Podcasts about fido alliance

Passwords were built for a different era of the internet. It's time to move past shared secrets to close your organization's largest threat vector for good.Traditional passwords and legacy Multi-Factor Authentication (MFA) are no longer enough to protect your business. Automated, scaling phishing toolkits easily intercept shared secrets, leaving small and medium businesses highly vulnerable to credential breaches.In this episode, Jen sits down with Nishant Kaushik, Chief Technology Officer at the FIDO Alliance, to translate complex cryptographic standards into an actionable, resource-light deployment plan. Learn how to transition away from legacy authentication and close the hidden operational loopholes that hackers actively exploit.What You Will Learn:The Flaw in Basic MFA: Why SMS codes and standard one-time passwords (OTPs) are failing, and what true "phishing-resistant" security means.The Account Recovery Trap: Why a weak "Forgot Password" workflow accidentally gives hackers their primary attack vector back—and how to fix it.The Bottom-Line Benefit: How moving to passkeys drastically reduces internal IT helpdesk tickets, manual password resets, and overhead costs.Right-Sizing Your Passkey Deployment: How to easily segment your workforce strategy:Standard Users: Synced passkeys via platform credential managers (Apple, Google, 1Password, Bitwarden).Privileged Users: Dedicated hardware keys (YubiKeys) for root admins and high-sensitivity infrastructure.The 1-Week Action Plan: How to leverage the identity infrastructure you already own (like Google Workspace or Microsoft Entra ID) to deploy passkeys today.Resources Mentioned:Learn more about modern identity standards: FIDO Alliance WebsiteReview baseline federal security recommendations: CISA Guidance on Phishing-Resistant MFADiscover SecurityMetrics compliance resources: SecurityMetrics Official SiteThreat Intelligence Data: Read the data behind credential exploitation in the latest Verizon Data Breach Investigations Report (DBIR). Federal Passkey Standards: Review the updated identity and passkey frameworks via the NIST SP 800-63 Digital Identity Guidelines. Enterprise Identity Platforms: Learn how modern stacks integrate passwordless via Okta Verify and Microsoft Entra ID. About the Guest: Nishant Kaushik is the Chief Technology Officer at the FIDO Alliance, bringing over 25 years of leadership in digital identity and access management (IAM). He holds nine patents, frequently serves on the advisory committees for the RSA Conference and Identiverse, and is a founding member of IDPro.A note from Jen: We built Practical Cybersecurity because we were tired of the fear-mongering in this industry. Security shouldn't be a secret club.If you're trying to figure out PCI compliance or need a pen test, my team at SecurityMetrics can help you out: https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place But if you just want to learn how to protect yourself for free, start here:  https://academy.securitymetrics.com/ 

Adieu les codes : Comment la biométrie comportementale va tuer le mot de passe en 2026 Par Régis BAUDOUIN Se souvenir d’une majuscule, d’un chiffre, d’un caractère spécial, et changer le tout tous les trois mois… Cette corvée mentale, vestige des débuts de l’informatique, vit ses toutes dernières heures. En ce mois de juin 2026, le déploiement mondial des standards de connexion de nouvelle génération marque une bascule historique. Menée par l’alliance des géants de la tech, la sécurité ne repose plus sur ce que vous connaissez (un mot de passe), ni même uniquement sur ce que vous êtes (votre empreinte digitale), mais sur la façon dont vous vous comportez. Bienvenue dans l'ère de la biométrie comportementale décentralisée. Le coût de l’oubli : Selon les dernières données du cabinet Gartner, les demandes de réinitialisation de mots de passe représentent encore 20% à 30% de l’ensemble des tickets d’assistance informatique en entreprise, pour un coût moyen estimé à 15€ par intervention. Comment votre téléphone sait que c'est vous La biométrie traditionnelle (Iris, FaceID, empreinte) cartographie des caractéristiques physiques figées. La biométrie comportementale, elle, analyse la dynamique de vos actions en temps réel. C'est une science algorithmique qui transforme vos habitudes inconscientes en une signature mathématique unique. Lorsque vous saisissez votre smartphone, plusieurs dizaines de capteurs physiques s’activent en arrière-plan : L'accéléromètre et le gyroscope : Ils mesurent l’angle exact et la micro-oscillation de votre main. Le capteur de pression tactile : Il évalue la surface de contact de votre pouce et la force exercée sur la dalle en verre. Le rythme de frappe : L’algorithme calcule au millième de seconde près le temps de pression sur chaque touche et l’intervalle de transition entre deux lettres. Les publications de la IEEE Biometrics Council démontrent qu’en analysant seulement 30 à 40 frappes consécutives, un algorithme de notation comportementale atteint un taux de précision supérieur à 99% pour identifier le véritable propriétaire de l’appareil. Pour l’Intelligence Artificielle locale de votre téléphone, votre manière de taper ou de balayer votre fil d’actualité est aussi unique qu’une empreinte génétique. Si un tiers subtilise votre téléphone déverrouillé, le système détecte le changement de rythme en moins de 1,5 seconde et reverrouille l’appareil automatiquement. Source Le standard Passkeys 2.0 de l’alliance FIDO La question légitime que pose une telle innovation est celle de la vie privée. Hors de question que nos rythmes de frappe ou nos données de marche soient envoyés sur des serveurs Cloud pour y être analysés. C’est ici que la prouesse technique prend tout son sens : tout reste en local. Cette révolution s’appuie sur l’évolution des Passkeys, un protocole mondial développé par la FIDO Alliance. Les statistiques d’adoption de la FIDO Alliance pour 2026 révèlent que plus de 12 milliards de comptes en ligne dans le monde supportent désormais cette technologie. Métrique de SécuritéMots de Passe ClassiquesPasskeys + Biométrie ComportementaleSensibilité au Phishing (Hameçonnage)100% (Vulnérable)0% (Immunisé)Temps moyen de connexion~15 secondes~2,5 secondesTaux d’échec à l’authentification~14% (Erreurs de saisie)Moins de 0,5% Le principe repose sur la cryptographie asymétrique. Lorsque vous créez un compte, votre téléphone génère une paire de clés : une clé publique émise au site internet, et une clé privée, jalousement gardée dans l’enclave matérielle sécurisée de votre processeur (le Secure Element). La biométrie comportementale sert uniquement de déclencheur physique pour “libérer” cette clé privée locale. Le site distant ne reçoit jamais vos données comportementales ; il reçoit simplement une validation mathématique. Focus sur les Passkey Le principe fondamental d’un Passkey est qu’il n’existe aucun secret partagé entre vous et le service en ligne (Netflix, votre banque, Amazon). Contrairement à un mot de passe classique, qui est stocké sur les serveurs de l’entreprise (et donc vulnérable aux fuites de données), le Passkey sépare la sécurité en deux éléments mathématiques distincts et indissociables. [ Votre Appareil ] [ Serveur Web ] Clé Privée (Secrète) ── Chiffre le défi ──> Clé Publique (Connue) (Reste dans le SE) (Ne sert qu'à vérifier) Comment se déroule une connexion passkey ? 1.La génération de la paire de clés :Lors de l’inscription. Le gestionnaire de Passkeys de votre appareil génère une clé privée (qui reste enfermée dans la puce physique sécurisée de votre téléphone) et une clé publique (qui est envoyée au serveur du site). 2.L’envoi du défi (Challenge) :Lors de la connexion. Lorsque vous voulez vous connecter, le site web envoie un “défi” (un message aléatoire chiffré) à votre appareil. 3.Le déverrouillage biométrique :Validation locale. Votre appareil vous demande de valider votre identité (via FaceID, empreinte ou la fameuse biométrie comportementale). Cette action locale sert d’autorisation pour réveiller la clé privée. 4.La signature mathématique :Finalisation. La clé privée signe le défi envoyé par le site et renvoie la réponse. Le serveur utilise votre clé publique pour vérifier la signature. Si le calcul correspond, vous êtes connecté. Aucun mot de passe n’a voyagé sur le réseau. Les deux grandes familles de solutions Passkeys L’écosystème de 2026 se divise en deux approches techniques pour gérer ces clés cryptographiques. Elles répondent à des besoins de mobilité ou de sécurité informatique différents. 1. Les Passkeys Synchronisés (Multi-appareils / Synced Passkeys) C’est la solution grand public par excellence, intégrée nativement dans nos systèmes d’exploitation. La clé privée est stockée dans le trousseau Cloud du constructeur (Apple iCloud Keychain, Google Password Manager, Microsoft Account). Le fonctionnement : Si vous créez un Passkey sur votre iPhone, il est automatiquement disponible sur votre Mac ou votre iPad via iCloud. Le mécanisme de secours : Si vous perdez votre smartphone, vos Passkeys ne sont pas perdus : ils sont restaurés dès que vous vous reconnectez à votre compte cloud principal avec une authentification forte. Le cas du cross-platform : Si vous êtes sur un PC Windows et voulez vous connecter à un site avec le Passkey de votre iPhone, le PC affiche un QR Code. Votre iPhone le scanne, vérifie via une liaison Bluetooth de proximité que les deux appareils sont dans la même pièce, et valide la connexion. 2. Les Passkeys Matériels Liés (Single-device / Hardware-bound Passkeys) Cette approche est privilégiée par les entreprises, les banques ou les profils à haute visibilité (journalistes, politiciens). La clé privée est générée à l’intérieur d’un composant matériel dont elle ne pourra jamais sortir, interdisant toute copie dans le cloud. Les clés de sécurité physiques : Les clés USB/NFC (comme les YubiKeys de Yubico) matérialisent ce principe. La clé privée est scellée dans la puce de l’objet. Pour se connecter, il faut impérativement insérer la clé ou la badger contre son téléphone. Le niveau de sécurité supérieur : Même si votre compte iCloud ou Google est piraté, personne ne peut voler vos Passkeys matériels car ils n’existent nulle part sur internet. Les acteurs du marché des passkey en 2026 Le marché des solutions s’est considérablement structuré autour de trois grands types d’acteurs : Les natifs (Les OS) : Apple, Google et Microsoft fournissent l’infrastructure de base gratuite. C’est transparent pour l’utilisateur mais cela tend à verrouiller ce dernier dans leur écosystème respectif. Les gestionnaires indépendants (Cross-platform) : Des logiciels comme 1Password, Dashlane ou l’alternative open-source Bitwarden permettent de stocker et de synchroniser vos Passkeys de manière agnostique (fonctionne aussi bien entre un téléphone Android et un navigateur Safari sur Mac). Les solutions d’infrastructure (B2B) : Des plateformes comme Okta ou Ping Identity déploient ces architectures au sein des réseaux d’entreprises pour supprimer définitivement le risque de piratage interne. Le Passkey résout définitivement la faille numéro un de la sécurité informatique : l’erreur humaine. Un algorithme ne peut pas se faire berner par un faux site d’hameçonnage (phishing), car la clé publique est mathématiquement liée au nom de domaine exact du site. Si l’URL change d’une seule lettre, l’appareil refuse tout simplement de signer le défi. Sécurité absolue et friction zéro Pour l’utilisateur comme pour l’économie numérique, les bénéfices de cette numérisation invisible de la sécurité sont colossaux. Immunité totale contre le Phishing : Le rapport annuel de Verizon sur les fuites de données rappelle que 74% des cyberattaques impliquent encore un facteur humain (vol d’identifiants ou ingénierie sociale). N’ayant plus de mot de passe à taper, vous ne pouvez plus vous le faire voler par un faux email ou un site miroir. L’accessibilité universelle : Pour les personnes âgées ou en situation de handicap, la fin des barrières de saisie de codes complexes supprime la principale cause de l’exclusion numérique. La rentabilité pour les plateformes : Les géants du e-commerce constatent déjà une hausse de 5% à 7% des taux de conversion lors de l’étape de paiement depuis que les processus d’authentification contraignants ont été remplacés par la validation passive en arrière-plan. L’authentification invisible Le mot de passe était une anomalie ergonomique, une interface artificielle qui forçait l’humain à parler le langage de la machine. En 2026, la technologie est enfin devenue assez mature pour s’adapter à l’humain. En observant nos mouvements et nos rythmes sans jamais les trahir, nos appareils transforment nos gestes du quotidien en la plus sûre des clés. La haute sécurité n’est plus une contrainte, elle est devenue une seconde nature. Références et publications scientifiques pour approfondir : Le standard industriel et statistiques d’adoption : Pour comprendre l’architecture des clés d’accès décentralisées, consultez le portail officiel de la FIDO Alliance sur la technologie Passkey. Recherche en informatique et taux de précision : Pour les fondements scientifiques de l’analyse du rythme de frappe, voir les études indexées par le IEEE Xplore Digital Library sur les Keystroke Dynamics. Statistiques sur les cyberattaques : Consultez les rapports d’analyse des menaces sur le Verizon Data Breach Investigations Report pour les données liées au vol d’identifiants. The post Quand le mot de passe c'est vous first appeared on XY Magazine.

