Deep Dive — Critical Android Base-Band Vulnerabilities❗ TL;DR: this is bad — remote code execution without user interaction over the cellular network, combined with the usual level of security confusion that goes with Android’s model. Unless your Android device is on the list of known-patched devices, or unless your vendor has explicitly announced that they […]
Continue readingMore TagTag: google
Security Bits — 27 November 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 The long-running case against Google led by most state Attorneys General over its misleading location settings (turning off location tracking didn’t actually stop Google tracking your location!) has resulted in the largest-ever settlement […]
Continue readingMore Tag# Security Bits — 27 August 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 🇮🇪 US offers reward “up to $10 million” for information about the Conti gang — nakedsecurity.sophos.com/… (This is the gang behind the notorious hack of the Irish Health Service Executive during COVID) Pegasus […]
Continue readingMore TagSecurity Bits — 20 Feb 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 An update on a story Allison referenced last time: Missouri governor rebuffed: Journalist won’t be prosecuted for viewing HTML — arstechnica.com/… 🇮🇱 The NSO Group/Pegasus Saga: The Israeli government has opened an investigation […]
Continue readingMore TagSecurity Bits — 5 Feb 2022
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 ID.me developments: ID.me CEO Admits Company Uses ‘1:Many’ Facial Recognition — www.macobserver.com/… Treasury Considers ID.Me Alternatives Over Privacy Concerns — money.usnews.com/… Related: Tax scam emails are alive and well as US tax season […]
Continue readingMore TagSecurity Bits — 13 September 2020
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Recently we were alerted by Allister Jenks and Joe Preiser in our slack at podfeet.com/slack to a problematic idea I had on the last Security Bits. We were talking about how choosing an alphanumeric […]
Continue readingMore TagObservations on House Judiciary Committee Hearing with Tech Giants
As you have undoubtedly heard, a U.S. House of Representatives committee called the CEOs of Apple, Alphabet (Google), Facebook, and Amazon to testify before them this week. Steven Goetz texted me in Telegram that it was really good TV. I was head down working on something during the day so I didn’t get a chance […]
Continue readingMore TagI Really Don’t Understand Why People Choose Android
The next time you hear me saying that Android and iOS are pretty much equivalent now, please reach in over the Internet and slap me up ‘side the head, ok? Google Nexus 5X Now that you know the end of the story, let me start at the beginning. In April of 2017 I bought a […]
Continue readingMore TagSecurity Bits – 8 September 2019
Followup Apple draws a line under the ‘Siri Grading’ kerfuffle with a a public letter apologising for not reaching their own high standards, explaining how Siri protects user privacy, and outline some changes to how grading will be carried out in future — www.apple.com/… Apple send as little as possible data to Siri, using on-device […]
Continue readingMore Tag