Audio is streamed directly from the publisher (media.grc.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
After we catch up with interesting security news of the past week, Leo and I examine Google's surprising, controversial, and unilateral decision to suddenly and significantly deprecate ALL web server certificates signed by SHA-1 that will be valid past 2016 - even though 92% of certificates (with lives of at least two years) signed in January 2014 were SHA-1.