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

Dashlane's CTO pulls back the curtain on how password managers are actually using AI, why it's more complicated than hype suggests, and what the rise of AI-powered code review means for the next wave of digital security. Nvidia Rides Blistering Chip Sales to Another Record Quarter Mind-Blowing Growth Is About to Propel Anthropic Into Its First Profitable Quarter SpaceX Filing Starts Countdown to Massive IPO Gemini 3.5 Flash: more expensive, but Google plan to use it for everything Google's Gemini Spark is an agentic AI assistant - Engadget Anthropic's Co-Founder to Launch Encyclical on AI With Pope Leo (21) Andrej Karpathy on X: "Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time." / X Most U.S. doctors are quietly using this AI tool. Few patients know about it. Greg Brockman Officially Takes Control of OpenAI's Products in Latest Shakeup Amazon's Alexa+ Now Produces AI-Generated 'Podcasts' Featuring Chats Between Two Robot 'Co-Hosts' AI chatbots are giving out people's real phone numbers Geoffrey Fowler and the Launch of the Youth AI Safety Institute We let four AIs run radio stations. Here's what happened. | Andon Labs The last six months in LLMs in five minutes Lake Tahoe Power Crisis: How AI Data Centers Are Cutting Power to 50,000 Residents What happens when you post a real Monet and say it's AI? The coolest art social experiment I've seen in a while. Thank you @SHL0MS Book on Truth in the Age of A.I. Contains Quotes Made Up by A.I. OpenClaw's Peter Steinberger's tokenmaxxing 'Obvious markers of AI': doubts raised over winner of short story prize Man drives Cybertruck into Grapevine Lake Stewart Brand's Maintenance of Everything Sports Illustrated Just Deleted Every Article by One of Its Writers After Accusation of AI Plagiarism The great digital media valuation collapse Sperm racing Hosts: Leo Laporte, Jeff Jarvis, and Paris Martineau Guest: Frederic Rivain Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit monarch.com with code IM zscaler.com/security XBOW.com

FIDO Alliance working on securing AI agent payments Germany suspects Russia in Signal phishing RCE flaw in open-source robotics platform Get the show notes here: https://cisoseries.com/cybersecurity-news-agent-payments-russian-phishing-lerobot-rce-flaw/  Thanks to our episode sponsor, Guardsqaure Is your mobile app truly protected? Relying on the OS isn't enough. A global study of thirteen-hundred security and developer leaders found that ninety-six percent of teams using layered protection reported significantly fewer security incidents. Don't wait for a breach to harden your defenses. Get the protection needed for modern secuirty risks. Learn more at Guardsquare.com.

