Security Now 1049: DNS Cache Poisoning Returns

Just when you thought DNS cache poisoning was a thing of the past, Steve and Leo reveal why this 17-year-old bug is making a dramatic comeback—and why most DNS resolvers still can't manage high-quality random numbers after all this time. The unsuspected sucking power of a Linux-based robot vacuum. Russia to follow China's vulnerability reporting laws. A pair of Scattered Spider UK teen hackers arrested. Facebook,Instagram and TikTok violating the EU's DSA. Microsoft Teams bringing user WiFi tracking bypolicy. You backed up. That's great. Did you test that backup? Coveware reports all-time lowransomware payment rate. Ransomware negotiator reports how the bad guys get in. Lots of listener thoughts and feedback about NIST passwords. And against all reason and begging credulity, it seems we still haven't managed to put high-quality random number generators into our DNS resolvers. Show Notes - https://www.grc.com/sn/SN-1049-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow zapier.com/securitynow 1password.com/securitynow veeam.com zscaler.com/security

Apple held a special developer event for immersive media experiences last week, and some of MacBreak's own were there! Did Apple reduced production levels for its iPhone Air? Apple crosses the $4 trillion market cap. And what's going on with Apple's lawsuit against Jon Prosser? Apple holds special developer event touting immersive media experiences for Vision Pro. Samsung takes on Apple's Vision Pro with new Galaxy XR headset. Apple iPhone Air cuts mean very little in October 2025. iPhone Air production cut orders may not be true. The UK CMA says it will label Apple and Google as having "strategic market status", imposing stricter rules on how they run their platforms to boost competition. US judge decertifies Apple app store class action. Apple crosses $4 trillion market cap for the first time. Apple begins shipping American-made AI servers from Texas. Apple says Jon Prosser 'has not indicated' when he may respond to lawsuit. Apple readies new framework to let iPhone users migrate app data to and from Android. iPhone 18 Pro could gain satellite 5G as SpaceX chases Apple partnership. Apple seeds iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1 release candidates. Picks of the Week Alex's Pick: Blackmagic Camera Leo's Picks: Adobe's Project Indigo & Casio's G-Shock Nano DWN-5600 Andy's Pick: Susan Kare's Prints Jason's Pick: Daft Music Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to MacBreak Weekly at https://twit.tv/shows/macbreak-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: auraframes.com/ink zapier.com/macbreak outsystems.com/twit cachefly.com/twit

When a major Amazon cloud outage brings everything from smart mattresses to Snapchat grinding to a halt, what does it reveal about our digital fragility—and are we trusting the cloud a little too much? A Single Point of Failure Triggered the Amazon Outage Affecting Million Pluralistic: The mad king's digital killswitch (20 Oct 2025) Trump and Xi will 'consummate' TikTok deal on Thursday, treasury secretary says 3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation Can YouTube Replace 'Traditional' TV? All the implications of F1's game-changing TV move Foreign hackers breached a US nuclear weapons plant via SharePoint flaws Browser Promising Privacy Protection Contains Malware-Like Features, Routes Traffic Through China iCloud data helps crack NBA and mob poker scheme Rubbish IT systems cost the US at least $40bn during Covid: study Counter-Strike cosmetics economy loses nearly $2 billion in value overnight GM to introduce eyes-off, hands-off driving system in 2028 WordPress co-founder files countersuit against WP Engine over trademark violations a16z-Backed Startup Sells Thousands of 'Synthetic Influencers' to Manipulate Social Media as a Service Bill Gates-Backed 345 MWe Advanced Nuclear Reactor Secures Crucial US Approval Programmer Gets Doom Running On a Space Satellite Host: Leo Laporte Guests: Richard Campbell and Doc Rock Download or subscribe to This Week in Tech at https://twit.tv/shows/this-week-in-tech Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: deel.com/twit zapier.com/twit helixsleep.com/twit expressvpn.com/twit zscaler.com/security

The Xubuntu torrent was hijacked! There's a performance shootout between Windows and Linux, Austria is going its own way, and Canonical inflicts damage on themselves. Then, Asahi Linux is still rolling, Digikam gains some Wayland features, and Mobian is coming for your phones! For tips we have easyssh, barrier for software KVM, the difference between echo and printf, and a quick intro to an Open Source game, Cataclysm: Dark Days Ahead! You can find the show notes at http://bit.ly/4qorX5b and enjoy! Host: Jonathan Bennett Co-Hosts: Jeff Massie, Rob Campbell, and Ken McDonald Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

