimas semanas, abordando assuntos que você precisa conhecer para entender o cenário atual da proteção de dados, segurança infantil online e inteligência artificial. Você vai descobrir como o Roblox e o Discord lidam com a verificação de idade e proteção de crianças na internet, incluindo os riscos de predadores digitais, mecanismos psicológicos de retenção e a ausência de controles parentais eficazes. Também abordamos o polêmico caso do Grok no X (antigo Twitter) gerando imagens de nudez de mulheres e menores de idade sem guardrails, e as medidas tomadas pela ANPD, Ministério Público Federal e Senacon contra a plataforma. Discutimos o acordo de adequação mútua entre Brasil e União Europeia em proteção de dados pessoais e o que isso representa para transferências internacionais de dados e oportunidades comerciais. Ainda comentamos a solicitação do FBI à Microsoft pelas chaves de criptografia BitLocker, a ação judicial contra a Meta por suposto acesso às mensagens criptografadas do WhatsApp, o fenômeno das personas digitais criadas por IA, como a “Aboriginal Steve Irwin”, e os deepfakes com celebridades. Por fim, apresentamos a WhisperSafe, novo patrocinador do podcast, um software de transcrição local com privacidade em foco, usando modelos Whisper da OpenAI sem envio de dados para a nuvem. Assine o podcast para não perder nenhum episódio, deixe sua avaliação nas plataformas e siga o Segurança Legal no Instagram, Mastodon, Blue Sky, YouTube e TikTok. Apoie o projeto independente em apoia.se/segurancalegal. Esta descrição foi realizada a partir do áudio do podcast com o uso de IA, com revisão humana. Acesse WhisperSafe – Transcreva áudio e grave reuniões direto no seu computador, mesmo offline. Rápido, leve e pronto para usar com qualquer IA. Use o cupom SEGLEG50 para 50% de desconto na sua assinatura. ShowNotes Grupo 1 – Roblox, crianças e proteção digital em plataformas de jogos ‘Estou sendo atacado por crianças’, diz Felca após ser alvo de protesto no Roblox Opinião: feito para viciar, Roblox tem lógica de cassino e vira caça-níquel para crianças Palcos no Discord serão bloqueados para adolescentes e restritos para grupos da mesma idade Hackers expose age-verification software powering surveillance web ‘O que adolescentes fizeram com cão Orelha acontece todas as noites em muitas casas do Brasil, ao vivo no Discord’, alerta juíza Vanessa Cavalieri Internal chats show how social media companies discussed teen engagement Como vão funcionar as novas regras do Discord para verificar idade no app? Grupo 2 – Grok, conteúdo sexual gerado por IA e responsabilização do X/Musk ANPD, MPF e Senacon recomendam que X impeça geração e circulação de conteúdos sexualizados indevidos por meio do Grok ANPD, MPF e Senacon determinam que X implemente de forma imediata medidas para corrigir falhas no Grok Masterful gambit: Musk attempts to monetize Grok’s wave of sexual abuse imagery Joint statement on AI-generated imagery and the protection of privacy Grupo 3 – Adequação mútua Brasil-UE em proteção de dados e multas na UE Brasil e União Europeia reconhecem adequação mútua em matéria de proteção de dados pessoais Violation de données : sanction de 5 millions d'euros à l'encontre de FRANCE TRAVAIL Violation de données : sanction de 42 millions d'euros à l'encontre des sociétés FREE MOBILE et FREE Más sanciones y de mayor importe: La AEPD sube el nivel de multas en 2025 Grupo 4 – Vigilância, privacidade e Estado The Department of Homeland Security is demanding that Google turn over information about random critics Microsoft is giving the FBI BitLocker keys US authorities reportedly investigate claims that Meta can read encrypted WhatsApp messages Grupo 5 – IA generativa e identidade ‘It’s AI blackface’: social media account hailed as the Aboriginal Steve Irwin is an AI character created in New Zealan Imagem do Episódio – Children’s Games (Bruegel) Transcrição do Episódio (00:00:08.000 –> 00:00:17.500) Bem-vindos e bem-vindas ao Café Segurança Legal, episódio 411, gravado em 24 de fevereiro de 2026. (00:00:17.500 –> 00:00:22.920) Eu sou Guilherme Goulart e junto com o Vinícius Serafim vamos trazer para vocês algumas notícias das últimas semanas. (00:00:22.920 –> 00:00:24.440) E aí, Vinícius, tudo bem? (00:00:24.440 –> 00:00:27.940) Olá, Guilherme, tudo bem? (00:00:24.440 –> 00:00:27.940) Olá aos nossos ouvintes. (00:00:28.180 –> 00:00:30.600) Você estava com saudade de gravar ou não? (00:00:30.600 –> 00:00:39.160) Cara, eu já estava até duvidando da minha capacidade de gravar de novo, porque a gente passou quase.. (00:00:30.600 –> 00:00:39.160) Vai fechar dois.. (00:00:39.160 –> 00:00:40.820) Um mês e pouco. (00:00:40.820 –> 00:00:45.280) O último foi ali em janeiro, não foi? (00:00:45.280 –> 00:00:46.720) Foi em janeiro que a gente gravou. (00:00:46.720 –> 00:00:51.000) Agora você me pegou, você me pegou no contrapé. (00:00:51.000 –> 00:00:57.820) Mas nós gravamos o episódio 410 da Retrospectiva, que se você não ouviu, está lá no dia 6 de janeiro. (00:00:58.180 –> 00:01:02.100) De 2026. (00:00:58.180 –> 00:01:02.100) Retrospectiva 2025. (00:01:03.780 –> 00:01:07.380) Bem, então, esse é o nosso momento de conversarmos sobre algumas notícias. (00:01:07.380 –> 00:01:10.240) Pegue o seu café e venha conosco para entrar em contato. (00:01:10.240 –> 00:01:18.760) Vocês já sabem, é lá no podcast.roba.segurançalegal.com, no Mastodon, no Instagram, no Blue Sky, no YouTube e no TikTok também. (00:01:18.760 –> 00:01:24.520) Você pode ver que tanto no TikTok quanto no YouTube você consegue ver também uns shorts lá que aparecem no Instagram também. (00:01:24.900 –> 00:01:30.420) A nossa campanha de financiamento coletivo, vocês já sabem, lá no apoia.se barra segurança legal. (00:01:30.420 –> 00:01:36.940) A gente sempre pede que você considere colaborar com esse projeto independente de proteção de conteúdo. (00:01:36.940 –> 00:01:41.960) E, Vinícius, temos uma novidade que é um novo patrocinador aqui no Segurança Legal. (00:01:42.500 –> 00:01:43.520) É isso aí, Guilherme. (00:01:43.520 –> 00:01:54.360) Tem a WhisperSafe, na verdade, o produto da WhisperSafe de uma startup que nós conhecemos, inclusive o dono da startup. (00:01:54.360 –> 00:02:04.360) É um software para transcrição de voz com um valor bastante acessível comparado com outros que tem no mercado. (00:02:05.420 –> 00:02:08.640) Ele faz transcrição tanto.. (00:02:08.640 –> 00:02:13.760) Eu tenho usado muito para fazer, para mandar comandos para IA. (00:02:13.760 –> 00:02:17.060) Eu fazia prompt tudo estruturadinho, digitando e tal. (00:02:17.060 –> 00:02:26.200) Agora, para programar, para criar scripts, criar alguns programas, para fazer alguns testes, eu tenho utilizado essencialmente ele para digitar. (00:02:26.200 –> 00:02:34.080) E tem uma funcionalidade muito interessante, que é a gravação e transcrição de reuniões, que eu também tenho utilizado. (00:02:35.220 –> 00:02:40.820) Independente do software que você utiliza, você abre ele, clica gravar a reunião, ele vai gravar todo o áudio da reunião. (00:02:40.820 –> 00:02:48.280) E depois que ele grava e você aperta lá o botãozinho para transcrever, ele te dá uma.. (00:02:48.280 –> 00:02:53.000) Ele tanto gera um arquivo com a transcrição bruta, se tu quiser usar com alguma IA, (00:02:53.000 –> 00:03:04.160) Como ele já deixa na área de transferência a tua transcrição com um prompt montado para te colar na IA que tu quer utilizar para fazer um resumo da tua reunião. (00:03:04.160 –> 00:03:07.500) Então, termina a reunião, cola na IA e pimba. (00:03:07.500 –> 00:03:16.880) O valor dele é um valor bastante acessível e, para os ouvintes do Segurança Legal, nós temos 20 cupons. (00:03:17.840 –> 00:03:28.700) O cupom é SEGLEG50, ele dá 50% de desconto vitalício, digamos assim. (00:03:28.700 –> 00:03:35.360) Você faz a assinatura, aplica o desconto, se fizer mensal ele vai aplicar a todos os pagamentos mensais (00:03:35.360 –> 00:03:40.080) E, se for anual, ele vai aplicar a todos os pagamentos anuais. (00:03:40.080 –> 00:03:44.540) Então, não é um desconto que vale só no primeiro ano ou só no primeiro pagamento. (00:03:44.540 –> 00:03:48.460) SEGLEG50 para os ouvintes do Segurança Legal. (00:03:49.080 –> 00:03:55.520) São 20 cupons, são 20 cupons que a gente tem aí, pelo menos para este episódio. (00:03:55.520 –> 00:04:01.320) E o mais importante, Vinícius, ele é um aplicativo que é construído com privacidade em foco. (00:04:01.320 –> 00:04:06.820) Ou seja, se você, os dados e toda a parte de transcrição, ela fica só na sua máquina, (00:04:06.820 –> 00:04:11.020) Não vai para a nuvem, a não ser que você queira depois usar isso no MyA e tal, (00:04:11.020 –> 00:04:14.580) Mas, assim, para assuntos mais críticos. (00:04:14.580 –> 00:04:18.560) Se você quiser ter lá para fazer uma ata depois, isso fica só na sua máquina. (00:04:18.560 –> 00:04:24.280) Ele faz, ele usa os modelos da Whisper, isso está lá na interface, está muito claro. (00:04:24.280 –> 00:04:31.040) Ele usa os modelos da, os modelos Whisper da OpenAI, que são modelos que rodam local na máquina. (00:04:31.040 –> 00:04:35.460) E o interessante é que tu não precisa nem ter uma placa de vídeo, não precisa ter GPU nem nada, (00:04:35.460 –> 00:04:39.280) Ele funciona muito bem, eu testei no meu notebook, não tem placa de vídeo dedicada. (00:04:40.700 –> 00:04:45.580) E funcionou muito bem, assim, ele é bastante rápido. (00:04:45.580 –> 00:04:52.320) E eu tenho feito os testes até para ver a questão de velocidade, já que tem os modelos disponíveis lá. (00:04:52.320 –> 00:04:55.000) Eu estava usando sempre o Turbo, assim, vou usar o melhor. (00:04:55.000 –> 00:05:00.500) Aí eu resolvi começar a usar o Medium e o Small lá dos modelos. (00:05:00.500 –> 00:05:04.580) E, cara, o Small, ele dá umas erradas, assim, sabe? (00:05:04.580 –> 00:05:06.260) Mas o Medium funciona muito bem. (00:05:06.260 –> 00:05:08.060) Tá bom. (00:05:08.840 –> 00:05:15.480) Então, basta você acessar o whispersafe.ai.ai, você vai ver lá todos os valores. (00:05:15.480 –> 00:05:19.920) Na hora do pagamento, pode usar o cupom SEGLEG50 e vamos lá. (00:05:19.920 –> 00:05:24.080) Bem-vindos, então, ao novo patrocinador do podcast Segurança Legal. (00:05:24.080 –> 00:05:30.480) Vamos para os temas, então, Vinícius, desses últimos dois meses, dá para se dizer aí. (00:05:30.480 –> 00:05:32.680) Hoje já estamos aí no dia 24 de fevereiro. (00:05:32.680 –> 00:05:44.260) Bastante coisa acontecendo, mas nós vamos, em vez de comentar propriamente as notícias, claro que nós vamos citá-las aqui, mas nós dividimos em alguns grupos. (00:05:44.340 –> 00:05:49.420) De temas que nos chamaram a atenção e que também foram temas importantes aí nas últimas semanas. (00:05:49.420 –> 00:05:53.860) O primeiro deles diz respeito à questão da proteção da criança na internet. (00:05:53.860 –> 00:05:56.400) Proteção digital, sobretudo em plataformas. (00:05:56.400 –> 00:06:00.200) Você que nos acompanha aqui sabe que a questão da proteção de criança é importante. (00:06:00.200 –> 00:06:04.860) A gente tem diversos, para esse podcast, a gente tem diversos episódios gravados sobre isso. (00:06:05.100 –> 00:06:11.420) Chegamos a comentar, inclusive, um episódio mais recente também sobre o ECA Digital, Vinícius, se você puder ver o número aí para nós. (00:06:11.420 –> 00:06:24.280) E, basicamente, o que nós estamos vendo mais recentemente é toda uma questão sobre como tornar essas plataformas, os problemas envolvendo plataformas utilizadas por crianças. (00:06:24.280 –> 00:06:33.320) E cada vez mais as crianças têm usado, seja o discórdio, mas aqui o foco dessas notícias é o Roblox. (00:06:33.320 –> 00:06:38.740) Então, se você tem filho, provavelmente já ouviu falar sobre Roblox, que é um jogo. (00:06:38.740 –> 00:06:44.020) Dá para dizer que é um jogo, mas que simula quase como um ambiente, assim. (00:06:38.740 –> 00:06:44.020) Virtual. (00:06:44.020 –> 00:06:47.600) Eu cheguei a jogar ele logo que ele apareceu. (00:06:47.600 –> 00:06:52.020) Assim, não tão logo, mas os colegas do meu filho começaram a jogar. (00:06:52.020 –> 00:06:54.900) Ai, meu filho veio com essa história do Roblox. (00:06:54.900 –> 00:06:57.140) E aí, disse, não, beleza, vamos ver. (00:06:57.140 –> 00:06:58.860) Aí eu entrei com ele. (00:06:59.320 –> 00:07:02.180) Cara, é um ambiente, é um ambiente virtual. (00:07:02.180 –> 00:07:08.400) Para mim, me lembrou muito aquele Second Life, tá ligado? (00:07:08.400 –> 00:07:09.320) Sim, Second Life. (00:07:09.320 –> 00:07:11.100) Me lembrou muito aquilo, então. (00:07:11.100 –> 00:07:15.880) E aí, dentro, tu tem espaços. (00:07:15.880 –> 00:07:19.980) Que tu acessa aplicações, jogos e tudo mais. (00:07:19.980 –> 00:07:22.560) Tu pode criar, inclusive, e tal. (00:07:22.700 –> 00:07:26.080) E aí, ele tem uma moeda interna no jogo, tá? (00:07:26.080 –> 00:07:28.080) Ele tem grana envolvida. (00:07:28.080 –> 00:07:36.080) E, cara, em cinco minutos de Fussaclo ali, eu larguei para o meu filho, ó, tem jogos melhores (00:07:36.080 –> 00:07:36.640) Para te jogar. (00:07:36.640 –> 00:07:39.060) Tu não vai jogar isso aqui. (00:07:39.060 –> 00:07:44.520) Justamente porque é um ambiente, eu percebi, o que eu percebi de cara, e se confirmou depois, (00:07:44.520 –> 00:07:47.180) Um ambiente muito descontrolado, entende? (00:07:47.680 –> 00:07:56.360) Um ambiente muito descontrolado, com muita, assim, nomes estranhos de personagens, todo (00:07:56.360 –> 00:08:03.060) Mundo pode se comunicar com todo mundo, então, é um negócio bem estranho. (00:08:03.060 –> 00:08:04.880) Pelo menos, era. (00:08:04.880 –> 00:08:06.060) A percepção. (00:08:06.060 –> 00:08:06.260) Não entrei mais para jogar. (00:08:06.260 –> 00:08:11.720) Mas aí, pelo que a gente vê agora nas reações e notícias e tudo mais, pelo visto, (00:08:11.720 –> 00:08:12.580) Continua estranho. (00:08:12.580 –> 00:08:13.620) Continua estranho. (00:08:13.620 –> 00:08:18.880) O, o, a grande questão aqui é que, por fora, e isso está acontecendo no mundo (00:08:18.880 –> 00:08:20.140) Inteiro, não é só no Brasil. (00:08:20.140 –> 00:08:23.820) No Brasil, por conta do ECA Digital, mas assim, começa.. (00:08:23.820 –> 00:08:24.660) Episódio 400, viu, Guilherme? (00:08:24.660 –> 00:08:25.940) Tá, legal. (00:08:25.940 –> 00:08:26.660) Episódio 400, isso é legal. (00:08:26.660 –> 00:08:32.380) É que começa a se ampliar toda a discussão de como você fazer a verificação de idade (00:08:32.380 –> 00:08:34.120) De pessoas nessas plataformas. (00:08:34.120 –> 00:08:41.000) Então, aqui a gente junta nesse mesmo pacote o Roblox e também o Discord. (00:08:41.360 –> 00:08:43.840) E aí, uma coisa muito interessante. (00:08:43.840 –> 00:08:48.460) Que gerou, assim, até um fenômeno social, me parece que relevante. (00:08:48.460 –> 00:08:52.160) Crianças começaram a protestar lá, porque as crianças seriam os beneficiários. (00:08:52.160 –> 00:08:56.820) Mas começaram a protestar por conta das novas medidas de verificação de idade. (00:08:56.820 –> 00:08:59.280) Aí, o Felca foi alvo de protesto e tal. (00:08:59.280 –> 00:09:05.920) E tem as crianças lá, simulando um protesto, segurando cartazes lá dentro do Roblox. (00:09:07.520 –> 00:09:11.380) Saíram também notícias dizendo, e aí, mais ou menos na tua percepção, Vinícius, (00:09:11.380 –> 00:09:16.720) De que o Roblox, como acontece com grandes plataformas, ele teria uma lógica de cassino, (00:09:16.720 –> 00:09:21.860) Ou seja, as crianças ficariam ali, utilizariam gatilhos psicológicos, (00:09:21.860 –> 00:09:26.860) Como já ocorre em redes sociais, para que as crianças ficassem mais tempo lá dentro. (00:09:26.860 –> 00:09:33.160) E aí, também começou a se ventilar de que predadores sexuais estariam dentro do Roblox, (00:09:33.160 –> 00:09:36.760) Se fazendo passar por crianças. (00:09:33.160 –> 00:09:36.760) Disfarçados aí. (00:09:36.760 –> 00:09:40.700) Nos Estados Unidos, isso é um problema bem sério lá, justamente com isso. (00:09:40.700 –> 00:09:52.020) E teve o CEO do Roblox, ele teve lá no episódio do The Hard Fork. (00:09:53.020 –> 00:09:59.060) Eu já vejo o número de episódios aqui, mas o nome do CEO é Dave Bazzucchi, tá? (00:09:59.060 –> 00:10:06.020) E, cara, o pessoal do The Hard Fork tentou, assim, impressionou, foi uma coisa que ficou até tenso, sabe? (00:10:06.020 –> 00:10:08.940) Não é normal, assim, tu ver esse episódio do The Hard Fork desse jeito. (00:10:08.940 –> 00:10:14.100) E o cara sempre saindo pela tangente, assim, e perguntas bem diretas. (00:10:14.460 –> 00:10:21.300) Em termos de controle de comunicação, a questão de deixar adultos falar com crianças, assim, várias coisas. (00:10:21.300 –> 00:10:23.420) E ele sempre dando evasiva. (00:10:23.420 –> 00:10:26.320) Ele não.. (00:10:23.420 –> 00:10:26.320) Assim, foi muito ruim, sabe? (00:10:26.320 –> 00:10:32.020) A impressão que tu tens é que o cara foi ali para tentar se justificar, (00:10:32.020 –> 00:10:35.280) Não aceitando os problemas que ele tem na plataforma. (00:10:35.280 –> 00:10:38.800) Isso o CEO da própria Roblox, sabe? (00:10:38.800 –> 00:10:40.320) Na própria empresa. (00:10:40.320 –> 00:10:50.300) Então, isso me deixou ainda mais convencido de que é uma empresa que não tem preocupação nenhuma (00:10:50.300 –> 00:10:54.240) Com essa questão de segurança de crianças e tudo mais, entende? (00:10:54.240 –> 00:10:55.540) É bem delicado. (00:10:55.540 –> 00:10:58.760) Se o pessoal já se preocupa com o Discord, o Roblox é muito pior. (00:10:58.760 –> 00:11:00.000) É muito pior. (00:11:00.000 –> 00:11:03.140) Em termos de possibilidades de comunicação. (00:11:03.140 –> 00:11:06.380) É uma reportagem aqui da Folha de São Paulo. (00:11:06.420 –> 00:11:10.920) Pelo Daniel Mariani, ele destaca justamente isso. (00:11:10.920 –> 00:11:13.660) Inclusive de monetização. (00:11:13.660 –> 00:11:18.120) Práticas predatórias em games e monetiza compulsão e frustrações. (00:11:18.120 –> 00:11:22.720) Explora mecanismos psicológicos como medo de ficar fora da plataforma. (00:11:22.720 –> 00:11:25.060) Ficar de fora e perda de noção de tempo. (00:11:25.060 –> 00:11:27.540) Então, ele conta uma historinha que ele sai com o filho e o filho diz (00:11:27.540 –> 00:11:31.600) Olha, nós temos que voltar até tal hora porque vai acontecer um evento lá no Roblox (00:11:31.600 –> 00:11:34.920) E eu preciso estar lá e enfim. (00:11:35.800 –> 00:11:42.840) E aí, a crítica toda é também de que haveria uma falta de vontade, digamos assim, (00:11:42.840 –> 00:11:46.920) Da empresa de adotar controles parentais e também a questão da verificação da idade. (00:11:46.920 –> 00:11:52.820) E a verificação da idade que começa agora também a ficar mais presente agora em março. (00:11:52.820 –> 00:11:55.440) Tudo indica que vai acontecer também no Discord. (00:11:55.720 –> 00:11:57.760) Então, isso.. (00:11:57.760 –> 00:12:01.500) E também o Discord, Vinícius, se você quiser falar logo a seguir, (00:12:01.500 –> 00:12:07.160) Mas o Discord também aplicando novas formas de controle parental. (00:12:07.160 –> 00:12:11.440) Mas a grande discussão, e mais uma vez, isso está acontecendo no Brasil e no mundo, é (00:12:11.440 –> 00:12:17.200) Mas qual vai ser ou quais serão as medidas de controle de identidade. (00:12:18.080 –> 00:12:27.420) Então, se fala em biometria facial, se fala em envio de documentos e tal, e aí a grande preocupação que se coloca (00:12:27.420 –> 00:12:33.320) É no aumento das práticas de vigilância sobre como, que as empresas vão lidar com isso, (00:12:33.320 –> 00:12:39.040) Sobre o fato de a biometria facial ser um dado sensível, que poderia ser utilizado para outras