Jeff and Jim welcome back Heather Flanagan for her fifth appearance on the show. Heather shares updates across a wide range of current work including her new role as content chair for the Identiverse conference, an appointment to the W3C Technical Architecture Group, ongoing support for NIST and NCCOE, advising the SIROS Foundation open source wallet project, and the continued growth of the Identity Salon. The conversation explores who is actually building identity standards for AI agents and whether traditional standards bodies can keep pace with AI development. Heather breaks down the authentication challenges posed by agentic AI, the problem of continuous identity and delegation, and why posting a spec on your website does not make it a standard. The discussion shifts to national digital identity programs in the US and Europe, the underserved relying party problem in credential frameworks, and why financial services may be the next major proving ground for mobile driver's licenses. The episode closes with a look at digital estate planning as the identity community's most uncomfortable but increasingly unavoidable problem.Connect with Heather: https://www.linkedin.com/in/hlflanagan/A Digital Identity (Heather's Podcast): https://sphericalcowconsulting.com/digital-identity-digest/Death and the Digital Estate Community Group: https://openid.net/cg/death-and-the-digital-estate/Death and the Digital Estate Planning Guide: https://openid.net/wp-content/uploads/2026/03/Digital-Estate-Planning-Guide-1.pdfConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comTIMESTAMPS0:00 Introduction and Heather's Conference Knitting Story6:00 Heather's Current Work: Identiverse, W3C TAG, NIST, SIROS Foundation14:00 What Is the Identity Salon?16:00 AI Agents and the Authentication Challenge22:00 Standards, Interoperability, and MCP25:30 IETF, W3C, and Who Governs AI Identity Standards31:00 AI in Standards Development: Opportunity or Risk?32:30 National Digital Identity Programs: US and Europe36:30 Mobile Driver's Licenses and Financial Services40:00 Digital Credentials for I-9 and KYC Use Cases43:30 The Digital Estate and Death in the Digital Age46:00 OpenID Foundation Resources for Digital Estate47:00 Identity Management Day Theme Songs and Wrap-UpKEYWORDSidentity and access management, IAM, standards, AI agents, agentic AI, digital identity, digital credentials, mobile driver's license, W3C, IETF, OpenID Foundation, FIDO Alliance, MCP, authentication, delegation, digital estate, identity proofing, verifiable credentials, selective disclosure, zero knowledge proofs, KYC, NIST, identity salon, Heather Flanagan, Identity Management Day, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

Welcome to the Fraudian Slip, the Identity Theft Resource Center's (ITRC's) podcast, where we talk about all things identity theft, fraud and scams that impact people and businesses. Last week, we published our 2025 Annual Data Breach Report by ITRC. ITRC President James E. Lee presented the findings at the Identity, Authentication and the Road Ahead Identity Policy Forum, hosted by the Better Identity Coalition, the FIDO Alliance and the ITRC. The 2025 Annual Data Breach Report by ITRC looks at the number of data compromises, the root cause of the compromises, the types of data compromised, trends, solutions and much more.   Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with the Cal Ripken of IDAC, Andrew Shikiar, Executive Director and CEO of the FIDO Alliance. Andrew shares exciting updates on the incredible progress of Passkeys, revealing that over 3 billion are now in use securing accounts. We discuss the key themes of the conference, including the ongoing arms race with AI in security and the critical role of identity verification. Andrew also unveils the new Passkey Index, an initiative to provide industry benchmarks for deployment success. Looking ahead, the conversation shifts to the FIDO Alliance's broadening focus on digital credentials and wallets, aiming to solve the usability and certification challenges that have held the space back. Finally, we hear about the global expansion of the Authenticate conference brand, with a new event launching in Singapore.Connect with Andrew: https://www.linkedin.com/in/andrewshikiar/Learn more about FIDO: https://fidoalliance.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapter Timestamps:00:00:00 - Introduction to Authenticate 2025 Themes00:02:50 - Welcoming Andrew Shikiar of the FIDO Alliance00:04:00 - Andrew's Keynote: Passkey Progress and Future Goals00:05:17 - Over 3 Billion Passkeys in Use00:06:57 - Improving the Passkey User Experience (UX)00:09:02 - Introducing the Passkey Index for Benchmarking00:10:46 - The Growth of the Authenticate Conference00:14:55 - FIDO Alliance's New Focus: Digital Credentials and Wallets00:17:25 - Overcoming Hurdles in Digital Credential Adoption00:20:03 - The Role of Major Stakeholders in FIDO's Success00:23:05 - The Future of the Authenticate Conference00:24:00 - Announcing Authenticate APAC in Singapore00:25:07 - Global Differences in Passkey Adoption00:28:19 - Closing Thoughts and FIDO Feud RecapKeywords:Andrew Shikiar, FIDO Alliance, Passkeys, Authenticate 2025, identity verification, digital credentials, digital wallets, passwordless, WebAuthn, user experience, Passkey Index, cybersecurity, authentication, mobile driver's license, multi-factor authentication, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

Live from Authenticate 2025, Jeff Steadman and Jim McDonald sit down with Dr. Tina Srivastava, an IDPro board member and co-founder of Badge Inc., for a crucial discussion on the rapidly evolving landscape of identity and authentication.Tina shares her insights on the conference, the evolution from physical hacks to sophisticated AI-driven threats like supercharged phishing, and the current challenges facing the industry. The conversation delves into the complexities of synced Passkeys, the critical vulnerability of account recovery processes, and the slow pace of regulation in keeping up with technology.As a board member for IDPro, Tina highlights the immense value of the practitioner-focused community, the supportive culture within its Slack channels, and makes an exciting announcement about the creation of new member-driven committees to shape the future of the organization. They explore the concept of the "AI arms race" and why identity professionals cannot afford to wait for the next big thing, emphasizing that collaboration and information sharing through communities like IDPro are essential to staying ahead of adversaries.Connect with Tina: https://www.linkedin.com/in/tina-s-8291438a/Find out more about IDPro: https://www.idpro.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comChapters00:00 Introduction and Greetings00:16 Highlights from Authenticate 202501:39 FIDO Feud Rematch Discussion03:17 Guest Introduction: Tina Srivastava03:46 Conference Insights and AI Challenges06:16 Regulatory Environment and Passkeys09:11 Phishing and AI Supercharged Attacks12:28 QR Codes and Accessibility Issues13:09 The Importance of Phishing Resistant Authentication22:24 IDPro Community and Practitioner Support25:18 Community Support and Engagement26:26 IDPro's Role in Identity Events27:48 Future Directions for IDPro29:19 Introducing Committees in IDPro30:39 AI and Identity Verification37:07 The Importance of Information Sharing45:35 Public Speaking and Personal Growth50:58 Conclusion and Final ThoughtsKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Tina Srivastava, IDPro, Authenticate 2025, Passkeys, AI, Artificial Intelligence, Cybersecurity, Phishing, Deepfakes, Authentication, Account Recovery, Biometrics, Identity and Access Management, IAM, NIST, Regulation, Identity Verification, Synced Passkeys, FIDO Alliance

In this episode of the Identity at the Center podcast, Jeff and Jim discuss various aspects of identity access management (IAM) policies and the importance of having a solid foundation. They emphasize the need for automation, controls, and how IAM policies should be created without technology limitations in mind. The discussion also covers the implementation challenges and the evolving concept of identity verification. Jeff, Jim, and their guest, Nishant Kaushik, the new CTO at the FIDO Alliance, also delve into the issues surrounding the adoption of passkeys, highlighted by Rusty Deaton's IDPro article, and address some common concerns about their security. Nishant offers insights into ongoing work at FIDO Alliance, the potential of digital identity, and the importance of community in the identity sector. The episode concludes with mentions of upcoming conferences and an homage to the late identity expert, Andrew Nash.Timestamps00:00 Introduction and Greetings00:18 Importance of IAM Policies01:36 Challenges in Policy Implementation05:09 Conferences and Discount Codes07:59 Introducing the Guest: Nishant Kaushik08:42 The Role of the FIDO Alliance and Digital Identity10:35 Concerns and Solutions for Passkeys22:21 Final Thoughts on Passkeys and Authentication29:48 Credential Security Concerns30:03 FIDO Members and Their Contributions30:38 Getting Involved in Working Groups31:58 Conversations at Authenticate Conference32:29 Evolution of the Authenticate Conference34:32 Automotive Authentication Challenges36:04 Community and Collaboration38:33 Remembering Andrew Nash41:41 Lightning Round: Current State of AI and Identity44:21 Decentralized Identity: Current Trends49:47 Non-Human Identity: Future Perspectives52:19 New York Sports Fandom54:33 Conclusion and Upcoming EventsConnect with Nishant: https://www.linkedin.com/in/nishantkaushik/Learn more about the FIDO Alliance: https://fidoalliance.org/IDPro Article by Rusty Deaton: https://idpro.org/blackhat-and-def-con-2025-thoughts/Kill the Wallet? Rethinking the Metaphors Behind Digital Identity by Heather Flanagan: https://sphericalcowconsulting.com/2025/07/22/digital-wallet-metaphor/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

Apple ha implementado ya en sus nuevos sistemas operativos (iOS 26 y hermanos) la posibilidad de exportar e importar Passkeys. A la espera de que la FIDO Alliance publique el estándar definitivo, la empresa de la manzana se ha basado en el borrador ya publicado para implementar esta funcionalidad.

