New Episode of Security Now: Security Now 1051

In this episode of Security Now, Steve Gibson and Leo Laporte discuss several key topics related to computer security. One of the most interesting points is the discussion on FFMPEG's use of assembly language and the potential benefits of this approach. Steve explains that FFMPEG has announced they will start offering assembly lessons to help developers improve FFMPEG's performance. Although this announcement has generated a lot of interest, Steve remains skeptical about the claimed performance gains, noting that the improvements likely come from the use of processor-specific vector instructions, which can be used even without resorting to assembly language.

Another important topic discussed is the recent ransomware attack on the State of Nevada. Steve details how a state employee clicked on a malicious advertisement, leading to the installation of a malicious system administration tool. The attack was discovered in August, and the State refused to pay the ransom, opting instead for a complete recovery of its systems within four weeks. Steve highlights the effectiveness of the State's response, which allowed services to be restored without paying the cybercriminals.

Steve also discusses a sophisticated attack on a decentralized finance (DeFi) platform called Balancer, where attackers exploited a rounding error to steal $128 million. This complex attack involved the use of micro-swaps to amplify precision losses, allowing the attackers to manipulate token prices and extract value. Steve concludes that, while the attack is impressive, it highlights the inherent risks of DeFi platforms and the need to understand the underlying mechanisms.

The podcast also covers Chrome's decision to add an autofill feature for driver's license numbers and vehicle information. Steve expresses concerns about the security and privacy of this information, noting that while Google protects the data, the websites to which it is transmitted may not be as secure. He questions Google's motivations for adding this feature, suggesting it could be related to future age verification requirements.

Another point discussed is the upcoming removal of the XSLT feature from web browsers. Steve explains that XSLT is an obsolete technology used to transform XML documents into HTML. Although it was useful in the past, it has become a source of security vulnerabilities. Major browsers, including Chrome, Firefox, and Safari, plan to remove this feature to improve overall web security.

Steve also mentions the UK's decision to block spoofed international phone numbers, a measure aimed at reducing fraudulent calls. This initiative could serve as a model for other countries seeking to protect their citizens from telephone scams.

The podcast concludes with a discussion on the controversy between Amazon and Perplexity AI regarding the use of AI agents to make purchases on Amazon. Amazon accuses Perplexity of circumventing its restrictions and masking AI agent activity as human. Perplexity, on the other hand, argues that its agents act on behalf of users and should have the same permissions. Steve notes that this controversy raises important questions about the agency of AI agents and how websites should interact with these new autonomous actors.

In conclusion, this episode of Security Now provides an in-depth look at the latest trends and controversies in computer security, while offering valuable insights into the practical implications of these developments.