New Episode of Security Now: Security Now 1015

In this episode of Security Now, Steve Gibson and Leo Laporte tackle several crucial topics related to cybersecurity and emerging technologies. The episode begins with a discussion on Firefox's new privacy policy, which has raised concerns among users. Mozilla has changed its policy to no longer promise never to sell users' personal data, alarming many users. However, Steve Gibson explains that this change is likely due to legal constraints and that Mozilla remains committed to protecting user privacy. He points out that Mozilla's previous promises may have been too ambitious, and the new wording allows the company to comply with legal requirements while continuing to offer strong protections. Another important topic addressed is Signal's threat to leave Sweden in response to proposed legislation that would require communication services to allow law enforcement access to message content. Steve Gibson discusses the implications of this legislation and Signal's response, highlighting that it could have global repercussions for communication privacy. He also compares the situation to Apple's response to similar demands in the UK, where Apple disabled certain privacy features for British users. The episode also covers recent advances in wireless jamming technology, particularly a new method called "spatial domain wireless jamming." This technology uses reconfigurable intelligent surfaces (RIS) to precisely target jamming signals at specific devices while leaving neighboring devices unaffected. Steve Gibson explains how this technology works by passively reflecting ambient radio signals rather than actively emitting jamming signals, making it undetectable and highly effective for targeting specific devices. Another key point of the discussion is the importance of memory-safe programming languages. Steve Gibson discusses an article from the Association for Computing Machinery (ACM) advocating for the standardization of memory safety principles and practices. He explains that memory-safe languages like Rust, Go, and Java can eliminate an entire class of common security vulnerabilities. He encourages developers to adopt these languages to improve the security and stability of their applications. The episode concludes with a discussion on the practical implications of these technologies and policies for users and developers. Steve Gibson and Leo Laporte emphasize the importance of staying informed about the latest advances in cybersecurity and adopting secure development practices. They also encourage users to support organizations fighting for communication privacy and security.