In this episode of the Identity at the Center Podcast, Jeff and Jim broadcast live from Identiverse 2025. Special guest Andrew Shikiar from the FIDO Alliance joins to talk about efforts to push passkey adoption and reduce reliance on passwords. Topics covered include the technicalities of passkeys, their adoption by major banks like Wells Fargo, and initiatives for adding more signals for high assurance scenarios. The episode wraps up with exciting news about the upcoming Authenticate conference and plans for an Authenticate APAC edition in Singapore.00:00 Introduction and Greetings00:16 Podcast Highlights and Recent Activities01:38 Guest Introduction: Andrew Shikiar from FIDO Alliance01:58 FIDO Alliance and Passkey Adoption07:13 Technical Insights on Passkeys14:52 Authenticate Conference and Community20:20 Global Adoption and Regional Differences25:13 Conclusion and Wrap-UpConnect with LinkedIn: https://www.linkedin.com/in/andrewshikiarLearn more about the FIDO Alliance: https://fidoalliance.org/Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.com

EP 247. ... and in this update, Microsoft has updated Windows Hello to require both infrared and color cameras for facial authentication, improving security by addressing a spoofing vulnerability, though it now requires visible lighting. This increases biometric reliability and inconvenience to users in low-light settings. Consider exploring alternative operating systems like Linux for flexible authentication options. Aim Labs identified and helped patch 'EchoLeak,' a zero-click vulnerability in Microsoft 365 Copilot that risked data exfiltration via malicious emails, highlighting the need for stonking great AI guardrails.Denmark is shifting from Microsoft Office and Windows to LibreOffice and Linux to enhance digital sovereignty and reduce reliance on foreign technology, driven by security, economic, and geopolitical priorities.Chinese AI companies are bypassing U.S. chip export controls by processing data in third countries like Malaysia, using suitcases of hard drives to transport AI-training data.Mattel has teamed up with OpenAI to develop AI-enhanced toys, promising safe, engaging, and age-appropriate experiences, with the first product set to launch later this year.Apple's new passkey import/export feature, built on FIDO Alliance standards, enables secure credential transfers across platforms, boosting interoperability while maintaining biometric security.This advances user convenience and cross-ecosystem flexibility. Now you can adopt passkeys to streamline secure authentication across your devices and platforms. A data broker owned by major U.S. airlines sold passenger flight data to DHS, prompting privacy concerns as agencies track travel without disclosing data sources.WhatsApp will begin displaying ads in its Updates section, using limited user data like location for targeting, while preserving end-to-end encryption for chats and messages.INTERPOL's Operation Secure dismantled over 20,000 malicious IPs linked to 69 malware variants, arresting 32 suspects and seizing significant data to curb phishing and fraud.Find the full transcript for this podcast here.

The Future of Security Operations podcast is back for a sixth season, and, to kick it off, Thomas is joined by Christofer Hoff. Christofer has over 30 years of experience in network and information security architecture, development, engineering, operations, and management, including security leadership roles at Bank of America, Citadel, and Juniper Networks. He's currently Chief Secure Technology Officer at LastPass, a unique role that combines the duties of CSO and CTO, while also serving on the board at FIDO Alliance. In this episode: [02:00] How blogging landed Christofer his first couple of jobs in security [06:50] Taking a more holistic approach to security through collaboration [09:40] Rebuilding LastPass's security org from scratch [12:03] Reflecting on incidents - what LastPass did right [16:12] Communicating with customers and the broader community during incidents [20:15] Navigating tech debt as a security leader [23:55] The biggest challenges AI has produced for his team [25:16] How LastPass uses an AI working group for decision-making [29:00] The evolving challenges of browser security [35:05] Passkeys, passwords and the future of secure authentication [41:40] Tips on hiring and structuring effective security teams [46:47] How LastPass creates efficiency through automation [50:38] The biggest changes he'd like to see in security [54:44] Connect with Chris The Future of Security Operations is brought to you by Tines, the orchestration, automation, and AI platform that powers some of the world's most important workflows. Where to find Christofer Hoff: LinkedIn Chris's Rational Survivability blog Where to find Thomas Kinsella: LinkedIn Tines Resources mentioned: Chris on Google's Cloud Security Podcast LastPass Security Incident Summary

With phishing and password breaches on the rise, passkeys could offer a more secure, user-friendly solution that could reshape how we protect our online identities. Today's guest is Christiaan Brand. Christiaan is the co-founder of Entersekt, a financial services security firm and a key player at Google in their security and identity teams.  A respected voice in cybersecurity, Christian co-chairs the FIDO2 technical working group focusing on standardizing robust online security protocols in advancing the use of passkeys. He has been at the forefront of the shift toward more secure, password-free systems. We'll hear his insights on the challenges and opportunities of implementing passkeys to create safer online environments for users and organizations. Show Notes: [00:52] - Christiaan is part of the security team for Google accounts. He's been with Google for 9 years. Prior to that he had a startup. [01:30] - He joined the FIDO Alliance around the same time Google joined in 2013. When he joined Google, he was able to continue with the same type of work. [02:35] - Each of the big tech companies represents a portion of the market when it comes to how we interact with the web and apps. [04:06] - He became interested in security when he started thinking about what could go wrong with new technology solutions. He wanted users to be able to access their financial information in a safe and secure way. [05:06] - 2FA began gaining traction with Google in 2011. It coincided with the launch of Google Authenticator. 2FA was also used by a gaming company. [07:54] - Usability is important, that's why having an app that displays the codes was one of the first forays into making the technology more accessible. [08:34] - Passkeys allow us to move beyond passwords, leaving the extra hassle of traditional multi-factor authentication behind. [11:05] - Key fobs were one of the earlier ways to try and bring usability to security. Now the technology is being moved to smartphones. [12:33] - Passkeys are a replacement for a password manager. [13:35] - Passkeys are extremely long and asymmetric in nature. You and the site you're going to both have the passkey. [14:27] - The service will have the public part of the passkey, and you'll have the private part. Even if the public part leaks out, your passkey will still be secure. Passkeys can never be revealed to phishing sites. [15:47] - FIDO brings the second authentication step in. The service also has to identify themselves. [20:04] - Password managers try to balance security and convenience. Logging in or accessing a passkey is a unique challenge for providers. [22:20] - Phone numbers are a way to get users back into their accounts. [25:19] - Single device users have extra challenges. [26:08] - There are pros and cons to external sources of identity. [29:44] - The FIDO website has many certified solutions. [33:21] - To get passkeys into daily users' lives, we need to start using them on daily applications where we log in frequently. [35:49] - Hopefully this passkey solution will stand the test of time. [37:34] - Attacks are beginning to shift to session hijacking. [38:24] - DBSC or device-based session credentials is a new standard parallel to FIDO. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Entersekt Christiaan Brand on LinkedIn Christiaan Brand on Twitter Christiaan Brand on Facebook FIDO2 Technical Working Group Learn More About Passkeys Passkeys.Dev FIDO Alliance Passkeys

