We’ll be in the live chatroom during the WWDC Keynote – join us! I also hope you’ll come to Macstock Expo in July, and to help it be more affordable use coupon code PODFEET. The free Vectornator Pro for iPad (and iPhone) is an amazing vector design program and I’ll tell you all about it. Rick from Baltimore brings us an amazing Tiny Tip about how he uses the Accessibility shortcuts on his iOS devices to both dim his screen at night and turn on the magnifier. Steve Sheridan tells us all about the Apple Health Study and why you might want to join it. In Security Bits, Bart Busschots tells us about VPNFilter in Security Medium, and then CallKit Removal in China, No Telegram Updates in App Store, End of Flash & Silverlight, Papua New Guinea Turns Off Facebook and much more.
- Spectre & Meltdown
- Details have been released of a new Spectre variant named Speculative Store Bypass, or SSB. The vulnerability affects AMD, ARM & Intel chips. Thankfully it can be mitigated quite easily, so it’s just a matter of applying software, OS, firmware, and microcode updates as they are released — arstechnica.com/…
There won’t be a live show next week, and the NosillaCast will be out on Tuesday instead of Sunday (sorry guys). Check out the tutorial I did on Keep It for ScreenCasts Online at screencastsonline.com. We’ve got another of Steve’s videos from NAB, this time from Backblaze about their B2 cloud storage. Then I’ll tell you how using Airtable from airtable.com might help me finally wrap my brain around databases as I attempt to manage my bathroom remodel with it. Bart Busschots is with us for another fine edition of Security Bits about Efail, protection of the 4th Amendment, Glitch & ThrowHammer as well as Black Dot & Text-Bomb.
Security Medium — The Efail Email Encryption Vulnerability
The latest bug with a cool name and a cute logo is Efail, a mashup of the words email and fail. The bug affects encrypted email sent with both of the common email encryption protocols S/MIME & PGP/GPG.
Under certain circumstances, the bug allows an attacker to trick email clients into sending a copy of the decrypted versions of encrypted emails to a server of their choice. The bug is triggered in the client, so it affects every email opened by the client, regardless of when it was sent, so this bug could allow an attacker to read encrypted emails arbitrarily far back in time.
We’ll take a look at StepShot Guides to see if it’s a worthy replacement for Clarify after all. Then we have an interview with Monoprice from NAB where we’ll have a surprisingly interesting and funny interview about SlimRun Ethernet and HDMI cables. Bart and I haven’t talked Security Bits in ages, so we have a nice long one for you.
On Chit Chat #533, Bart did a deep dive into how the Domain Name System works and in that session, he suggested a hybrid approach where your mobile devices had the improved DNS along with your home router.
It turns out it’s not possible to set system-wide DNS settings on iOS or Android. This means that the Hybrid Approach we described of setting a third-party DNS on your home router and then also hard-coding it on your mobile devices remains the best advice, but it’s not possible to do on iOS or Android devices. Annoyingly, that means there is no good solution to protect these devices 🙁. Thanks very much to Allister Jenks for drawing our attention to this in our Google Plus Community.
- The Facebook/Cambridge Analytica Kerfuffle:
Continue reading “Security Bits – Facebook/Cambridge Analytica, GDPR, Security Updates, Greyshift Backdoor, UPnProxy”
In this week’s show I announce the new “Special Pages” button on podfeet.com (I know, exciting to have a new button, isn’t it?) We used mimoLive from Boinx Software for the first time making the live show, but I only tease you at the beginning that I’ll explain what that is. I promise, I’ll tell you all about it next week! We’ve got two last interviews from CSUN: the AssisTech SmartCane and Smartbox for those with speaking challenges. I’ll tell you how I have even MORE blinky lights on me when I go for a walk thanks to Bart, and then we’ll have Security Bits where Bart gives us an update on the Cambridge Analytica/Facebook kerfuffle, WebAuthn, and more security news and information.
This content was originally posted as part of the Chit Chat Across the Pond podcast on 14 April 2018 but since the subject is evergreen it is repeated here as a permanent Page. The tutorial was written completely by Bart Busschots of bartb.ie.
In this page, Bart teaches us about DNS Resolvers and helps give us the information to choose the right one for us. To get us there, he starts by explaining the background technologies. He explains DNS and how there are two kinds of servers, he explains DNS Name resolution and why caching is important, and the security problems (and solutions) of DNS. Then he explains how third-party DNS providers can solve some of these problems. He explains their motivations which will inform your own decision. Finally (at about the 1-hour mark) he walks through the solutions offered by OpenDNS, Google, Quad9, and Cloudflare. You can listen along below and read the content and view the diagrams as a guide.
In this “Lite” version of Chit Chat Across the Pond (within a NosillaCastaway’s definition of Lite), Bart teaches us about DNS Resolvers and helps give us the information to choose the right one for us. To get us there he starts by explaining the background technologies. He explains DNS and how there’s two kinds of servers, he explains DNS Name resolution and why caching is important, and the security problems (and solutions) of DNS. Then he explains how third-party DNS providers can solve some of these problems. He explains their motivations which will inform your own decision. Finally (at about the 1 hour mark) he walks through the solutions offered by OpenDNS, Google, Quad9 and Cloudflare. I loved this episode and you can tell Bart really loves talking about DNS.
Followup 1 — Meltdown/Spectre
- Intel won’t fix Spectre flaws in older chips — nakedsecurity.sophos.com/…
- AMD systems gain Spectre protection with latest Windows fixes — arstechnica.com/…