Summary: Join intrepid hosts, Justin Freid, Harry Marks, and Chaim Cohen as they traverse the week's biggest tech news in a rapid-fire roundtable discussion before your very ears.
In this episode we talk about antivirus, and the lack of need for it. That is correct, we are saying to ditch commercial antivirus and use the built in offerings.
https://www.forbes.com/sites/zakdoffman/2020/01/30/severe-perfect-100-microsoft-flaw-confirmed-this-is-a-cloud-security-nightmare/ https://arstechnica.com/tech-policy/2020/01/ajit-pai-carrier-sales-of-phone-location-data-is-illegal-fcc-plans-punishment/ https://www.engadget.com/2020/02/04/google-photos-bug-videos/ https://mobile.twitter.com/aphyr/status/1133484519942774784 https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation https://blog.avast.com/a-message-from-ceo-ondrej-vlcek
Microsoft support database leak: https://www.comparitech.com/blog/information-security/microsoft-customer-service-data-leak/ Lastpass is having issues: https://www.bleepingcomputer.com/news/security/lastpass-mistakenly-removes-extension-from-chrome-store-causes-outage/ Does Apple Encrypt Backups (No, but listen): https://www.reuters.com/article/us-apple-fbi-icloud-exclusive/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT Android encryption: https://security.googleblog.com/2018/10/google-and-android-have-your-back-by.html
We talk about a few nasty bugs. One in Citrix, one in firefox that are being actively exploited. We then talk about how easy it is to be SIM jacked https://www.zdnet.com/article/this-free-windows-10-upgrade-offer-still-works-heres-why-and-how-to-get-it/ https://arstechnica.com/information-technology/2020/01/firefox-gets-patch-for-critical-zeroday-thats-being-actively-exploited/ SIM swap attack: https://www.androidpolice.com/2020/01/14/princeton-sim-swap-hijacking-phone-numbers-paper/ citrix: https://threatpost.com/unpatched-citrix-flaw-exploits/151748/ https://www.androidpolice.com/2020/01/14/princeton-sim-swap-hijacking-phone-numbers-paper/
We start the new year off with back to basics. In this episode we talk about backing up. What is backing up, the best ways to back up, and some free and paid options.
California implemented the “Strongest” consumer privacy act so far, unfortunately we are underwhelmed with it. https://caprivacy.github.io/caprivacy/ https://oag.ca.gov/data-broker/register
In less than a month Windows 7 will stop getting security updates. While we don’t tell you to go to Windows 10, for most people that will be your best option. However, we talk about some Linux distros, ChromeOS, and OSX
Once again, we talk about about passwords. At this point, you have no choice ut to use a password manager.
We take a look at why you should give Firefox another try. There are a few key differences when it comes to the privacy side that Chrome doesn’t have.
We have many stories of manufacturers failing to support their smart devices. Best buy Insignia TV’s will drop smart support. Netflix is dropping support on old roku Iris (Lowe’s smart hub) was stopped a few months ago Nest Google issue
side channel attacks – we’ve kind of covered this, but it’s probably good to revisit it a bit. Good food for thought. Google buying Fitbit Who is gathering data about you? (Loyalty cards, cable boxes, isp dns)
In today’s episode we plug Adversarialfashion.com. Clothing to thwart license plate readers. Phishing scam: https://twitter.com/DigitalLawyer/status/1181348689756864513https://twitter.com/DigitalLawyer/status/1181348689756864513 Backing up.
We just fly threw the news topics this week. WhatsApp bug: https://amp.news.com.au/technology/online/hacking/whatsapp-users-urged-to-update-as-hackers-break-into-phones-just-by-sending-them-a-gif/news-story/6fc5159ad8a406c9d7d7383067d8f645 Twitter 2FA issues: https://boingboing.net/2019/10/08/twitter-admits-two-factor-logi.html FBI spied on citizens: https://www.theverge.com/2019/10/8/20905678/fbi-violated-americans-privacy-rights-court-ruling-fisc-surveillance-nsa No more mixed content for TLS: https://security.googleblog.com/2019/10/no-more-mixed-messages-about-https_3.html iterm2 software issue: https://blog.mozilla.org/security/2019/10/09/iterm2-critical-issue-moss-audit/
We had nothing overly general to talk about, so we decided to talk about Candy. We used this picture:
Twitter’s CEO Jack Dorsey, was a victim of SIM Jacking. We spend our show talking about why SIM jacking is a thing, and how you can protect yourself.