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

A look back at some of our favorite interviews from the past year: Emily Forlini of PCMag and her story about the AI "dating scene" AI through ChatGPT Plus and AI boyfriends and her somewhat lackluster experience. Jennifer Pattison Tuohy and the breaking news that the U.S. Department of Justice is suing Apple for claims that the company has an illegal monopoly over the smartphone market. Amanda Silberlng and her story that she wrote about how how AI images have entered this year's Met Gala's online discourse through celebrities who "appeared" on the Met Gala carpet. Abrar Al-Heeti and her story about how Harvard students created an app called I-XRAY that uses Meta's Ray-Ban smart glasses and facial recognition to find personal data on people in real-time, raising privacy concerns. Leah Nylen of Bloomberg talks with Mikah about the Google Antitrust Case and The Department of Justice's recommendations that could reshape the tech giant. And Nick Steele and David Turner from the FIDO Alliance join Mikah to discuss the Alliance's new specifications involving passkeys and their portability. Host: Mikah Sargent Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

For our second year now, Mike Privette, from Return on Security and the Security, Funded newsletter joins us to discuss the year's highlights and what's to come in the next 12 months. In some ways, it has been a return to form for funding, though some casualties of a tough market likely had to seek acquisition when they might have otherwise raised another round and stayed independent a while longer. We'll cover some stats, talk 2025 IPO market, and discuss the likelihood of (already) being in another bubble, particularly with regards to the already saturated AI security market. It won't be all financial trends though, we'll discuss some of the technical market trends, whether they're finding market fit, and how ~50ish AI SOC startups could possibly survive in such a crowded space. In this segment, we discuss two new FIDO Alliance standards focused on credential portability. Specifically, if passwordless is going to catch on, we need to minimize friction and maximize usability. In practice, this means that passkeys must be portable! Rew Islam of Dashlane joins us to discuss the new standards and how they'll help us enter a new age of secure authentication, both for consumers and the enterprise. Segment Resources: Elevating Passwordless Security With AWS Nitro Synced Passkeys Will Be Portable FIDO Alliance Publishes New Specifications to Promote User Choice and Enhanced UX for Passkeys This week, in the enterprise security news, NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcast-segment/13370-enterprise-security-weekly-387 Snowflake takes security more seriously Microsoft takes security more seriously US Government takes telecom security more seriously Cleo Capital takes security more seriously EU's DORA takes effect soon Is phishing and security awareness training worthless? CISOs need financial literacy Supply chain firewall is basic but useful All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-387

For our second year now, Mike Privette, from Return on Security and the Security, Funded newsletter joins us to discuss the year's highlights and what's to come in the next 12 months. In some ways, it has been a return to form for funding, though some casualties of a tough market likely had to seek acquisition when they might have otherwise raised another round and stayed independent a while longer. We'll cover some stats, talk 2025 IPO market, and discuss the likelihood of (already) being in another bubble, particularly with regards to the already saturated AI security market. It won't be all financial trends though, we'll discuss some of the technical market trends, whether they're finding market fit, and how ~50ish AI SOC startups could possibly survive in such a crowded space. In this segment, we discuss two new FIDO Alliance standards focused on credential portability. Specifically, if passwordless is going to catch on, we need to minimize friction and maximize usability. In practice, this means that passkeys must be portable! Rew Islam of Dashlane joins us to discuss the new standards and how they'll help us enter a new age of secure authentication, both for consumers and the enterprise. Segment Resources: Elevating Passwordless Security With AWS Nitro Synced Passkeys Will Be Portable FIDO Alliance Publishes New Specifications to Promote User Choice and Enhanced UX for Passkeys This week, in the enterprise security news, NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcast-segment/13370-enterprise-security-weekly-387 Snowflake takes security more seriously Microsoft takes security more seriously US Government takes telecom security more seriously Cleo Capital takes security more seriously EU's DORA takes effect soon Is phishing and security awareness training worthless? CISOs need financial literacy Supply chain firewall is basic but useful All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-387

In this segment, we discuss two new FIDO Alliance standards focused on credential portability. Specifically, if passwordless is going to catch on, we need to minimize friction and maximize usability. In practice, this means that passkeys must be portable! Rew Islam of Dashlane joins us to discuss the new standards and how they'll help us enter a new age of secure authentication, both for consumers and the enterprise. Segment Resources: Elevating Passwordless Security With AWS Nitro Synced Passkeys Will Be Portable FIDO Alliance Publishes New Specifications to Promote User Choice and Enhanced UX for Passkeys Show Notes: https://securityweekly.com/esw-387

In this episode of the Trust Issues podcast, host David Puner sits down with Andrew Shikiar, the Executive Director and CEO of the FIDO Alliance, to discuss the critical issues surrounding password security and the innovative solutions being developed to address them. Andrew highlights the vulnerabilities of traditional passwords, their susceptibility to phishing and brute force attacks, and the significant advancements in passwordless authentication methods, particularly passkeys. He explains how passkeys, based on FIDO standards, utilize asymmetric public key cryptography to enhance security and reduce the risk of data breaches. The conversation also covers the broader implications of strong, user-friendly authentication methods for consumers and organizations, as well as the collaborative efforts of major industry players to make the internet a safer place. Additionally, Andrew highlights the importance of identity security in the context of these advancements, emphasizing how robust authentication methods can protect personal and organizational data. Tune in to learn about the future of authentication and the steps being taken to eliminate the reliance on passwords.

In this special episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman kick off the inaugural FIDO Feud—a game show packed with fun and informative challenges about digital identity. Team Glitterati, led by Megan Shamas, and Team Identifriends, led by Jim, face off in a series of rounds centered around common passwords, identity trends, and future threats to IAM. Enjoy witty banter, audience interaction, and a spirited competition, all while diving deep into the world of Identity and Access Management. Special thanks to the FIDO Alliance and RSM US LLP for making this special event possible! 00:00 Introduction to Identity at the Center 00:20 Welcome to FIDO Feud 01:18 Meet the Team Captains 01:47 Team Names and Random Members 02:46 Game Rules and Setup 04:22 Round 1: Easy-to-Guess Passwords 07:37 Round 2: Tired Trends in IAM 11:44 IAM Metrics Showdown 12:22 Successful Logins and Password Resets 13:04 User Satisfaction and Breaches 13:44 Enrollment and Abandon Rate 14:33 Final IAM Metrics 15:45 Biggest Future Threats to IAM 17:29 Unexpected Answers and Final Round 21:16 Winners and Closing Remarks Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com

Would you use an AI chatbot in your disagreements with your significant other? A discussion on mental health and the complexities with AI technology and social interactions. The FIDO Alliance published new specs to help promote credential portability. And Apple releases the next wave of upcoming Apple Intelligence features in the latest developer betas of iOS, macOS, and iPadOS. Emily Forlini of PCMag joins Mikah Sargent this week to discuss a humourous story from the subreddit r/AITAH, in which a user's girlfriend consults ChatGPT to help her in their arguments. Mikah shares a tragic case of a 14-year-old who took his own life after periods of interactions with an AI chatbot from Character.AI. Nick Steele and David Turner from the FIDO Alliance join the show to discuss the Alliance's new specifications involving passkeys and their portability. Dan Moren stops by to discuss the new Apple Intelligence features rolled out to the latest developer betas for iOS, iPadOS, and macOS. latest developer betas for iOS, iPadOS, and macOS. Content Warning: One of the following stories discusses the sensitive topic of suicide involving a minor. If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country. Hosts: Mikah Sargent and Emily Forlini Guests: Nick Steele and David Turner Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: threatlocker.com for Tech News Weekly shopify.com/twit uscloud.com INFO.ACILEARNING.COM/TWIT - code TWIT100

