Security Now

Security Now! is a weekly podcast hosted by Steve Gibson and Leo Laporte. It was the second show to premiere on the TWiT Network, launching in summer 2005. The first episode, “As the Worm Turns”, was released on August 19, 2005.

Security Now! consists of a discussion between Gibson and Laporte on issues of computer security and, conversely, insecurity. Covered topics have included security vulnerabilities, firewalls, password security, spyware, rootkits, Wi-Fi, virtual private networks, and virtual machines.

Podcast feed
Security Now! is distributed via its main podcast RSS feed and on the GRC Security Now! page. In addition to audio, text transcriptions are published, along with Gibson distributing a low-bandwidth 16 kbit/s version of the show on his own for those with low-bandwidth sources such as satellite internet or dial-up.

The podcast runs for approximately two hours, typically starting with security news. Then Gibson reads a testimonial for his software SpinRite. The remainder of the show is spent on a particular theme. During the show some advertisements for 3rd party commercial products or services are read out, by co-host Leo Laporte.

Bi-weekly "Mailbag" episodes answer questions and respond to feedback submitted by listeners.

Popularity
In August 2007, Security Now! won in the People's Choice Podcast Awards Technology/Science category. In August 2006, Security Now! ranked fourth in the "Top 40" of all podcasts listened to via the PodNova service. Security Now! averaged around 100,000 downloads per episode throughout 2006. At the end of 2015, Security Now was number 4 on the Top 40 US Technology Podcasts, making it the highest weekly TWiT.tv podcast. In October 2021 it was #6 on Apple Podcasts — US tech news, and #330 of global all podcasts.

Windows Metafile controversy
In January 2006, Steve Gibson accused Microsoft of intentionally putting a backdoor into the Windows Metafile processing code in Windows 2000 and Windows XP. Gibson claimed that while reverse engineering the Windows Metafile format, he could run arbitrary code by using a "nonsensical" value in the metafile, and concluded Microsoft had intentionally designed Windows this way so it could run code on Windows computers without the user's knowledge. Microsoft's Stephen Toulouse responded in a Microsoft Security Response Center blog post the next day, saying the behavior was not intentional.