sinalidades. (00:12:39.040 –> 00:12:47.020) Uma das notícias aqui mostra que o próprio Discord estava usando uma empresa lá, ou contratou uma empresa de verificação (00:12:47.020 –> 00:12:53.380) Que tinha conexões, que é a tal da persona lá, conexões no site deles, dizia mesmo (00:12:53.380 –> 00:12:55.840) This is a US government system. (00:12:55.840 –> 00:13:01.240) Mas aí que tá, Guilherme, assim, a gente tem um problema bem sério para resolver aí, tá? (00:13:01.240 –> 00:13:08.060) Porque ao mesmo tempo que se quer que as empresas consigam fazer a verificação de idade, (00:13:09.040 –> 00:13:11.160) E aí sim, é ok. (00:13:11.160 –> 00:13:12.660) O que que eu faço essa verificação de idade? (00:13:12.660 –> 00:13:17.000) O que que eu faço de um jeito que eu consiga ter um mínimo de confiança (00:13:17.000 –> 00:13:20.060) De que a criatura não tá mentindo pra mim, que o Zora não tá mentindo pra mim (00:13:20.060 –> 00:13:22.420) E tá entrando com menos de 13 ou coisa parecida? (00:13:22.420 –> 00:13:25.660) Então, eu preciso uma forma de verificar isso. (00:13:25.660 –> 00:13:28.400) Tu vai verificar como? (00:13:28.400 –> 00:13:30.080) Imagina a própria empresa. (00:13:30.080 –> 00:13:34.680) Ela vai usar reconhecimento facial para tentar identificar a idade? (00:13:34.680 –> 00:13:36.440) Ela vai pedir documentação? (00:13:38.360 –> 00:13:40.020) Não sei se isso é bom, se é ruim, entende? (00:13:40.020 –> 00:13:42.000) Eu só tô com o problema. (00:13:42.000 –> 00:13:46.220) Aí, o ideal, eu não gostaria de ficar dando minha identidade pra tudo quanto é empresa. (00:13:46.220 –> 00:13:50.460) Então, uma outra opção o governo tem as informações. (00:13:50.460 –> 00:13:54.360) Uma agência governamental tem as informações, as nossas informações. (00:13:54.360 –> 00:13:55.580) Sabe a idade que a gente tem. (00:13:55.580 –> 00:13:57.540) Tem toda a comprovação de quem a gente é. (00:13:58.220 –> 00:14:07.340) Será que não dá pra ter um protocolo que, de forma anônima, eu acesso um site e esse site (00:14:07.340 –> 00:14:15.160) Conversa com o site do governo e aí eu converso com o site do governo e digo, gera aí um token (00:14:15.160 –> 00:14:21.420) Pra mim, eu sou fulano, gera um token dizendo que eu tenho mais de 18 anos ou tem mais de 13 (00:14:21.420 –> 00:14:22.460) Ou coisa parecida. (00:14:22.460 –> 00:14:27.360) Parecido com o que a gente já faz no Alt pra fazer autenticação quando a gente usa o Google e tudo mais. (00:14:27.360 –> 00:14:31.720) Parecido com isso, mas em vez de dizer quem nós somos, ele diz que idade que a gente tem. (00:14:31.720 –> 00:14:32.860) Tá? (00:14:32.860 –> 00:14:36.000) Só que daí tu tem vários outros problemas. (00:14:36.000 –> 00:14:38.380) Ok, o site pode não saber quem tu é por ali. (00:14:38.380 –> 00:14:39.360) Não tem problema. (00:14:39.360 –> 00:14:41.460) E aí tem outro jeito de saber quem tu mas enfim. (00:14:41.460 –> 00:14:43.180) Até porque você vai ter um cadastro lá. (00:14:43.240 –> 00:14:43.960) Exato. (00:14:43.960 –> 00:14:51.560) Então assim, ok, ao mesmo tempo tu vai estar dizendo pro governo o que que tu tá acessando. (00:14:51.560 –> 00:14:57.260) Então se o governo começar a registrar lá na hora de consultar quem tá consultando o teu cadastro (00:14:57.260 –> 00:15:00.900) Ou pra quem tu tá se autenticando, ele sabe o que que tu tá acessando. (00:15:00.900 –> 00:15:06.060) E aí teve um problema recente, a gente chegou a comentar aqui, eu só não lembro se foi na (00:15:06.060 –> 00:15:10.120) Inglaterra especificamente ou foi na União Europeia, tá? (00:15:10.120 –> 00:15:11.900) E se eu não tô enganado, foi na Inglaterra, cara. (00:15:11.900 –> 00:15:19.940) Mas eles estavam com a demanda de, pra acessar site pornográfico, tu tem que dar a tua (00:15:19.940 –> 00:15:23.300) Identificação real, tá? (00:15:23.300 –> 00:15:28.080) Pra que o site tenha certeza de que tu é o maior de idade. (00:15:28.080 –> 00:15:36.360) E aí começou uma outra discussão da questão da privacidade das pessoas que acessam (00:15:36.360 –> 00:15:37.600) Esses sites e tudo mais. (00:15:38.100 –> 00:15:46.060) Então eu não vejo uma solução perfeita, assim, que empresa privada não guarde as informações (00:15:46.060 –> 00:15:48.760) Ou não tem um repositório de informações pra fazer isso. (00:15:48.760 –> 00:15:52.560) Tem uma solução que já é conhecida que é uma chamada, com a chamada Meu ID. (00:15:52.560 –> 00:15:59.420) Eu uso pra algumas plataformas de jogos, que a ideia é justamente essa, tu se autentica (00:15:59.420 –> 00:16:04.100) Com a plataforma, com a tua documentação, faz prova, faz o esquema da imagem e tudo mais. (00:16:04.100 –> 00:16:06.140) Aí tu usa ela pra se autenticar uma plataforma. (00:16:06.140 –> 00:16:11.660) Então, ou a gente vai ter que ter uma empresa como essa, ou vai ter que vincular com algum (00:16:11.660 –> 00:16:12.500) Órgão do governo. (00:16:12.500 –> 00:16:18.140) Eu não vejo uma saída diferente pro Discord, por exemplo. (00:16:18.140 –> 00:16:21.540) Eu não vejo uma saída diferente pro Facebook. (00:16:22.220 –> 00:16:27.240) Como é que eu vou autenticar, como é que eu vou saber que o usuário tem mais certa idade, (00:16:27.240 –> 00:16:37.040) Sem que eu possa ser enganado e sem pedir uma confirmação mais consistente, documental, (00:16:37.040 –> 00:16:43.280) Nem que seja interfaceada ou intermediada pelo governo ou por uma empresa privada, (00:16:44.460 –> 00:16:49.760) Que diga, não, Vinícius realmente tem mais de 13 anos. (00:16:49.760 –> 00:16:51.620) É um problema não. (00:16:51.620 –> 00:16:53.520) Eu não vejo uma solução fácil pra isso. (00:16:53.520 –> 00:16:55.720) É um problema de privacidade. (00:16:55.720 –> 00:17:01.940) Essa questão que eu comentei aqui desse persona que o Discord tava usando, (00:17:01.940 –> 00:17:05.660) A grande questão era que era um negócio quase como um data broker de verificação (00:17:05.660 –> 00:17:11.980) Que iria ser utilizado para fins de vigilância estatal. (00:17:11.980 –> 00:17:17.900) E aí o Discord, depois que isso vira notícia, eles voltam atrás. (00:17:17.900 –> 00:17:19.940) Eles dizem, nós não vamos mais usar isso. (00:17:19.940 –> 00:17:21.100) Ou seja, assim, tiram. (00:17:21.100 –> 00:17:23.000) O problema é um problema de privacidade. (00:17:23.000 –> 00:17:27.280) Você poderia, eu imagino, Vinícius, que se todo mundo tivesse, (00:17:27.280 –> 00:17:31.960) Levasse proteção de dados a sério, você poderia sim ter um protocolo (00:17:31.960 –> 00:17:36.560) Em que empresas e Estado poderiam fornecer um meio de autenticação (00:17:36.560 –> 00:17:39.540) Privacy-friendly. (00:17:39.540 –> 00:17:43.860) Ou seja, sem a coleta de informações sobre quem acessou o quê. (00:17:43.860 –> 00:17:48.360) Eles, ambos os lados, ou todos os lados, deveriam abrir mão disso. (00:17:48.360 –> 00:17:53.080) Mas nós sabemos que no estado atual de coisas, isso não vai acontecer. (00:17:53.080 –> 00:17:53.800) É o contrário. (00:17:53.800 –> 00:17:57.440) O que essa notícia mostra é que as empresas e governos estão, (00:17:58.560 –> 00:18:02.820) Frequentemente, caminhando para utilizar essa desculpa da verificação (00:18:02.820 –> 00:18:04.760) Para aumentar o monitoramento sobre as pessoas. (00:18:04.760 –> 00:18:06.620) E essa que me parece que é a preocupação. (00:18:06.620 –> 00:18:12.060) Enfim, nós vamos deixar, como sempre, todas as notícias lá no Show Notes. (00:18:12.060 –> 00:18:15.020) Tem outras coisas aqui, se você se interessa por essa questão. (00:18:15.020 –> 00:18:18.660) O papel do Discord em questão de agressão de animais, (00:18:18.660 –> 00:18:21.040) Que teve aí recentemente com o caso do Cão Orelha. (00:18:21.040 –> 00:18:25.860) E também sobre como empresas internamente discutiram e sabem. (00:18:25.860 –> 00:18:29.540) O próprio Instagram sabia como o próprio Instagram fazia mal para meninas (00:18:29.540 –> 00:18:30.680) E para adolescentes e tudo mais. (00:18:30.680 –> 00:18:32.440) Então, isso continua acontecendo. (00:18:32.440 –> 00:18:35.160) Documentos internos aí vazados. (00:18:35.160 –> 00:18:40.440) Como acontece, demonstram que eles sabem dos potenciais maléficos. (00:18:40.440 –> 00:18:46.680) Para adolescentes e continuam oferecendo as plataformas ou serviços (00:18:46.680 –> 00:18:49.700) Sem levar em consideração a proteção da criança e do adolescente. (00:18:49.700 –> 00:18:53.220) Então, fica nesse primeiro grupo aí, Vinícius. (00:18:54.120 –> 00:18:54.640) Perfeito. (00:18:54.640 –> 00:18:57.720) Segundo grupo, tem a ver também. (00:18:57.720 –> 00:19:00.300) Tem a ver com crianças e adolescentes, mas não somente. (00:19:00.300 –> 00:19:03.120) Mas tem a ver também com proteção de.. (00:19:03.120 –> 00:19:05.740) Sobretudo de mulheres na internet, da imagem de mulheres (00:19:05.740 –> 00:19:12.360) E sobre como a IA tem sido utilizada especificamente pelo X ou Twitter, Vinícius? (00:19:12.360 –> 00:19:15.660) Todo mundo que fala X logo depois tem que dizer o antigo Twitter. (00:19:15.660 –> 00:19:17.800) Mas todo mundo já sabe que o X é o antigo Twitter. (00:19:18.040 –> 00:19:20.500) Você fica meio com um vício ali. (00:19:20.500 –> 00:19:22.880) E aí, o que começou? (00:19:22.880 –> 00:19:24.060) O nome virou.. (00:19:24.060 –> 00:19:26.180) Parece que o nome virou o X antigo Twitter mesmo. (00:19:26.180 –> 00:19:27.440) Junto. (00:19:27.440 –> 00:19:28.400) Que nem a HBO. (00:19:28.400 –> 00:19:31.180) Viu a HBO Max, que era HBO. (00:19:31.180 –> 00:19:33.280) Aí depois virou a HBO Max. (00:19:33.280 –> 00:19:34.760) Aí depois foi Max. (00:19:34.760 –> 00:19:35.980) Aí tinha.. (00:19:35.980 –> 00:19:36.140) Gol. (00:19:36.140 –> 00:19:38.360) Aí voltaram com a HBO agora. (00:19:38.360 –> 00:19:40.940) Eu tenho a assinatura deles lá. (00:19:40.940 –> 00:19:41.360) Meu Deus. (00:19:41.360 –> 00:19:44.700) Eu nem sei mais o que eu tô assinando lá, porque eu não sei mais o nome desse. (00:19:44.700 –> 00:19:51.960) E aí a questão que, enfim, nesses últimos meses aí virou, uma notícia muito forte (00:19:51.960 –> 00:19:57.740) Foi que o pessoal pedia lá pro Grock no X pra que ele tirasse, deixasse mulheres nuas (00:19:57.740 –> 00:20:02.920) Ou tirasse a roupa de mulheres, inclusive de crianças. (00:20:03.660 –> 00:20:10.520) E naquela perspectiva, de que a ferramenta é neutra, a ferramenta só faz aquilo que (00:20:10.520 –> 00:20:16.440) O usuário pede pra ela fazer, a culpa não é nossa e tal, mas ao mesmo tempo a ferramenta (00:20:16.440 –> 00:20:22.400) Era programada sem guardrails ali pra despir pessoas. (00:20:22.400 –> 00:20:28.940) E se ela pode ser programada para despir pessoas, me parece que também é fácil colocar guardrails (00:20:28.940 –> 00:20:35.400) Aí pra impedir que ela dispa, dispa, despir, despir pessoas. (00:20:35.400 –> 00:20:37.920) Acho que eu nunca tinha usado o verbo despir dessa forma. (00:20:37.920 –> 00:20:39.840) Então, é.. (00:20:39.840 –> 00:20:41.080) E aí o que que aconteceu? (00:20:41.080 –> 00:20:43.860) Não sei se você quer fazer uma observação agora ou depois aqui, só pra.. (00:20:43.860 –> 00:20:45.080) Não, pode sim, pode sim, pode sim. (00:20:45.080 –> 00:20:46.580) Aí o que que aconteceu? (00:20:46.580 –> 00:20:52.860) Foi toda uma pressão em cima do X, Elon Musk chega e diz, não, olha, nós vamos, (00:20:52.860 –> 00:21:00.340) Então vamos ampliar os controles aqui, só vai poder despir pessoas quem tiver a conta (00:21:00.340 –> 00:21:01.920) Paga do X. (00:21:01.920 –> 00:21:09.820) E obviamente que daí a emenda saiu pior que o soneto e no Brasil também já vimos movimentações, (00:21:10.160 –> 00:21:17.560) De três entidades aqui, a NPD, Ministério Público Federal e Senacom, em primeiro lugar fizeram (00:21:17.560 –> 00:21:25.420) Uma recomendação lá em janeiro e agora mais recentemente, depois da resposta do X, esses (00:21:25.420 –> 00:21:32.400) Três órgãos entenderam que as medidas foram insuficientes e cada um deles, na medida das (00:21:32.400 –> 00:21:36.620) Suas competências, iniciou um processo pra determinar. (00:21:36.620 –> 00:21:42.500) Aí sim, antes tinham sugerido medidas, o X informou as medidas que foram tomadas, eles (00:21:42.500 –> 00:21:47.500) Entenderam que não foram suficientes e a partir de agora começaram, cada um na medida das (00:21:47.500 –> 00:21:53.000) Suas competências, procedimentos administrativos, seja a NPD, uma medida preventiva, o Ministério (00:21:53.000 –> 00:21:58.960) Público também, um procedimento interno e a Senacom também numa medida cautelar administrativa (00:21:58.960 –> 00:22:01.700) Determinando que eles imediatamente parem. (00:22:01.700 –> 00:22:08.720) E implementem soluções técnicas e administrativas pra impedir a geração de imagens de pessoas (00:22:08.720 –> 00:22:10.000) Nuas. (00:22:10.620 –> 00:22:16.580) E pra variar. (00:22:10.620 –> 00:22:16.580) Pra variar as maiores vítimas disso foram mulheres, tá? (00:22:16.580 –> 00:22:19.800) E inclusive menores de idade, tá? (00:22:19.800 –> 00:22:20.800) E adolescentes. (00:22:20.800 –> 00:22:25.920) Isso foi o que causou, claro que, mesmo que não tivesse menores de idade envolvidas, (00:22:25.920 –> 00:22:32.620) Isso já gerou bastante polêmica, mas com menores de idade é a coisa.. (00:22:33.300 –> 00:22:37.840) E aí uma coisa, Guilherme, só uma observação, a gente já fala há muitos anos aqui no Segurança (00:22:37.840 –> 00:22:42.880) Legal, há muito tempo, essa questão da super exposição das crianças na internet e muitas (00:22:42.880 –> 00:22:43.960) Vezes pelos próprios pais. (00:22:43.960 –> 00:22:48.920) Quando a gente falava assim, ó, não expõe, não fica botando foto, não sei o quê, tu não (00:22:48.920 –> 00:22:50.900) Sabe o que vai poder ser feito com isso amanhã. (00:22:52.040 –> 00:22:56.620) E eu lembro de estar falando e falando sobre isso em 2015, em escolas, fazer umas palestras (00:22:56.620 –> 00:22:59.020) Assim, falando pro pessoal exatamente nesses termos. (00:22:59.020 –> 00:23:07.800) E agora aqui estamos nós em 2026 com o X antigo Twitter, uma ferramenta de ar embutida (00:23:07.800 –> 00:23:13.940) Que, cara, tira a roupa de adolescente, menor de idade e tudo mais. (00:23:14.480 –> 00:23:19.600) E aí, e mesmo que você seja cuidadoso com a imagem dos filhos e tal, que é realmente (00:23:19.600 –> 00:23:20.500) A recomendação.. (00:23:20.500 –> 00:23:22.560) As escolas tinham foto, publicam, é um.. (00:23:22.560 –> 00:23:28.740) Exato, não, e ainda você tem pessoas públicas, que eventualmente, eventualmente não, (00:23:28.740 –> 00:23:34.940) Mas pessoas públicas que têm a sua imagem publicada em função da sua, da sua atividade, (00:23:34.940 –> 00:23:40.600) Sei lá, uma política, pessoas do ramo político, enfim, artistas e tudo mais, e ainda (00:23:40.600 –> 00:23:46.220) Assim não há, me parece, aliás, eu tenho certeza que não há um direito de pessoas (00:23:46.220 –> 00:23:53.460) Usarem IA pra macular a imagem de mulheres, inclusive teve notícias, pegaram lá uma (00:23:53.460 –> 00:23:58.420) Primeira ministra, não lembro exatamente de qual país, e aí começaram a fazer isso (00:23:58.420 –> 00:24:02.200) Com a imagem dela pra desqualificá-la, enfim. (00:24:02.200 –> 00:24:10.580) E aí acaba entrando, Vinícius, um pouco naquilo, eu vou puxar lá pro grupo 6, (00:24:10.580 –> 00:24:16.200) Mas tem um pouco a ver, o Vinícius me mandou esses dias uma notícia de um.. (00:24:16.200 –> 00:24:21.120) Seria um aborígine, da Nova Zelândia, que fazia vídeos.. (00:24:21.120 –> 00:24:21.760) O Steve Irving. (00:24:21.760 –> 00:24:23.340) Conta aí a história, conta aí a história. (00:24:23.340 –> 00:24:23.680) O Steve Irving. (00:24:23.680 –> 00:24:24.440) . (00:24:24.440 –> 00:24:26.260) É inacreditável. (00:24:26.260 –> 00:24:29.200) O Steve Irving, o Steve Irving é um.. (00:24:29.200 –> 00:24:37.740) Um aborígine, australiano, que faz vídeos.. (00:24:37.740 –> 00:24:38.240) Neo-zelandês. (00:24:38.240 –> 00:24:38.740) Neo-zelandês. (00:24:38.740 –> 00:24:39.380) Neo-zelandês. (00:24:39.380 –> 00:24:42.400) É Nova Zelândia, não misturar Nova Zelândia com a Austrália. (00:24:42.400 –> 00:24:43.140) Nada. (00:24:43.140 –> 00:24:49.400) Neo-zelandês, que faz vídeos, aqueles vídeos assim, meio de aventura, assim, de ver os bichos (00:24:49.400 –> 00:24:50.780) De perto e meio.. (00:24:50.780 –> 00:24:55.620) Encontra uma cobra e mexe na cobra e um escorpião e por aí vai. (00:24:55.700 –> 00:24:56.700) Esses vídeos assim, sabe? (00:24:56.700 –> 00:24:57.140) E mostrando.. (00:24:57.140 –> 00:25:00.160) Mas mostrando os animais lá da Nova Zelândia. (00:25:00.160 –> 00:25:01.120) Sim, exatamente. (00:25:01.120 –> 00:25:02.460) Fazendo um negócio.. (00:25:02.460 –> 00:25:04.060) Cara, um negócio muito bem feito. (00:25:04.060 –> 00:25:05.340) Um negócio muito bem feito. (00:25:05.340 –> 00:25:06.800) Tipo um National Geographic, assim. (00:25:06.800 –> 00:25:09.320) Tinha um outro cara, aquele cara que morreu.. (00:25:09.320 –> 00:25:13.500) Bem conhecido, ele morreu com ferrão de uma arraia. (00:25:13.500 –> 00:25:14.200) Uma arraia. (00:25:14.200 –> 00:25:15.560) No peito. (00:25:15.560 –> 00:25:18.040) Eu não lembro o nome dele, mas tudo bem. (00:25:18.040 –> 00:25:21.040) .. (00:25:21.040 –> 00:25:24.880) E esse personagem é uma vibe muito parecida, tá? (00:25:25.700 –> 00:25:30.620) Cara, um negócio com, assim, muita gente seguindo. (00:25:30.620 –> 00:25:37.660) Houve 90 mil pessoas no Instagram e aí começou a chamar muita atenção, muita atenção. (00:25:37.660 –> 00:25:42.600) E aí o cara que criou o personagem veio ao público e dizia, ó, esse cara não existe. (00:25:43.400 –> 00:25:47.980) O Steve Irving era o cara que morreu com ferrão de arraia. (00:25:49.420 –> 00:25:50.400) Sim, verdade. (00:25:50.400 –> 00:25:51.480) Na notícia, sim. (00:25:51.480 –> 00:25:53.080) Eu misturei aqui que ele chamou.. (00:25:53.080 –> 00:25:54.620) É o Aboriginal Steve Irving. (00:25:54.620 –> 00:25:56.860) É o Steve Irving aborigine. (00:25:56.860 –> 00:25:57.340) Exatamente. (00:25:57.340 –> 00:25:59.780) O Steve Irving é o cara real que morreu. (00:25:59.780 –> 00:26:00.720) Isso, isso. (00:26:00.720 –> 00:26:01.220) Isso. (00:26:01.220 –> 00:26:03.380) E o nome do cara que.. (00:26:03.380 –> 00:26:06.220) Essa persona digital criada. (00:26:07.620 –> 00:26:09.340) Quem criou foi o.. (00:26:09.340 –> 00:26:10.400) Quem criou foi o.. (00:26:10.400 –> 00:26:13.720) O Keegan, John Manson, o cara que fez a.. (00:26:13.720 –> 00:26:15.140) Que criou o personagem. (00:26:15.140 –> 00:26:17.260) Cara, eu não tenho o nome do personagem aqui. (00:26:17.260 –> 00:26:20.040) Seria o Bush Legend. (00:26:20.040 –> 00:26:20.480) Mas.. (00:26:20.480 –> 00:26:21.320) Bush Legend. (00:26:21.320 –> 00:26:22.260) Esse é o canal. (00:26:22.260 –> 00:26:23.760) Esse é o canal, Bush Legend. (00:26:23.760 –> 00:26:24.520) O Bush Legend. (00:26:24.520 –> 00:26:25.260) A conta aqui, ó. (00:26:25.260 –> 00:26:26.260) Tá separado aqui. (00:26:26.260 –> 00:26:27.280) Bush Legend, a conta. (00:26:27.780 –> 00:26:30.500) Mas o interessante é que não é a conta em si, tá? (00:26:30.500 –> 00:26:33.260) Quem quiser olhar o Bush Legend lá, deve estar no ar ainda esse negócio. (00:26:33.260 –> 00:26:35.240) O interessante não é a conta em si. (00:26:35.240 –> 00:26:41.400) O interessante é que é uma coisa que tu assiste e, cara, tu não se dá a conta que (00:26:41.400 –> 00:26:42.360) Não é real. (00:26:42.360 –> 00:26:47.360) Talvez ali num vídeo ou outro tu possa até perceber, tá? (00:26:47.360 –> 00:26:50.880) Mas a maioria das pessoas não vai perceber. (00:26:50.880 –> 00:26:51.920) Não vai se dar conta, não vai