Would you use an AI chatbot in your disagreements with your significant other? A discussion on mental health and the complexities with AI technology and social interactions. The FIDO Alliance published new specs to help promote credential portability. And Apple releases the next wave of upcoming Apple Intelligence features in the latest developer betas of iOS, macOS, and iPadOS. Emily Forlini of PCMag joins Mikah Sargent this week to discuss a humourous story from the subreddit r/AITAH, in which a user's girlfriend consults ChatGPT to help her in their arguments. Mikah shares a tragic case of a 14-year-old who took his own life after periods of interactions with an AI chatbot from Character.AI. Nick Steele and David Turner from the FIDO Alliance join the show to discuss the Alliance's new specifications involving passkeys and their portability. Dan Moren stops by to discuss the new Apple Intelligence features rolled out to the latest developer betas for iOS, iPadOS, and macOS. latest developer betas for iOS, iPadOS, and macOS. Content Warning: One of the following stories discusses the sensitive topic of suicide involving a minor. If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country. Hosts: Mikah Sargent and Emily Forlini Guests: Nick Steele and David Turner Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: threatlocker.com for Tech News Weekly shopify.com/twit uscloud.com INFO.ACILEARNING.COM/TWIT - code TWIT100

Would you use an AI chatbot in your disagreements with your significant other? A discussion on mental health and the complexities with AI technology and social interactions. The FIDO Alliance published new specs to help promote credential portability. And Apple releases the next wave of upcoming Apple Intelligence features in the latest developer betas of iOS, macOS, and iPadOS. Emily Forlini of PCMag joins Mikah Sargent this week to discuss a humourous story from the subreddit r/AITAH, in which a user's girlfriend consults ChatGPT to help her in their arguments. Mikah shares a tragic case of a 14-year-old who took his own life after periods of interactions with an AI chatbot from Character.AI. Nick Steele and David Turner from the FIDO Alliance join the show to discuss the Alliance's new specifications involving passkeys and their portability. Dan Moren stops by to discuss the new Apple Intelligence features rolled out to the latest developer betas for iOS, iPadOS, and macOS. latest developer betas for iOS, iPadOS, and macOS. Content Warning: One of the following stories discusses the sensitive topic of suicide involving a minor. If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country. Hosts: Mikah Sargent and Emily Forlini Guests: Nick Steele, David Turner, and Dan Moren Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: threatlocker.com for Tech News Weekly shopify.com/twit uscloud.com INFO.ACILEARNING.COM/TWIT - code TWIT100

Would you use an AI chatbot in your disagreements with your significant other? A discussion on mental health and the complexities with AI technology and social interactions. The FIDO Alliance published new specs to help promote credential portability. And Apple releases the next wave of upcoming Apple Intelligence features in the latest developer betas of iOS, macOS, and iPadOS. Emily Forlini of PCMag joins Mikah Sargent this week to discuss a humourous story from the subreddit r/AITAH, in which a user's girlfriend consults ChatGPT to help her in their arguments. Mikah shares a tragic case of a 14-year-old who took his own life after periods of interactions with an AI chatbot from Character.AI. Nick Steele and David Turner from the FIDO Alliance join the show to discuss the Alliance's new specifications involving passkeys and their portability. Dan Moren stops by to discuss the new Apple Intelligence features rolled out to the latest developer betas for iOS, iPadOS, and macOS. latest developer betas for iOS, iPadOS, and macOS. Content Warning: One of the following stories discusses the sensitive topic of suicide involving a minor. If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country. Hosts: Mikah Sargent and Emily Forlini Guests: Nick Steele and David Turner Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: threatlocker.com for Tech News Weekly shopify.com/twit uscloud.com INFO.ACILEARNING.COM/TWIT - code TWIT100

Would you use an AI chatbot in your disagreements with your significant other? A discussion on mental health and the complexities with AI technology and social interactions. The FIDO Alliance published new specs to help promote credential portability. And Apple releases the next wave of upcoming Apple Intelligence features in the latest developer betas of iOS, macOS, and iPadOS. Emily Forlini of PCMag joins Mikah Sargent this week to discuss a humourous story from the subreddit r/AITAH, in which a user's girlfriend consults ChatGPT to help her in their arguments. Mikah shares a tragic case of a 14-year-old who took his own life after periods of interactions with an AI chatbot from Character.AI. Nick Steele and David Turner from the FIDO Alliance join the show to discuss the Alliance's new specifications involving passkeys and their portability. Dan Moren stops by to discuss the new Apple Intelligence features rolled out to the latest developer betas for iOS, iPadOS, and macOS. latest developer betas for iOS, iPadOS, and macOS. Content Warning: One of the following stories discusses the sensitive topic of suicide involving a minor. If you or someone you know is having thoughts of suicide or self-harm, please contact the 988 Suicide & Crisis Lifeline - call or text 988 or chat online at chat.988lifeline.org. If you are located outside the United States, please visit findahelpline.com to find a helpline in your country. Hosts: Mikah Sargent and Emily Forlini Guests: Nick Steele and David Turner Download or subscribe to this show at https://twit.tv/shows/tech-news-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: threatlocker.com for Tech News Weekly shopify.com/twit uscloud.com INFO.ACILEARNING.COM/TWIT - code TWIT100

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies liable for software security? Microsoft lost weeks of security logs. How hard did the try to fix the problem? The Chinese drone company DJI has sued the DoJ over its ban on DJI's drones. The DoJ wishes to acquire "DeepFake" technology to create fake people. Microsoft has bots pretending to fall for phishing campaigns, then leading the bad guys to their honeypots. It's diabolical and brilliant. A bit of BIMI logo follow-up, then... A look at the operation of the FIDO Alliance's forthcoming Credential Exchange Protocol which promises to create passkey collection portability Show Notes - https://www.grc.com/sn/SN-997-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: threatlocker.com for Security Now flashpoint.io lookout.com bitwarden.com/twit

A recent MIT report revealing that 78% of businesses face challenges in AI adoption due to weak data foundations. Despite high aspirations for AI, such as enhancing efficiency and fostering innovation, only a small percentage of business leaders feel adequately prepared to engage with AI technologies. The report highlights that data governance and quality are significant obstacles, emphasizing the need for organizations to address underlying data issues before embarking on AI projects.The episode also covers the FIDO Alliance's announcement at the Authenticate conference regarding the Credential Exchange Protocol (CXP), which aims to make passkeys portable across different digital ecosystems. This initiative, supported by major tech companies like Apple, Google, and Microsoft, seeks to standardize secure transfer processes for passkeys, reducing concerns over vendor lock-in. The growing acceptance of passwordless technology is underscored by Amazon's report of over 175 million customers activating passkeys, indicating a shift towards more secure digital practices.Host Dave Sobel contrasts the approaches of OpenAI and Anthropic in the realm of AI development. OpenAI's new O1 model family focuses on structured prompt generation for efficiency and accuracy, while Anthropic emphasizes a more conversational and engaging AI experience. This divergence in methodologies reflects the differing priorities of the two companies, with OpenAI aiming for structured outputs and Anthropic fostering a personable interaction style. Additionally, a study by Apple researchers reveals limitations in mathematical reasoning within large language models, stressing the importance of human oversight in decision-making processes.Finally, the episode highlights the need for organizations to modernize their cybersecurity strategies by adopting an identity-centric zero trust model. As hybrid work environments and AI technologies challenge traditional security practices, a zero-trust approach ensures that all access requests are verified, protecting sensitive resources from unauthorized access. Sobel also discusses the importance of fostering AI experimentation within organizations to bridge the gap between individual productivity gains and overall performance, encouraging a cultural shift towards embracing AI as an integral part of business strategy. Four things to know today00:00 78% of Businesses Struggle with AI Adoption Due to Weak Data Foundations, Says MIT Report02:12 FIDO Alliance Unveils New Protocol to Make Passkeys Portable Across Platforms03:56 OpenAI's Structured AI vs. Anthropic's Conversational AI: What It Means for Business Efficiency06:23 Why AI Experimentation and Zero-Trust Security Are the Future of Organizational Strategy   Supported by:  https://mspradio.com/engage/ Event: www.smbTechFest.com/Go/Sobel  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

