inThirty
Summary: Join intrepid host Justin Freid as he traverses the week's biggest tech news in a rapid-fire roundtable discussion before your very ears.
- Visit Website
- RSS
- Artist: inThirty.net
- Copyright: Copyright 2013, inThirty.net
Podcasts:
Today we are talking about the freedom phone. A new phone without “Censorship from Big Tech.” This is a scam, but why? We discuss: https://freedomphones.net/ https://www.aliexpress.com/item/1005001468394552.html https://freedomphones.net/pages/pixel-4-series https://arstechnica.com/gadgets/2021/07/the-maga-targeted-freedom-phone-has-a-breathtaking-amount-of-red-flags/
The big topic of the week is that if you had a Western Digital MyBook from 2015, there was a bug/exploit that wiped all your data. We talk about the bug, and whose fault it is (WD). Then we finished up with their response, which was as good as can be given the circumstances. https://arstechnica.com/gadgets/2021/06/hackers-exploited-0-day-not-2018-bug-to-mass-wipe-my-book-live-devices/ https://www.bleepingcomputer.com/news/security/wd-my-book-nas-devices-are-being-remotely-wiped-clean-worldwide/
We cover two recent stories on what we call “Good Police Work.” Without breaking encryption, the police find ways to catch criminals. How the FBI Tricked Criminals into Using its Messaging App https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside
We go on a rant about cookies, and the cookie laws. Countries are talking about simplifying the law to create “acceptable cookie levels” in browsers, this means you’ll need to set this for every device and every browser. Banner BlindnessUser Training https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32002L0058
In this episode we discuss patents. We focus on patent trolls and software patents. https://www.ted.com/talks/drew_curtis_how_i_beat_a_patent_troll/transcript?language=en#t-279192 https://blog.cloudflare.com/the-project-jengo-saga-how-cloudflare-stood-up-to-a-patent-troll-and-won/
In this episode we discuss the Colonial Gas Pipeline ransomware attack. https://krebsonsecurity.com/2021/05/a-closer-look-at-the-darkside-ransomware-gang/
Our two main stories is how Signal found a Cellebrite hardware analyzer. Then they say they found a bunch of vulnerabilities https://signal.org/blog/cellebrite-vulnerabilities/
Signal is testing a new payment method that we are not thrilled about. Yes, they want to solve a hard problem, but we don’t think this is it. We end with the Google vs Oracle decision. https://signal.org/blog/update-on-beta-testing-payments/ https://en.wikipedia.org/wiki/Google_LLC_v._Oracle_America,_Inc.#Supreme_Court
We talk about two significant user leaks that happened recently. Facebook: https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/ Ubiquiti: https://krebsonsecurity.com/2021/04/ubiquiti-all-but-confirms-breach-response-iniquity/
We talk mainly about privacy in today’s show. One thing I’ve been thinking about is literally how do you prove your vaccination status. Seriously! Not just the card, but actual proof
TLDR: Give up on securing email. Its a trashfire and wasn’t design with security in mind. Everything about email from the protocol, to the clients, to the layers and layers of stuff built on top of it isn’t designed with security in mind.
LastPass has decided to start charging for something that was once free. We discuss your options in the free space. Browser based password management is fine, but a third party is better. Bitwarden is free and open source. Chaim has used it for a year, and likes it.
Forbes put out an article on how Signal has some weaknesses using the after first unlock theory.TL;DR – Yes, but not limited to signal. Power off your phone if you are worried. https://www.forbes.com/sites/thomasbrewster/2021/02/08/can-the-fbi-can-hack-into-private-signal-messages-on-a-locked-iphone-evidence-indicates-yes/?sh=27331c526624
Chaim talks about Fitness+ with Casey Liss. How do two non entirely in shape tech nerds feel about Apple’s new offering. TL;DR we like it. Special thanks to Casey Liss | https://www.caseyliss.com/ Casey’s initial Fitness+ Review | https://pca.st/6ml4dk59#t=2511.0 I know this is a security podcast, but every once in a while, I like to beta test new ideas. I appreciate you listening, and giving feedback.
There was more news from the WhatsApp privacy fallout that we decided to have another show. As you know, we have moved to signal. If you want an invite, tweet the show, or find one of us. TL;DR, if you are using whatsapp to send cat photos to your family, you are ok. If you are using whatsapp business, they are making changes. https://gizmodo.com/this-was-whatsapps-plan-all-along-1846060382