se dar conta. (00:26:51.920 –> 00:26:53.560) Então, assim.. (00:26:53.560 –> 00:27:01.540) E recentemente teve um vídeo também, eu vi essa semana, ou semana passada, um vídeo (00:27:01.540 –> 00:27:06.360) Em que tava o Brad Pitt lutando com o Tom Cruise, tá? (00:27:06.360 –> 00:27:10.320) E eles discutindo os Epstein Files na luta. (00:27:10.320 –> 00:27:20.040) Eu mostrei pra minha esposa o vídeo e disse assim, olha só o trailer de um filme que eles (00:27:20.040 –> 00:27:20.940) Estão lançando e tal. (00:27:21.420 –> 00:27:24.060) Aí a gente começou a ver o vídeo, eu já tinha visto, ela começou a ver o vídeo, (00:27:24.060 –> 00:27:29.440) Assim, tá, mas aí eles falando e tal, e eles se batendo e não paravam de se bater (00:27:29.440 –> 00:27:31.840) E conversar, assim, mas que cena mais. (00:27:31.840 –> 00:27:33.080) Sem propósito. (00:27:33.480 –> 00:27:34.820) Uma coisa meio.. (00:27:34.820 –> 00:27:37.000) Mas ao mesmo tempo ela achou que fosse verdade. (00:27:37.000 –> 00:27:38.060) Aham. (00:27:38.060 –> 00:27:43.120) Ela achou que fosse verdade, porque os personagens, ali o Tom Cruise e o Brad Pitt, tá certinho (00:27:43.120 –> 00:27:43.500) Ali, cara. (00:27:43.500 –> 00:27:44.900) Claro que fica.. (00:27:44.900 –> 00:27:48.780) Depois eles começam a zoar, começam a mudar demais, assim, começam a botar uns personagens (00:27:48.780 –> 00:27:49.800) Meio estranhos no negócio. (00:27:50.560 –> 00:27:51.240) Mas é.. (00:27:51.240 –> 00:27:51.800) E há, cara. (00:27:51.800 –> 00:27:53.660) E aí isso gera tanto.. (00:27:53.660 –> 00:27:54.580) Não só uma preocupação. (00:27:54.580 –> 00:27:56.300) Agora nós estamos vando pra ano de eleição. (00:27:56.300 –> 00:27:57.360) Vamos ver o que vai acontecer. (00:27:57.360 –> 00:28:07.520) Mas não só gera essa possível confusão com quem assiste, pra quem assiste, mas também (00:28:07.520 –> 00:28:13.300) Tá gerando uma boa discussão lá nos Estados Unidos com relação, lá nos sindicatos dos (00:28:13.300 –> 00:28:16.380) Artistas e tudo mais. (00:28:16.380 –> 00:28:23.620) Porque, cara, se tu não quiser usar a imagem de alguém, que obviamente tu vai ter que pagar (00:28:23.620 –> 00:28:28.240) Pra usar a imagem do Tom Cruise, ninguém discute que mesmo que seja autorizado pelo Tom Cruise (00:28:28.240 –> 00:28:33.160) Tu vai ter que pagar o Tom Cruise pelo uso da imagem dele, mas que tu possa começar a criar (00:28:33.160 –> 00:28:37.600) Personagens completamente fictícios, ou pessoas. (00:28:37.600 –> 00:28:44.560) Atores fictícios, pra.. (00:28:37.600 –> 00:28:44.560) Pra atuarem num filme, atuarem numa série. (00:28:45.560 –> 00:28:48.320) E aí tu não precisar mais. (00:28:48.320 –> 00:28:53.580) Talvez tu possa substituir até o roteirista na brincadeira, mas tu não precisar mais (00:28:53.580 –> 00:28:55.500) De atores humanos pra atuar. (00:28:55.500 –> 00:28:57.120) Então.. (00:28:57.120 –> 00:29:01.940) Tem uma discussão bem interessante em cima disso, sabe? (00:29:01.940 –> 00:29:07.680) A questão do emprego dos artistas e da questão do conteúdo que tu entrega. (00:29:07.680 –> 00:29:09.200) Pras pessoas. (00:29:09.200 –> 00:29:11.120) Tu vai assistir um filme.. (00:29:11.120 –> 00:29:14.480) Assim, tu topa assistir um filme muito bom feito por Iá? (00:29:14.480 –> 00:29:16.560) Cara.. (00:29:16.560 –> 00:29:21.280) Eu acho que tem um elemento ético, inclusive se fala isso lá numa das notícias. (00:29:21.800 –> 00:29:27.300) Que é um preceito de trans.. (00:29:21.800 –> 00:29:27.300) Um preceito ético de transparência no uso de Iá. (00:29:27.300 –> 00:29:32.160) Então, quando a gente fala em princípios de governança de Iá, a transparência, ela (00:29:32.160 –> 00:29:36.060) Se desdobra em várias.. (00:29:32.160 –> 00:29:36.060) Várias situações. (00:29:36.060 –> 00:29:40.680) E uma das situações que a transparência se desdobra, enquanto princípio que deve reger (00:29:40.680 –> 00:29:45.320) O uso da Iá, isso eu tô falando porque é princípio já adotado na União Europeia (00:29:45.320 –> 00:29:46.940) E tudo mais, é.. (00:29:46.940 –> 00:29:51.140) . (00:29:46.940 –> 00:29:51.140) Você tem que saber que aquele conteúdo é gerado por Iá. (00:29:51.140 –> 00:29:52.800) E a grande.. (00:29:52.800 –> 00:29:54.320) E por que que isso virou notícia? (00:29:54.320 –> 00:29:55.540) Na verdade, são duas coisas. (00:29:55.540 –> 00:30:00.500) Isso virou notícia porque não se deram.. (00:29:55.540 –> 00:30:00.500) Ninguém se deu conta. (00:30:00.500 –> 00:30:05.540) Porque se diz, você mostra pra pessoa, se você olhar num vídeo e prestar atenção, (00:30:05.540 –> 00:30:06.760) Você vai descobrir que é. (00:30:06.760 –> 00:30:10.420) A questão é que hoje, até a gente comentava isso antes. (00:30:10.420 –> 00:30:17.520) Nós, eu e você e quem nos escuta, nós já estamos consumindo conteúdos gerados por (00:30:17.520 –> 00:30:18.440) Iá sem se dar conta. (00:30:18.440 –> 00:30:18.840) Por quê? (00:30:18.840 –> 00:30:23.400) Porque a lógica de consumir conteúdo em rede social não é você ficar prestando atenção (00:30:23.400 –> 00:30:28.980) Nos detalhes, a lógica é que você vai passando rapidamente sobre certos conteúdos. (00:30:28.980 –> 00:30:32.780) E você fica vendo muitos, aquela história do feed infinito que a gente já falou. (00:30:32.780 –> 00:30:38.080) Que é uma das maldições das redes sociais e o que aprisiona as pessoas lá dentro é (00:30:38.080 –> 00:30:38.860) O feed infinito. (00:30:38.860 –> 00:30:39.900) E vamos lá. (00:30:39.900 –> 00:30:42.620) O teu espírito crítico ali fica bem rebaixado. (00:30:42.840 –> 00:30:45.960) Claro que quando a gente olha o vídeo depois sabendo o que bom, tudo bem. (00:30:45.960 –> 00:30:51.860) Ontem mesmo eu tava na academia e fica uma TV ligada lá e tava passando uma propaganda (00:30:51.860 –> 00:30:53.300) Do Liquida Porto Alegre. (00:30:53.300 –> 00:30:57.000) É tipo uma liquidação de verão que eles fazem aqui na cidade. (00:30:57.800 –> 00:31:05.020) E, cara, cinco segundos da coisa já deu pra ver que era tudo gerado por Iá, cara. (00:31:05.020 –> 00:31:09.860) Toda uma propaganda gerada por Iá, até porque no final tinha uma senhora bem idosa correndo (00:31:09.860 –> 00:31:15.540) Junto com um monte de pessoas que ela não teria como uma senhora. (00:31:15.540 –> 00:31:19.400) Enfim, até teria, mas chamou a atenção o fato de ser uma senhora bem idosa correndo (00:31:19.400 –> 00:31:21.000) Loucamente na cidade, assim, sabe? (00:31:21.640 –> 00:31:25.980) Não que não seja possível, não que não seja possível. (00:31:25.980 –> 00:31:29.660) Não, não que não seja possível, mas, assim, aquilo já disparou, não, como assim. (00:31:29.660 –> 00:31:35.940) Então, você tem um elemento ético muito, isso tá acontecendo, a propaganda, eu acredito, (00:31:35.940 –> 00:31:39.720) Que o CONAR, enfim, a regulamentação da propaganda tem que deixar isso claro. (00:31:39.720 –> 00:31:45.220) Olha, você está assistindo uma reportagem, uma propaganda feita por Iá, assim como você (00:31:45.220 –> 00:31:49.340) Quando você tá consumindo um produto no supermercado, diz se aquilo ali tem transgênico (00:31:49.340 –> 00:31:51.900) Ou não, ou o que consta. (00:31:51.900 –> 00:31:52.140) Excesso de sal. (00:31:52.140 –> 00:31:53.980) Excesso de sal, por que não? (00:31:53.980 –> 00:31:58.020) Porque a gente sabe que isso é bem brain rotizável. (00:31:58.020 –> 00:31:58.900) Aham. (00:31:58.900 –> 00:32:01.200) Brain rotizável, você não inventei agora, Vinícius. (00:32:01.200 –> 00:32:02.880) É um bom verbo. (00:32:02.880 –> 00:32:04.220) Brain rotizável. (00:32:04.220 –> 00:32:13.740) Vinícius, Brasil, você já deve ter ouvido falar disso, mas Brasil e União Europeia, (00:32:13.740 –> 00:32:17.320) Consolidaram lá o seu acordo de adequação mútua. (00:32:17.320 –> 00:32:23.180) Então, basicamente, agora, no final de janeiro, foi anunciado esse reconhecimento recíproco (00:32:23.180 –> 00:32:25.560) De adequação dos regimes de proteção de dados. (00:32:25.560 –> 00:32:31.800) E tem-se pintado isso como um marco histórico, porque, além desse franco reconhecimento, (00:32:31.800 –> 00:32:35.060) A ideia é que se abra, principalmente para o Brasil. (00:32:35.440 –> 00:32:42.000) Mas a ideia é que o Brasil poderia se beneficiar com base nesse acordo de adequação, (00:32:42.000 –> 00:32:47.660) Prestando serviços, para toda a União Europeia. (00:32:47.660 –> 00:32:53.020) Então, isso poderia ampliar o uso de data centers para IA e também o uso de próprio serviço, (00:32:53.020 –> 00:32:56.040) Porque uma vez que você tem esse reconhecimento, você não precisa, (00:32:57.180 –> 00:33:00.580) Digamos assim, quando você for fazer a transferência internacional de dados, (00:33:00.580 –> 00:33:03.140) Que é uma das situações lá em que você faz de um lado para o outro, (00:33:03.140 –> 00:33:05.800) Esse reconhecimento implica na possibilidade automática, (00:33:05.800 –> 00:33:08.880) Sem, por exemplo, você pedir, precisar pedir consentimento, (00:33:08.880 –> 00:33:12.820) Ou fazer avisos adicionais, ou reconhecimentos das autoridades. (00:33:12.820 –> 00:33:18.980) Então, abre-se, de fato, um espaço comercial também, (00:33:19.040 –> 00:33:22.300) Não seja de fluxos, de fluxo seguro de dados, enfim. (00:33:22.300 –> 00:33:24.600) Qual a questão? (00:33:24.600 –> 00:33:31.800) A questão é que, quando a gente faz uma comparação em como a União Europeia tem aplicado sanções (00:33:31.800 –> 00:33:35.620) E como o Brasil tem aplicado sanções, mesmo diante desse reconhecimento, (00:33:35.620 –> 00:33:39.620) Nós notamos que há uma distância, porque no Brasil ainda há, (00:33:39.620 –> 00:33:43.980) E aqui eu falo como titular de dados pessoais, (00:33:44.360 –> 00:33:49.580) Ainda há um certo, é um certo, como é que eu vou dizer, (00:33:49.580 –> 00:33:54.640) Atraso, talvez, na aplicação de sanções