In this episode, host Jim Love delves into sophisticated phishing attacks, cybersecurity initiatives, and significant changes in data security protocols. Listeners will learn about a national survey revealing that 53% of Canadians would switch banks after a data breach and hear insights on Apple's proposal to shorten SSL/TLS certificate lifespans. The episode also covers 23andMe's data breach and settlement, and introduces the FIDO Alliance's new protocol designed to enhance passkey portability across platforms. Emphasizing the importance of robust cybersecurity measures and user education, the discussion highlights advancements in passwordless authentication, as demonstrated by major implementations from companies like Amazon. This episode offers an in-depth look at current cybersecurity challenges and forward-thinking solutions in the realm of user authentication. 00:00 Introduction and Show Format Update 00:48 Canadian Banking Cybersecurity Concerns 01:14 Survey Insights and Financial Sector Responses 03:25 Customer Concerns and Communication Gaps 04:17 Financial Impact of Data Breaches 05:13 Apple's SSL/TLS Certificate Lifespan Proposal 06:20 Google's Push for Shorter Certificate Lifespans 07:24 23andMe Data Breach Settlement 09:55 FIDO Alliance and Passwordless Authentication 12:38 Conclusion and Show Notes

On this episode, Leo Laporte shows off his new Snapdragon Dev Kit to Paul Thurrott and Richard Campbell. He also tries setting it up, and the process is TOTALLY "seamless." AMD has revealed the Ryzen AI PRO 300 Series alongside Intel's launch of the Core Ultra 200S desktop processors. The FIDO Alliance has published new credential exchange specifications. Sarah Bond announces that Xbox games will be purchasable on Android. And Paul unveils his new "get rich" scheme... as he looks for some feedback. x86's Last Stand? Intel and AMD announce partnership that is clearly aimed at taking on Arm. Intel was already working on simplifying the x86 architecture by removing older, unused bits Don't worry, Intel and AMD will still compete. And AMD just released new AI processors, with Intel also announcing first Core Ultra chips for Desktop Which raises a question: Why do the desktop chips not meet the Copilot+ PC spec? Windows Redmond, we have a quality problem: 24H2 is besieged by a curious number of issues despite several months of gestation and a shared feature set with 23H2. Dev and Beta: Beta is minor, but Dev has some Taskbar updates Release Preview: New builds for 23H2 and 24H2 hint at this month's Week D preview updates - since this announcement, some features have been delayed Microsoft 365/Surfac Google Workspace is adding a OneDrive (for Business) data migration capability Is there some new cloud interoperability thing going on? We're seeing this in the consumer space too. Wondering if this is related to regulatory attention A Lunar Lake Surface Laptop? Probably not Passkeys Get Real As expected, FIDO Alliance will standardize passkey portability Two sides to this: Portability between devices but also import/export between password managers Amazon has 175 million customers using passkeys - one year after initial unveil Xbox With Google antitrust loss, Microsoft vaguely reveals that Xbox games are coming to Android Long-forgotten ability to stream games you purchased over Cloud Gaming is now coming soon Microsoft settles BS "Gamers' lawsuit" for what we hope was a pittance The only gamers with a case to sue Microsoft are Xbox fans - one year this week Call of Duty: Black Ops 6 and more are headed to Game Pass if anyone still cares Microsoft's Xbox Series X|S mid-season replacements are here, and they come with a fun surprise New Xbox wireless headset is incoming Microsoft to host Xbox Partner Preview tomorrow, October 17 Steam forced to communicate that you don't own anything you buy Tips and Picks Tip of the week: Check out the Thurrott swag App pick of the week: Arc browser, now native on Windows 11 on Arm! RunAs Radio this week: Pen Testing Yourself with Paula Januszkiewicz Brown liquor pick of the week: Jameson Irish Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: lookout.com threatlocker.com 1password.com/windowsweekly uscloud.com

On this episode, Leo Laporte shows off his new Snapdragon Dev Kit to Paul Thurrott and Richard Campbell. He also tries setting it up, and the process is TOTALLY "seamless." AMD has revealed the Ryzen AI PRO 300 Series alongside Intel's launch of the Core Ultra 200S desktop processors. The FIDO Alliance has published new credential exchange specifications. Sarah Bond announces that Xbox games will be purchasable on Android. And Paul unveils his new "get rich" scheme... as he looks for some feedback. x86's Last Stand? Intel and AMD announce partnership that is clearly aimed at taking on Arm. Intel was already working on simplifying the x86 architecture by removing older, unused bits Don't worry, Intel and AMD will still compete. And AMD just released new AI processors, with Intel also announcing first Core Ultra chips for Desktop Which raises a question: Why do the desktop chips not meet the Copilot+ PC spec? Windows Redmond, we have a quality problem: 24H2 is besieged by a curious number of issues despite several months of gestation and a shared feature set with 23H2. Dev and Beta: Beta is minor, but Dev has some Taskbar updates Release Preview: New builds for 23H2 and 24H2 hint at this month's Week D preview updates - since this announcement, some features have been delayed Microsoft 365/Surfac Google Workspace is adding a OneDrive (for Business) data migration capability Is there some new cloud interoperability thing going on? We're seeing this in the consumer space too. Wondering if this is related to regulatory attention A Lunar Lake Surface Laptop? Probably not Passkeys Get Real As expected, FIDO Alliance will standardize passkey portability Two sides to this: Portability between devices but also import/export between password managers Amazon has 175 million customers using passkeys - one year after initial unveil Xbox With Google antitrust loss, Microsoft vaguely reveals that Xbox games are coming to Android Long-forgotten ability to stream games you purchased over Cloud Gaming is now coming soon Microsoft settles BS "Gamers' lawsuit" for what we hope was a pittance The only gamers with a case to sue Microsoft are Xbox fans - one year this week Call of Duty: Black Ops 6 and more are headed to Game Pass if anyone still cares Microsoft's Xbox Series X|S mid-season replacements are here, and they come with a fun surprise New Xbox wireless headset is incoming Microsoft to host Xbox Partner Preview tomorrow, October 17 Steam forced to communicate that you don't own anything you buy Tips and Picks Tip of the week: Check out the Thurrott swag App pick of the week: Arc browser, now native on Windows 11 on Arm! RunAs Radio this week: Pen Testing Yourself with Paula Januszkiewicz Brown liquor pick of the week: Jameson Irish Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: lookout.com threatlocker.com 1password.com/windowsweekly uscloud.com

On this episode, Leo Laporte shows off his new Snapdragon Dev Kit to Paul Thurrott and Richard Campbell. He also tries setting it up, and the process is TOTALLY "seamless." AMD has revealed the Ryzen AI PRO 300 Series alongside Intel's launch of the Core Ultra 200S desktop processors. The FIDO Alliance has published new credential exchange specifications. Sarah Bond announces that Xbox games will be purchasable on Android. And Paul unveils his new "get rich" scheme... as he looks for some feedback. x86's Last Stand? Intel and AMD announce partnership that is clearly aimed at taking on Arm. Intel was already working on simplifying the x86 architecture by removing older, unused bits Don't worry, Intel and AMD will still compete. And AMD just released new AI processors, with Intel also announcing first Core Ultra chips for Desktop Which raises a question: Why do the desktop chips not meet the Copilot+ PC spec? Windows Redmond, we have a quality problem: 24H2 is besieged by a curious number of issues despite several months of gestation and a shared feature set with 23H2. Dev and Beta: Beta is minor, but Dev has some Taskbar updates Release Preview: New builds for 23H2 and 24H2 hint at this month's Week D preview updates - since this announcement, some features have been delayed Microsoft 365/Surfac Google Workspace is adding a OneDrive (for Business) data migration capability Is there some new cloud interoperability thing going on? We're seeing this in the consumer space too. Wondering if this is related to regulatory attention A Lunar Lake Surface Laptop? Probably not Passkeys Get Real As expected, FIDO Alliance will standardize passkey portability Two sides to this: Portability between devices but also import/export between password managers Amazon has 175 million customers using passkeys - one year after initial unveil Xbox With Google antitrust loss, Microsoft vaguely reveals that Xbox games are coming to Android Long-forgotten ability to stream games you purchased over Cloud Gaming is now coming soon Microsoft settles BS "Gamers' lawsuit" for what we hope was a pittance The only gamers with a case to sue Microsoft are Xbox fans - one year this week Call of Duty: Black Ops 6 and more are headed to Game Pass if anyone still cares Microsoft's Xbox Series X|S mid-season replacements are here, and they come with a fun surprise New Xbox wireless headset is incoming Microsoft to host Xbox Partner Preview tomorrow, October 17 Steam forced to communicate that you don't own anything you buy Tips and Picks Tip of the week: Check out the Thurrott swag App pick of the week: Arc browser, now native on Windows 11 on Arm! RunAs Radio this week: Pen Testing Yourself with Paula Januszkiewicz Brown liquor pick of the week: Jameson Irish Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: lookout.com threatlocker.com 1password.com/windowsweekly uscloud.com

