Why are code signing certificates suddenly so expensive, short-lived, and tangled in red tape? Leo Laporte and Steve Gibson dig into Microsoft's "three-day certificates," the hidden costs for developers, and the security tradeoffs no one saw coming.
A look at Microsoft's Azure cloud code signing.
California implements DROP, global data broker opt-out.
Where's the town of "Whata Bod" Idaho.
iOS built-in Mail app worked itself out of a job.
A 30-minute tutorial for non-coders about AI coding.
Claude Code appears to be winning over the AI coding world.
Various listener musings on code signing.
A bit of Magnesium feedback.
What use are 3-day code signing certs?
Show Notes - https://www.grc.com/sn/SN-1060-Notes.pdf
Hosts: Steve Gibson and Leo Laporte
Download or subscribe to Security Now at https://twit.tv/shows/security-now.
You can submit a question to Security Now at the GRC Feedback Page.
For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
Join Club TWiT for Ad-Free Podcasts!
Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit
Sponsors:
material.security
zscaler.com/security
hoxhunt.com/securitynow