On Hands-On Tech, listener Ozzie asks Mikah Sargent how to repurpose a 2010 MacBook Pro so they can avoid recycling it. Send in your questions for Mikah to answer to [email protected]. Host: Mikah Sargent Download or subscribe to Hands-On Tech at https://twit.tv/shows/hands-on-tech Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Lander, lander, who's got the lander? Last week, acting NASA Administrator Sean Duffy announced that the agency would be re-opening the contract for the Artemis III lunar lander, which had previously been let to SpaceX to be fulfilled by their Starship Human Landing System. Unfortunately, that effort is well behind schedule, and the Trump administration has made landing astronauts on the moon, before China does, a national priority. With multiple refuelings and landing tests required, there is concern that SpaceX may not be able to fulfill their commitment before China's announced landing date of 2030. Elon Musk responded to the announcement with characteristic tack, with phrasing like "Sean Dummy" and him having a two-digit IQ. Mike Wall of Space.com joins us to dive into this rapidly evolving story. Headlines: • Texas vs. the Smithsonian: The Fight Over Space Shuttle Discovery Heats Up • Artemis II Moon Rocket Fully Assembled, Awaits Rollout • California Senator Pushes State Funding to Support JPL Amid Federal Cuts • SpaceX Sets Record with 139 Launches, ULA Struggles to Keep Up • New Super-Earth Discovered Just 20 Light Years Away Near Gemini Main Topic: The Lunar Lander Dilemma for Artemis III and Beyond • NASA Acting Chief Sean Duffy Announces Reopening Artemis III Lunar Lander Contract • SpaceX's Starship Faces Orbital Refueling Challenges and Timeline Doubts • Blue Origin Lurking in the Wings: Can They Deliver a Lander On Time? • Political Pressures: China's Moon Plans Drive US Urgency • Spacesuit Development Delays Threaten Artemis Timelines • NASA's Budget Woes and Layoffs Cloud Roadmap for Future Moon Missions • Speculation on Jared Isaacman's Potential Leadership of NASA • Broader Uncertainty Over Artemis IV, V, and Long-Term Lunar Strategy Hosts: Rod Pyle and Tariq Malik Guest: Mike Wall Download or subscribe to This Week in Space at https://twit.tv/shows/this-week-in-space. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit

Emily Forlini of PCMag joins Mikah Sargent on Tech News Weekly! Microsoft launched its fall feature drop for Copilot, including a new AI avatar called Mico. Amazon is making headlines with its robotic automation efforts and also unveiled new AR smart glasses for delivery drivers. Jason Howell stops by to discuss Samsung's new Galaxy XR headset, their answer to Apple's Vision Pro. Emily discusses Microsoft's new AI avatar Mico, introduced as part of Copilot's fall feature drop with 12 new features, including group project tools and health Q&A. Emily and Mikah debate whether anyone actually wants 'real talk' with a chatbot. Mikah covers Amazon's continued automation push, replacing warehouse positions with robots as the company expands its use of robotics throughout its logistics operations. Emily weighs in with her inside knowledge on what this means for real workers. Jason Howell joins to talk about Samsung's new $1,799 Galaxy XR headset positioning itself as a direct competitor to Apple's Vision Pro. He explains why built-in Gemini AI makes it special and why smart glasses might ultimately beat big VR headsets. Mikah dives into Amazon's new AR smart glasses designed for delivery drivers, featuring hands-free navigation, package scanning, hazard detection, and automatic proof-of-delivery photo capture—all displayed directly in the driver's field of view. Hosts: Mikah Sargent and Emily Forlini Guest: Jason Howell Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit auraframes.com/ink outsystems.com/twit threatlocker.com/twit

Tron: Ares is the third installment in the Tron franchise from Disney, which spans over 40 years. Scott Wilkinson saw it in IMAX 3D and gives his review here. Is it worth $25 or more to see it in IMAX? Host: Scott Wilkinson Download or subscribe to Home Theater Geeks at https://twit.tv/shows/home-theater-geeks Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Is Windows 11 on ARM finally ready for gaming? Paul Thurrott puts new Snapdragon-powered laptops to the test with both classics and demanding titles, revealing some unexpected wins and ongoing hurdles. Host: Paul Thurrott Download or subscribe to Hands-On Windows at https://twit.tv/shows/hands-on-windows Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This episode demonstrates how Spotlight's new "actions" feature quietly transforms your workflow, adapting to the app you're using and what you copy, delivering shortcuts you never knew you needed. Discover how to create lightning-fast quick keys in Spotlight, letting you instantly send emails, print documents, or launch commands in your favorite apps. Spotlight actions get personal—suggestions adapt to your app usage Third-party apps feed custom actions into Spotlight Actions adapt to your current app like Photos & Notes Context-aware Spotlight pulls menu bar commands and clipboard data Quick Keys for Spotlight actions let you set up fast shortcuts Real-world examples: creating shortcuts for email, Finder, and printer tasks Spotlight actions connect workflows—print PDFs and automate simple actions Host: Mikah Sargent Download or subscribe to Hands-On Apple at https://twit.tv/shows/hands-on-apple Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.