• Last week's news about evidence of LastPass vault decryption targeting cryptocurrency keys, and the UK's backing down on its encryption monitoring legislation.


• How hardware security modules (HSMs) allow cryptographic operations like code signing without exposing private keys.


• Browser identity segregation using multiple profiles rather than separate browsers.


• Requirements and best practices for securely wiping data from modern solid state drives.


• A countdown clock for the 32-bit UNIX time rollover in the year 2038.


• Steve's plan to move off Twitter and onto email lists for Security Now communication.


• A deep dive into cryptographic hash collisions, using fewer hash bits, and balancing anonymity with statistical meaning.

Show Notes - https://www.grc.com/sn/SN-940-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• bitwarden.com/twit


• joindeleteme.com/twit promo code TWIT


• drata.com/twit