This problem affects all features that auto-fill usernames and passwords, whether or not they are native to the browser, or, provided by third-party plugins, so this affects everyone who saves passwords in their browser in any way.
The review below is from Caleb Fong, aka @GeekoSupremo on Twitter. Caleb is a long time NosillaCastaway who is also following along with Programming By Stealth. His review is pretty geeky (goes well with his Twitter handle) so I thought it might help to explain a couple of terms he uses.
He’ll use the term *nix which is a term that means any UNIX-like system. *nix can mean any kind of linux, or even macOS since it’s based on FreeBSD which is a descendent of UNIX.
He also talks about Vim. Vim is a text editor in *nix operating systems. It’s a descendent of the original Vi, and in fact, the name stands for Vi IMproved.
Hi, this is George from Tulsa sending some virtual help to Steve and Allison as they move Steve’s parents. I’m sure they’d rather I flew to California and helped Steve carry the Steinway, but what they get is this small part of a podcast Allison doesn’t have to build herself.
Find yourself the geek for work, family, and friends? I can’t count how many times I’ve been called on to clean malware from Windows computers. A couple of years ago I threw in the towel, wiped the last version of Windows I owned, and told everyone I hadn’t persuaded to move to Mac I no longer did Windows.
Of course, not everyone I know can afford a Mac, so the folks I couldn’t persuade to buy a Mac, or who wouldn’t maintain theirs and started calling me for Mac clean up, I’ve been recommending get Chromebooks. Heck, they’re cheap enough I’ve given them to friends and family I cut off from my free Windows Support Service. Gave one to a sister-in-law two weeks ago.
Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits
A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.
What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.
Donald Burr is a wonderful human being; he’s what Steve calls “good people”. Out of plain old the goodness of his heart, he has been letting me mooch off of his server for the IRC chat we enjoy during the live show. I love that I get this free ride, but when something goes wrong, I have no way of fixing it myself and we have to bother Donald. If he’s not just sitting by his computer at 5pm on a Sunday night with nothing better to do, then we’re kind of stuck.
Whenever there’s an Apple announcement, the NosillaCastaways gather in the live chat room (even though I don’t broadcast during them). When we all trouped into the chat room this week, Donald’s IRC server’s voicebot had stopped functioning. That meant Steve, as the only admin other than Donald, had to give each person voice as they came in. Even I couldn’t chat without his permission, and you can just guess how well that went off. Then towards the end of the announcement, the server simply threw all of us out of the chat room.
This week was Thanksgiving in the US so I’m going to start out by telling you a story I call “A Thanksgiving Day Miracle”. After that, George from Tulsa joins us to give a review of the Asus Chromebook Flip. He mentions this in his review, but I specifically asked for help this week because I was hanging out with my family instead of working on the podcast most of the week. I also urged George to go long, so he included a bunch of other awesome information. It’s in the style only George can deliver of course. I was going to give you my impressions of the iPad Pro after a few weeks of use (after the gushing had worn off) but I think I’ll hold off on that for a week because Bart joined me in an out of band Security Lite episode to talk about the Dell certificate fiasco. It’s really interesting and really important that we get the knowledge out there about what happened, who should be worried, how worried they should be and most importantly to hear how to fix this very serious problem.