On this episode, Leo Laporte shows off his new Snapdragon Dev Kit to Paul Thurrott and Richard Campbell. He also tries setting it up, and the process is TOTALLY "seamless." AMD has revealed the Ryzen AI PRO 300 Series alongside Intel's launch of the Core Ultra 200S desktop processors. The FIDO Alliance has published new credential exchange specifications. Sarah Bond announces that Xbox games will be purchasable on Android. And Paul unveils his new "get rich" scheme... as he looks for some feedback. x86's Last Stand? Intel and AMD announce partnership that is clearly aimed at taking on Arm. Intel was already working on simplifying the x86 architecture by removing older, unused bits Don't worry, Intel and AMD will still compete. And AMD just released new AI processors, with Intel also announcing first Core Ultra chips for Desktop Which raises a question: Why do the desktop chips not meet the Copilot+ PC spec? Windows Redmond, we have a quality problem: 24H2 is besieged by a curious number of issues despite several months of gestation and a shared feature set with 23H2. Dev and Beta: Beta is minor, but Dev has some Taskbar updates Release Preview: New builds for 23H2 and 24H2 hint at this month's Week D preview updates - since this announcement, some features have been delayed Microsoft 365/Surfac Google Workspace is adding a OneDrive (for Business) data migration capability Is there some new cloud interoperability thing going on? We're seeing this in the consumer space too. Wondering if this is related to regulatory attention A Lunar Lake Surface Laptop? Probably not Passkeys Get Real As expected, FIDO Alliance will standardize passkey portability Two sides to this: Portability between devices but also import/export between password managers Amazon has 175 million customers using passkeys - one year after initial unveil Xbox With Google antitrust loss, Microsoft vaguely reveals that Xbox games are coming to Android Long-forgotten ability to stream games you purchased over Cloud Gaming is now coming soon Microsoft settles BS "Gamers' lawsuit" for what we hope was a pittance The only gamers with a case to sue Microsoft are Xbox fans - one year this week Call of Duty: Black Ops 6 and more are headed to Game Pass if anyone still cares Microsoft's Xbox Series X|S mid-season replacements are here, and they come with a fun surprise New Xbox wireless headset is incoming Microsoft to host Xbox Partner Preview tomorrow, October 17 Steam forced to communicate that you don't own anything you buy Tips and Picks Tip of the week: Check out the Thurrott swag App pick of the week: Arc browser, now native on Windows 11 on Arm! RunAs Radio this week: Pen Testing Yourself with Paula Januszkiewicz Brown liquor pick of the week: Jameson Irish Whiskey Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to this show at https://twit.tv/shows/windows-weekly Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: lookout.com threatlocker.com 1password.com/windowsweekly uscloud.com

CISA adds a Fortinet flaw to its “must patch” list. Splunk releases fixes for 11 vulnerabilities in Splunk Enterprise. ErrorFather is a new malicious Android banking trojan. New evidence backs secure-by-design practices. CISA warns that threat actors are exploiting unencrypted persistent cookies. The FIDO Alliance standardizes passkey portability. Cybercriminals linger on Telegram. On our Industry Voices segment today, our guest is Matt Radolec, Vice President, Incident Response and Cloud Operations at Varonis, discussing how AI amplifies the need for data privacy regulation and opens doors for abuse. We mark the passing of the co creator of the BBS. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment today, our guest is Matt Radolec, Vice President, Incident Response and Cloud Operations at Varonis, discussing how AI amplifies the need for data privacy regulation and opens doors for abuse. Selected Reading Tens of thousands of IPs vulnerable to Fortinet flaw dubbed 'must patch' by feds (CyberScoop) Fortinet FortiGuard Labs Observes Darknet Activity Targeting the 2024 United States Presidential Election (Fortinet) Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities (SecurityWeek) Cerberus Android Banking Trojan Deployed in New Multi-Stage Malicious Campaign (Infosecurity Magazine) Organizations can substantially lower vulnerabilities with secure-by-design practices, report finds (CyberScoop) Eight Million Users Download 200+ Malicious Apps from Google Play (Infosecurity Magazine) TrickMo malware steals Android PINs using fake lock screen (Bleeping Computer) CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (Bleeping Computer) FIDO Alliance is Standardizing Passkey Portability (Thurrott) So far, cybercriminals appear to be just shopping around for a Telegram alternative (The Record) Ward Christensen, BBS inventor and architect of our online age, dies at age 78 (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of the Identity at the Center podcast, Jeff and Jim discuss the intricacies of authentication with Andrew Shikiar, Executive Director and CEO of the FIDO Alliance. The conversation covers various aspects of authentication including different use cases, the importance of passkeys, and regional adoption trends. They also highlight the upcoming Authenticate 2024 conference in Carlsbad, California, emphasizing its unique value for identity experts and practitioners. Listeners are encouraged to take advantage of early bird pricing and discount codes for the event linked below. 00:00 Welcome to the Identity at the Center Podcast 01:36 Podcast Milestones and Schedule 02:42 Engaging with the Audience 04:35 Introducing the Guest: Andrew Shikiar 07:34 FIDO Alliance and Passkeys Overview 10:12 The Importance of Passwordless Authentication 18:23 Authenticate Conference Highlights 22:07 Conference Details and Registration 26:19 Networking and Conference Challenges 26:35 Session Tracks and Remote Participation 28:02 FIDO APAC Summit in Kuala Lumpur 29:38 Highlights of the Authenticate Conference 32:21 Identity Verification and Adjacent Technologies 34:28 Live Podcasts and Interactive Sessions 35:59 Fun Activities and Networking at Authenticate 39:52 Travel Experiences and Final Thoughts Connect with Andrew: https://www.linkedin.com/in/andrewshikiar/ Learn more about the FIDO Alliance: https://fidoalliance.org/ Authenticate Conference - Use code IDAC15 for 15% off: https://authenticatecon.com/event/authenticate-2024-conference/ FIDO Alliance Shop - https://shop.fidoalliance.org/ - Use code IDAC10 for a discount on your purchase! Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

Microsoft's President admits security failures in congressional testimony. Paul Nakasone joins OpenAI's board. The feds hold their first AI tabletop exercise. CISA reports on the integration of space-based infrastructure. Cleveland city hall remains closed after a cyber attack. Truist commercial bank confirms a data breach. Rockwell Automation patches three high-severity vulnerabilities. University of Illinois researchers develop autonomous AI hacking agents. Arynn Crow, Sr Manager of AWS User Authentication Products, talks with N2K's Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Can an AI run for mayor? Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In the first of our interviews captured during the AWS re:Inforce event this past week, guest Arynn Crow, Senior Manager of AWS User Authentication Products, talks with N2K's Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Selected Reading Microsoft Admits Security Failings Allowed China's US Government Hack (Infosecurity Magazine) OpenAI adds Trump-appointed former NSA director Paul M. Nakasone to its board (The Washington Post) CISA leads first tabletop exercise for AI cybersecurity (CyberScoop) New CISA report addresses zero trust in space, boosting security for satellites and ground infrastructure (Industrial Cyber)  CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) Insurance giant Globe Life investigating web portal breach (Bleeping Computer) Cleveland remains paralyzed by cyberattack (News 5 Cleveland) Truist Bank confirms breach after stolen data shows up on hacking forum (Bleeping Computer) Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE (SecurityWeek) Researchers at the University of Illinois have developed AI Agents that can Autonomously Hack Websites and Find Zero-Day Vulnerabilities (MarkTechPost) Wyoming mayoral candidate wants to govern by AI bot (Ars Technica)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices