Apple is furious with Google over iPhone hacking attacks against Uyghur Muslims in China, DNS-over-HTTPS is good for privacy but makes ISPs angry, and concern over digital assistants listening to our private moments continues to rise.
All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by web security journalist John Leyden.
Visit https://www.smashingsecurity.com/145 to check out this episode’s show notes and episode links.
Follow the show on Twitter at @SmashinSecurity, or on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Special Guest: John Leyden.
Sponsored By:
- MetaCompliance: People are the key to minimizing your Cyber Security risk posture. MetaCompliance makes this easier by providing a single platform for Phishing, Cybersecurity training, Policy, Privacy and Incident management.
- Go to smashingsecurity.com/metacompliance Promo Code: SMASHING
- LastPass: LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.
- But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.
- Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses.
- Recorded Future: For anyone who is baffled by threat intelligence, and the benefits that it can bring to your company, this is the book for you.
- "The Threat Intelligence Handbook" is an easy-to-read guide will help you understand why threat intelligence is an essential part of every organisation's defence against the latest cyber attacks.
- Download it for free at smashingsecurity.com/intelligence
Links:
- A very deep dive into iOS Exploit chains found in the wild — Google Project Zero.
- Google finds 'indiscriminate iPhone attack lasting years' — BBC News.
- A message about iOS security — Apple.
- Mobile & Tablet Operating System Market Share in China — Statcounter.
- Apple Disputes Google’s Claims of a Devastating iPhone Hack — Motherboard.
- What’s next in making Encrypted DNS-over-HTTPS the Default — Mozilla.
- Firefox DNS-over-HTTPS rollout starts later this month — The Daily Swig.
- ISP trade association backtracks on Mozilla ‘internet villain’ nomination — The Daily Swig.
- Apple apologises for allowing workers to listen to Siri recordings — The Guardian.
- Apple contractors 'regularly hear confidential details' on Siri recordings — The Guardian.
- Almost a quarter of Britons now own one or more smart home devices — YouGov.
- The Bright Side of Humans Eavesdropping on Your Alexa Recordings — Gizmodo.
- Smart Speakers That Listen When They Shouldn't — Consumer Reports.
- BetterTouchTool for Mac.
- The SwigCast — A security podcast from The Daily Swig, featuring John Leyden.
- The Wii — Wikipedia.
- Just Dance 4: Rock Lobster - The B-52's — YouTube.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
This podcast uses the following third-party services for analysis:
OP3 - https://op3.dev/privacy