em situações muito complexas. (00:33:54.640 –> 00:33:57.340) Apenas para vocês terem uma ideia de alguns números, (00:33:57.340 –> 00:34:00.120) Na França, por exemplo, agora é janeiro, fevereiro, (00:34:00.120 –> 00:34:06.280) Você teve a France Travel, foi multada em 5 milhões de euros, (00:34:06.280 –> 00:34:09.920) A Free Mobile, 42 milhões de euros, (00:34:10.920 –> 00:34:14.820) É dividido aqui em Free Mobile e Free, não sei o que é. (00:34:14.820 –> 00:34:19.140) Então, você teve aí todas essas situações somente, (00:34:19.140 –> 00:34:22.120) Ou seja, multas milionárias na França, (00:34:22.120 –> 00:34:27.400) Somente por situações de vazamentos que se confirmou que ocorreram (00:34:27.400 –> 00:34:30.300) Por causa de insuficiência de medidas de segurança (00:34:30.300 –> 00:34:32.560) Adotadas por essas organizações. (00:34:32.560 –> 00:34:34.060) Isso na França. (00:34:34.060 –> 00:34:36.940) Na Espanha, que é uma autoridade pequena, (00:34:36.940 –> 00:34:40.180) Tem, se não me engano, menos funcionários do que, (00:34:40.180 –> 00:34:43.540) Até fiz esses dias um apanhado de número de funcionários e tal, (00:34:43.540 –> 00:34:45.960) Mas acho que tem menos funcionários do que a nossa NPD, (00:34:45.960 –> 00:34:53.040) Eles terminaram 2025 com 394 procedimentos sancionadores (00:34:53.040 –> 00:34:57.040) E com multas que somadas deram 40 milhões de euros. (00:34:57.040 –> 00:35:00.040) Então, acho que para consolidar, de fato, (00:35:00.040 –> 00:35:03.700) Urge que nós tenhamos um aprimoramento, (00:35:03.700 –> 00:35:05.480) E eu não falo nem somente em multas, (00:35:05.480 –> 00:35:08.720) Eu falo em sanções, impedir certos tratamentos, (00:35:08.720 –> 00:35:14.400) Caminhar justamente para a implementação de medidas de segurança, (00:35:14.400 –> 00:35:16.680) Resolver a questão das farmácias, (00:35:16.680 –> 00:35:20.380) Resolver a questão que a gente já falou aqui no nosso podcast (00:35:20.380 –> 00:35:26.980) Sobre a farra das biometrias faciais em academias, (00:35:26.980 –> 00:35:29.580) Em condomínios. (00:35:29.580 –> 00:35:32.780) Então, acho que a gente comemora, de fato, (00:35:32.780 –> 00:35:36.060) Mas há um caminho ainda a ser perseguido, me parece, (00:35:36.060 –> 00:35:40.100) Posso estar errado, enfim, mas me parece que há um caminho ainda a ser percorrido. (00:35:40.100 –> 00:35:42.580) Isso, obviamente, é uma via de duas mãos. (00:35:42.580 –> 00:35:45.340) Então, a gente tem uma equivalência. (00:35:45.340 –> 00:35:46.080) Isso. (00:35:46.080 –> 00:35:48.500) Então, uma coisa que muda, então, por exemplo, (00:35:48.500 –> 00:35:51.660) Se você quiser usar algum data center na Europa, (00:35:51.660 –> 00:35:53.620) Na União Europeia, para fazer mais ou menos de dados (00:35:53.620 –> 00:35:57.820) E cidadãos brasileiros, em princípio, ok. (00:35:57.820 –> 00:35:59.860) Isso. (00:35:59.860 –> 00:36:02.260) Quando você tem na União Europeia, (00:36:02.260 –> 00:36:04.040) Nos países que fazem parte da União Europeia, (00:36:04.040 –> 00:36:06.980) Não é na Europa, porque você tem países que.. (00:36:06.980 –> 00:36:08.340) Sim, eu falei, União Europeia, não é Europeia. (00:36:08.340 –> 00:36:10.960) Tu tem Inglaterra que não faz mais parte da União Europeia. (00:36:10.960 –> 00:36:12.060) Inglaterra não é mais. (00:36:12.060 –> 00:36:14.520) Aí o pessoal lá da Inglaterra, (00:36:14.520 –> 00:36:15.720) Quando entra na União Europeia, (00:36:15.720 –> 00:36:18.300) Eles ficam na fila não dos residentes da União Europeia, (00:36:18.300 –> 00:36:20.040) Eles têm que enfrentar a fila de todo mundo, (00:36:20.040 –> 00:36:21.800) Mas Suíça também não é. (00:36:21.960 –> 00:36:22.660) É engraçado. (00:36:22.660 –> 00:36:24.420) A Suíça também não é. (00:36:24.420 –> 00:36:25.960) Embora a Suíça tenha, (00:36:25.960 –> 00:36:30.200) Seja conhecida justamente por hospedar sistemas, (00:36:30.200 –> 00:36:32.080) The Privacy Friendly, de segurança, (00:36:32.080 –> 00:36:34.180) Mais VPNs que ficam lá na Suíça, (00:36:34.180 –> 00:36:36.520) Se vendem, mas não faz parte da Suíça. (00:36:36.520 –> 00:36:38.740) A Suíça acho que faz parte do espaço Schengen, (00:36:38.740 –> 00:36:39.340) Se não me engano, (00:36:39.340 –> 00:36:42.320) Que permite que você entre, (00:36:42.320 –> 00:36:44.640) Sem a necessidade de passar por fronteiras, (00:36:44.640 –> 00:36:46.120) Tem o tráfego livre, (00:36:46.120 –> 00:36:47.180) Mas acho que não faz, (00:36:47.180 –> 00:36:49.740) Mas não faz da União Europeia. (00:36:51.160 –> 00:36:52.620) Bom, Vinícius, (00:36:52.620 –> 00:36:54.680) Seguindo aqui, (00:36:54.680 –> 00:36:59.520) Nós temos também toda a questão da vigilância, (00:36:59.520 –> 00:37:02.240) Lá no Grupo 5, (00:37:02.240 –> 00:37:04.420) De vigilância e privacidade, (00:37:04.420 –> 00:37:05.220) Que nós vimos, (00:37:05.220 –> 00:37:07.680) Que me chamou bastante atenção, (00:37:07.680 –> 00:37:09.320) Chamou bastante atenção, (00:37:09.320 –> 00:37:13.660) Que foi o FBI solicitando a Microsoft (00:37:13.660 –> 00:37:17.460) A entrega de chaves BitLocker. (00:37:17.460 –> 00:37:20.720) E a gente estava conversando sobre isso antes, (00:37:20.720 –> 00:37:23.100) Não é obrigatório, (00:37:23.100 –> 00:37:26.540) Que você salve a chave do BitLocker na Microsoft. (00:37:26.540 –> 00:37:26.940) Não. (00:37:26.940 –> 00:37:27.900) Você pode salvar. (00:37:27.900 –> 00:37:29.380) Pode não estar em outro lugar. (00:37:30.520 –> 00:37:33.140) O que chama atenção aqui é a possibilidade, (00:37:33.140 –> 00:37:33.740) E vejam, (00:37:33.740 –> 00:37:35.360) Assim, (00:37:35.360 –> 00:37:36.800) O FBI e a polícia, (00:37:36.800 –> 00:37:39.040) Eu tenho absoluta certeza (00:37:39.040 –> 00:37:44.300) Que todos esses órgãos de investigação, (00:37:44.300 –> 00:37:45.220) De persecução penal, (00:37:45.220 –> 00:37:46.440) Tem o direito de, (00:37:46.440 –> 00:37:47.820) Eventualmente, (00:37:47.820 –> 00:37:50.180) Por uma ordem judicial fundamentada, (00:37:50.180 –> 00:37:52.420) Pedir acesso a nuvens, (00:37:52.420 –> 00:37:54.300) Como é o que está acontecendo agora. (00:37:54.560 –> 00:37:56.020) Os grandes escândalos aí, (00:37:56.020 –> 00:37:56.820) Banco Master, (00:37:57.240 –> 00:37:57.620) Mas, assim, (00:37:57.620 –> 00:38:01.300) Grandes escândalos e de crimes e tal, (00:38:01.300 –> 00:38:04.420) O pessoal acaba acessando nuvem de gente (00:38:04.420 –> 00:38:06.180) Que deixa o WhatsApp fazendo, (00:38:06.180 –> 00:38:07.480) Não se fala muito, (00:38:07.480 –> 00:38:10.940) Mas que deixa o WhatsApp fazendo backup lá no Google, (00:38:10.940 –> 00:38:11.940) Acessa o Google, (00:38:11.940 –> 00:38:14.000) Recupera o backup e vê tudo que o cara fez, (00:38:14.000 –> 00:38:14.720) Quem conversou, (00:38:14.720 –> 00:38:16.020) E arquivos e tudo mais. (00:38:16.020 –> 00:38:18.580) Mas o que chama atenção (00:38:18.580 –> 00:38:22.160) Sobretudo como os Estados Unidos agora estão se posicionando, (00:38:22.160 –> 00:38:23.440) Nessa parte de vigilância, (00:38:23.440 –> 00:38:25.520) Já vem se posicionando ao longo dos últimos anos, (00:38:25.520 –> 00:38:27.260) De repente, (00:38:27.260 –> 00:38:30.500) O FBI pegar a tua chave do BitLocker (0
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! Simple 6 signup link https://simple6.co/r/CFUR98 Google settles lawsuit for alleged spying https://x.com/marionawfal/status/2016426999192113572 https://www.foxbusiness.com/technology/google-settles-lawsuit-68-million-following-allegations-secretly-recording-smart-device-users Head of CISA uploads sensitive documents to ChatGPT https://arstechnica.com/tech-policy/2026/01/us-cyber-defense-chief-accidentally-uploaded-secret-government-info-to-chatgpt/ Microsoft gives BitLocker decryption keys under court order https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/ Winter Olympics 2026 kick off https://www.nbcolympics.com/news/team-usas-roster-2026-milan-cortina-olympics-officially-set Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Chris Lawrence - https://www.linkedin.com/in/chris-lawrence-b30140/
Chris and Hector take on the uneasy space where privacy, technology, and law enforcement overlap. They break down how encrypted data was accessed through BitLocker recovery keys, how doorbell cameras are quietly becoming part of policing and immigration enforcement, and how an alleged insider siphoned millions in seized cryptocurrency from government controlled wallets. Join our Patreon for weekly bonus episodes: https://www.patreon.com/c/hackerandthefed Send HATF your questions at questions@hackerandthefed.com
In this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news. They discuss: La France is tres sérieux about ditching US productivity software China's Salt Typhoon was snooping on Downing Street Trump wields the mighty DISCOMBOBULATOR ESET says the Polish power grid wiper was Russia's GRU Sandworm crew US cyber institutions CISA and NIST are struggling Voice phishing for MFA bypass is getting even more polished This episode is sponsored by Sublime Security. Brian Baskin is one of the team behind Sublime's 2026 Email Threat Research report. He joins to talk through what they see of attackers' use of AI, as well as the other trends of the year. This episode is also available on Youtube. Show notes France to ditch US platforms Microsoft Teams, Zoom for ‘sovereign platform' amid security concerns | Euronews Suite Numérique plan - Google Search China hacked Downing Street phones for years Cyberattack Targeting Poland's Energy Grid Used a Wiper Trump says U.S. used secret 'discombobulator' on Venezuelan equipment during Maduro raid | PBS News Risky Bulletin: Cyberattack cripples cars across Russia - Risky Business Media Lawmakers probe CISA leader over staffing decisions | CyberScoop Trump's acting cyber chief uploaded sensitive files into a public version of ChatGPT - POLITICO Acting CISA director failed a polygraph. Career staff are now under investigation. - POLITICO NIST is rethinking its role in analyzing software vulnerabilities | Cybersecurity Dive Federal agencies abruptly pull out of RSAC after organizer hires Easterly | Cybersecurity Dive Real-Time phishing kits target Okta, Microsoft, Google Phishing kits adapt to the script of callers On the Coming Industrialisation of Exploit Generation with LLMs – Sean Heelan's Blog GitHub - SeanHeelan/anamnesis-release: Automatic Exploit Generation with LLMs Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" - Ars Technica Bypassing Windows Administrator Protection - Project Zero Task Failed Successfully - Microsoft's “Immediate” Retirement of MDT - SpecterOps Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission WhatsApp's Latest Privacy Protection: Strict Account Settings - WhatsApp Blog Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops: Reports | TechCrunch He Leaked the Secrets of a Southeast Asian Scam Compound. Then He Had to Get Out Alive | WIRED Key findings from the 2026 Sublime Email Threat Research Report
Timestamps: 0:00 just bring it next time :) 0:18 Intel Panther Lake reviews 2:10 Microsoft gives up BitLocker encryption keys 4:04 TikTok US changes, confusion 6:25 QUICK BITS INTRO 6:40 W11 update leaves users unable to boot 7:24 Stop Killing Games EU petition update 8:18 Dept of Transportation using Gemini 8:58 JBL speakers split songs into stems 9:37 Ordering Domino's via Wii in 2026 NEWS SOURCES: https://lmg.gg/keKvM Learn more about your ad choices. Visit megaphone.fm/adchoices
Microsoft ha entrega claves de BitLocker al FBI por una orden judicial. A diferencia de Apple o Google, las guarda sin cifrar del lado servidor. El cifrado conveniente resulta ser cifrado con puerta trasera legal de serie.Loop Infinito, podcast de Xataka, de lunes a viernes a las 7.00 h (hora española peninsular). Presentado por Javier Lacort. Editado por Alberto de la Torre.Contacto:
AI adoption within organizations is increasingly polarized, with Gallup data cited showing that while 77% of technology professionals use AI at work, overall workplace adoption rose only marginally from 45% to 46% in late 2025. This stagnation is attributed not to employee reluctance, but to aggressive uptake by leadership without corresponding redesign of roles and workflows at lower organizational levels. In the UK, research presented notes an 8% net job loss tied to AI alongside a 11.5% productivity increase, with younger workers expressing heightened concern over future employment security.Supporting analysis emphasizes that AI utilized only in decision-making circles can compress organizations, trading resilience for short-term efficiency. Dave Sobel cautions that celebrating productivity gains without acknowledging operational fragility introduces organizational brittleness, as headcount reductions outpace tangible capability improvements across all layers. The discussion underscores the risk in pitching AI as a leadership tool without regard for its broader impact.Additional topics include the risks of encryption practices—specifically Microsoft's BitLocker—and the limits of user control over recovery keys when stored in the cloud. Dave Sobel highlights governance failures when MSPs assume encryption equates to privacy without explicit decisions regarding key custody and authority, noting that silent trade-offs can expose organizations to privacy vulnerabilities. Furthermore, coverage of CISA's absence from RSA conference outlines how diminished federal engagement increases liability and ambiguity for MSPs tasked with interpreting security policy. New video authentication features from Ring are examined as evidence of a broader shift where provenance and chain of custody outweigh convenience, directly affecting the evidentiary value of managed data.The overarching implication for MSPs and IT providers is clear: risk, authority, and liability are being systematically reallocated within the supply chain and between vendors, government, and service providers. Operational preparedness now depends on explicit documentation, governance choices, and advance recognition of liability transfer. Failing to adapt—by leaving deployment decisions, key management, and evidentiary workflows unexamined—may result in organizational fragility, legal exposure, and loss of client trust. Four things to know today 00:00 Stalled AI Adoption and UK Job Losses Show Productivity Gains Are Not Broadly Shared04:06 BitLocker Encryption Allows Microsoft Access to Recovery Keys Stored in the Cloud06:21 CISA Breaks From Past Practice, Declines RSA Conference Appearance08:36 Ring Uses Cryptographic Seals to Verify Video Authenticity as Evidence Trust Becomes a Governance Issue This is the Business of Tech. Supported by: https://scalepad.com/dave/
Microsoft quietly hands over BitLocker keys to the government, TikTok's new privacy terms spark a user panic, and Europe's secret tech backups reveal anxious prep for digital fallout. Plus, how gambling platforms are changing the future of news and sports. You can bet on how much snow will fall in New York City this weekend Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech China, US sign off on TikTok US spinoff TikTok users freak out over app's 'immigration status' collection -- here's what it means Elon Musk's Grok A.I. Chatbot Made Millions of Sexualized Images, New Estimates Show Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw - Forbes House of Lords votes to ban social media for Brits under 16 Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" Route leak incident on January 22, 2026 149 Million Usernames and Passwords Exposed by Unsecured Database Millions of people imperiled through sign-in links sent by SMS Anthropic revises Claude's 'Constitution,' and hints at chatbot consciousness The new Siri chatbot may run on Google servers, not Apple's A Wikipedia Group Made a Guide to Detect AI Writing. Now a Plug-In Uses It to 'Humanize' Chatbots GitHub - anthropics/original_performance_takehome: Anthropic's original performance take-home, now open for you to try! Telly's "free" ad-based TVs make notable revenue—when they're actually delivered - Ars Technica Toilet Maker Toto's Shares Get Unlikely Boost From AI Rush - Slashdot Dr. Gladys West, whose mathematical models inspired GPS, dies at 95 Host: Leo Laporte Guests: Alex Stamos, Doc Rock, and Patrick Beja Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit meter.com/twit redis.io expressvpn.com/twit shopify.com/twit
Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Grok's creation of sexually explicit images. Glimmers of access pierce Iran's internet blackout. Koi Security warns npm fixes fall short against PackageGate exploits. Some Windows 11 devices fail to boot after installing the January Patch Tuesday updates. CISA warns of active exploitation of multiple vulnerabilities across widely used enterprise and developer software. ESET researchers have attributed the cyberattack on Poland's energy sector to Russia's Sandworm. This week's business breakdown. Brandon Karpf joins us to talk space and cyber. CISA sits out RSAC. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is cybersecurity executive and friend of the show Brandon Karpf with Dave Bittner and T-Minus Space Daily host Maria Varmazis, for our monthly space and cyber segment. Brandon, Maria and Dave discuss “No more free rides: it's time to pay for space safety.” Selected Reading FBI Accessed Windows Laptops After Microsoft Shared BitLocker Recovery Keys (Hackread) European Commission opens new investigation into X's Grok (The Register) Amid Two-Week Internet Blackout, Some Iranians Are Getting Back Online (New York Times) Hackers can bypass npm's Shai-Hulud defenses via Git dependencies (Bleeping Computer) Microsoft investigates Windows 11 boot failures after January updates (Bleeping Computer) CISA says critical VMware RCE flaw now actively exploited (Bleeping Computer) CISA confirms active exploitation of four enterprise software bugs (Bleeping Computer) ESET Research: Sandworm behind cyberattack on Poland's power grid in late 2025 (ESET) Aikido secures $60 million in Series B funding. (N2K Pro Business Briefing) CISA won't attend infosec industry's biggest conference (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Did you even notice that new TikTok privacy policy over the weekend? AirTags finally have a second generation. Microsoft confirms it will give out your BitLocker recovery keys if you're silly enough to store them with them. And let me introduce you to Clawdbot. Since you can't see the spelling, you won't understand how this is different until I explain. TikTok Is Now Collecting Even More Data About Its Users. Here Are the 3 Biggest Changes (Wired) Apple launches AirTag 2 with improved range, louder speaker, more (9to5Mac) EU opens formal probe into Musk's xAI over Grok deepfakes (FT) Latest ChatGPT model uses Elon Musk's Grokipedia as source, tests reveal (The Guardian) Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw (Forbes) Clawdbot Showed Me What the Future of Personal AI Assistants Looks Like (MacStories) Learn more about your ad choices. Visit megaphone.fm/adchoices
Microsoft quietly hands over BitLocker keys to the government, TikTok's new privacy terms spark a user panic, and Europe's secret tech backups reveal anxious prep for digital fallout. Plus, how gambling platforms are changing the future of news and sports. You can bet on how much snow will fall in New York City this weekend Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech China, US sign off on TikTok US spinoff TikTok users freak out over app's 'immigration status' collection -- here's what it means Elon Musk's Grok A.I. Chatbot Made Millions of Sexualized Images, New Estimates Show Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw - Forbes House of Lords votes to ban social media for Brits under 16 Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" Route leak incident on January 22, 2026 149 Million Usernames and Passwords Exposed by Unsecured Database Millions of people imperiled through sign-in links sent by SMS Anthropic revises Claude's 'Constitution,' and hints at chatbot consciousness The new Siri chatbot may run on Google servers, not Apple's A Wikipedia Group Made a Guide to Detect AI Writing. Now a Plug-In Uses It to 'Humanize' Chatbots GitHub - anthropics/original_performance_takehome: Anthropic's original performance take-home, now open for you to try! Telly's "free" ad-based TVs make notable revenue—when they're actually delivered - Ars Technica Toilet Maker Toto's Shares Get Unlikely Boost From AI Rush - Slashdot Dr. Gladys West, whose mathematical models inspired GPS, dies at 95 Host: Leo Laporte Guests: Alex Stamos, Doc Rock, and Patrick Beja Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit meter.com/twit redis.io expressvpn.com/twit shopify.com/twit
Microsoft quietly hands over BitLocker keys to the government, TikTok's new privacy terms spark a user panic, and Europe's secret tech backups reveal anxious prep for digital fallout. Plus, how gambling platforms are changing the future of news and sports. You can bet on how much snow will fall in New York City this weekend Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech China, US sign off on TikTok US spinoff TikTok users freak out over app's 'immigration status' collection -- here's what it means Elon Musk's Grok A.I. Chatbot Made Millions of Sexualized Images, New Estimates Show Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw - Forbes House of Lords votes to ban social media for Brits under 16 Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" Route leak incident on January 22, 2026 149 Million Usernames and Passwords Exposed by Unsecured Database Millions of people imperiled through sign-in links sent by SMS Anthropic revises Claude's 'Constitution,' and hints at chatbot consciousness The new Siri chatbot may run on Google servers, not Apple's A Wikipedia Group Made a Guide to Detect AI Writing. Now a Plug-In Uses It to 'Humanize' Chatbots GitHub - anthropics/original_performance_takehome: Anthropic's original performance take-home, now open for you to try! Telly's "free" ad-based TVs make notable revenue—when they're actually delivered - Ars Technica Toilet Maker Toto's Shares Get Unlikely Boost From AI Rush - Slashdot Dr. Gladys West, whose mathematical models inspired GPS, dies at 95 Host: Leo Laporte Guests: Alex Stamos, Doc Rock, and Patrick Beja Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit meter.com/twit redis.io expressvpn.com/twit shopify.com/twit
Microsoft quietly hands over BitLocker keys to the government, TikTok's new privacy terms spark a user panic, and Europe's secret tech backups reveal anxious prep for digital fallout. Plus, how gambling platforms are changing the future of news and sports. You can bet on how much snow will fall in New York City this weekend Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech China, US sign off on TikTok US spinoff TikTok users freak out over app's 'immigration status' collection -- here's what it means Elon Musk's Grok A.I. Chatbot Made Millions of Sexualized Images, New Estimates Show Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw - Forbes House of Lords votes to ban social media for Brits under 16 Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" Route leak incident on January 22, 2026 149 Million Usernames and Passwords Exposed by Unsecured Database Millions of people imperiled through sign-in links sent by SMS Anthropic revises Claude's 'Constitution,' and hints at chatbot consciousness The new Siri chatbot may run on Google servers, not Apple's A Wikipedia Group Made a Guide to Detect AI Writing. Now a Plug-In Uses It to 'Humanize' Chatbots GitHub - anthropics/original_performance_takehome: Anthropic's original performance take-home, now open for you to try! Telly's "free" ad-based TVs make notable revenue—when they're actually delivered - Ars Technica Toilet Maker Toto's Shares Get Unlikely Boost From AI Rush - Slashdot Dr. Gladys West, whose mathematical models inspired GPS, dies at 95 Host: Leo Laporte Guests: Alex Stamos, Doc Rock, and Patrick Beja Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit meter.com/twit redis.io expressvpn.com/twit shopify.com/twit
Lexus kills your car's heater in Germany if it's idling to warm up. Microsoft outage was 10hrs! Microsoft giving up BitLocker encryption Keys to FBI, SONY getting out of TV business, Can I upgrade my PC to Win 11 so I can pay my Taxes? Am I a Verizon customer? New PC and I migrated my Files to the Cloud by accident!
(Presented by Material Security: We protect your company's most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 82: We parse news that China-linked VoidLink is a malware framework created entirely by AI and the collapsing line between elite APT operations and everyday threat actors. Plus, a new Sean Heelan essay on low-cost exploit generation and why “AI guardrails” are mostly a comforting myth; AI slop overwhelming bug bounty programs; CISA's new Brickstorm YARA rules; and fresh research on a wiper-malware found in Russian attacks against Poland's electricity sector. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Why are code signing certificates suddenly getting shorter, pricier, and more restrictive? Steve Gibson and Leo Laporte expose the "cabal" rewriting the rules for everyone who builds software—and what it means for your security and your wallet. Code-signing certificate lifetimes shortened by two years. Sadly, ChatGPT is heading toward an advertising profit model. The Python Package Index is strengthening its security. BitLocker gets hardware acceleration, but not today. New York City's mayoral inauguration banned Raspberry Pi's. An astonishingly good British time travel series. A critical link between Vitamin D and Magnesium. A look inside the very bad MongoBleed vulnerability Show Notes - https://www.grc.com/sn/SN-1059-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow threatlocker.com/twit material.security bitwarden.com/twit
PC makers are shaking up CES with wild designs and next-gen chips, but the real story is Microsoft's bold software moves, AI's hardware hunger, and a candid debate over whether any tech company still puts users first. Come for the Windows updates, stay for the whisky warnings and robot bathroom assistants. CES 2026 is here with the 4K hummingbird feeder of your dreams New PCs and more from HP consumers/commercial, HP gamers, Lenovo, others The first official Copilot+ PC desktops Snapdragon X2 Plus joins X2 Elite and X2 Elite Extreme Intel Panther Lake has meaningful CPU and graphics performance gains, but predictable reliability issues AMD Ryzen AI 400 series is a minor bump Windows Paul was the first to report that Microsoft is refactoring it all with Rust A Microsoft distinguished engineer wrote about his desire to refactor all C/C++ code in the company with Rust by 2030 Some mistook this to mean "rewriting Windows with Rust,ˮ so he had to issue a clarification. But I never wrote that. Heads-up: That will happen, but this is really about Azure first and the core underlying code in Microsoftʼs most important platforms Microsoft released hardware-accelerated BitLocker in late 2025 and never told anyone. It requires the latest PC CPUs Copilot app update that adds text editing actions to Copilot Vision across channels Dev and Beta got first previews of AI agents on the Taskbar, starting with the Researcher agent, plus underlying Agent Launchers experience IDC says the global memory shortage (thanks, AI!) could screw up PC and smartphone growth this year AI ChatGPT now has an app store, but it has a ways to go Mozilla Firefox will have a "killswitchˮ for AI Our national nightmare will soon be over, LG will let users remove Copilot app from their smart TVs Xbox and gaming First Xbox Game Pass releases of 2026 include Resident Evil Village and Star Wars Outlaws Xbox Cloud Gaming is coming to Hisense smart TVs and to the latest Fire TV smart TVs GOG goes independent, will continue DRM-free push "Have a blastˮ and other FPS throwbacks from the 1990s Valve quietly killed the LCD Steam Deck model Tips and picks Tip of the week: Itʼs time to give Little AI a look App pick of the week: Bonjourr RunAs Radio this week: What AI can do for SysAdmins in 2026 with Cecilia Wiren Brown liquor pick of the week: The Singleton of Dufftown 12 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: threatlocker.com/twit cachefly.com/twit
Why are code signing certificates suddenly getting shorter, pricier, and more restrictive? Steve Gibson and Leo Laporte expose the "cabal" rewriting the rules for everyone who builds software—and what it means for your security and your wallet. Code-signing certificate lifetimes shortened by two years. Sadly, ChatGPT is heading toward an advertising profit model. The Python Package Index is strengthening its security. BitLocker gets hardware acceleration, but not today. New York City's mayoral inauguration banned Raspberry Pi's. An astonishingly good British time travel series. A critical link between Vitamin D and Magnesium. A look inside the very bad MongoBleed vulnerability Show Notes - https://www.grc.com/sn/SN-1059-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: meter.com/securitynow threatlocker.com/twit material.security bitwarden.com/twit
© 2020-2026 Ivy Podcast Discovery LLC
