Oops! I auto-filled my password into a cookie banner

We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault.

Then we time-hop to the post-quantum scramble: "harvest-now, decrypt later", Microsoft's 2033 quantum-safe pledge, and whether your printer will survive the update apocalypse.

All this, plus a gloriously dodgy URL “shadyfier,” and turning the iconic iMac G4 into a modern media hub.

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veteran Graham Cluley, joined this week by special guest Thom Langford.

EPISODE LINKS:

• DOM-based Extension Clickjacking: Your Password Manager Data at Risk - Marek Tóth.
• Major password managers can leak logins in clickjacking attacks - Bleeping Computer.
• Microsoft to Make All Products Quantum Safe by 2033 - Infosecurity Magazine.
• Shady URL.
• DockLite G4 - Juicy Crumb.
• I perfected the iMac G4 - YouTube.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

ENJOYED THE SHOW?

Make sure to check out our sister podcast, "The AI Fix".