The podcast covers topics like rethinking weather apps for privacy, tactile interactive displays for blind individuals, a review of the ViewSonic 4K OLED display, updates on security issues like Putty vulnerability, Google's Find My Device, cybersecurity threats, TikTok's legal battles, and Google's privacy sandbox scrutiny.
Website tracking tools can lead to data breaches, as seen in the Kaiser Permanente incident.
Chinese pinning keyboards may compromise user data, urging caution or use of built-in keyboards.
Unique passwords, password managers, and MFA are crucial post-Roku password stuffing attack.
LastPass warns of phishing scams impersonating customer support to steal cryptocurrency vault passwords.
A US court ruling allows forcing suspects to unlock phones via touch ID, raising privacy concerns.
Deep dives
Data Breach or Normal Internet Tracking? An Examination of Kaiser Permanente's Reported Breach
Kaiser Permanente reported a data breach affecting 13.4 million patients due to standard website tracking tools like those used across the internet. This new reality highlights how common internet practices could be considered data breaches today.
Beware of Keyboards: Chinese Keyboards Sending Keystrokes to China
Citizen Lab researchers found that many popular Chinese pinning keyboards are sending keystrokes to China, impacting users globally. A warning to avoid such keyboards and use built-in iOS Chinese keyboard or exercise caution.
Forcing Multifactor Authentication After Roku Data Breach
Roku suffered a password stuffing attack leading to the leakage of 776,000 accounts, prompting them to mandate multifactor authentication. This incident underscores the importance of unique passwords, password managers, and enabling MFA.
Mind Your Privacy: LastPass Warns of Impersonation Scam
LastPass alerts users of a phishing scam where scammers pose as LastPass customer support requesting users' vault passwords. This scam aims to steal cryptocurrency, emphasizing the importance of vigilance and verifying authenticity.
Warning Against Refusing Smart Phones with Touch ID
A US court ruling allows law enforcement to force suspects to unlock phones using touch ID, considering it a thoughtless act akin to providing fingerprints. This ruling raises concerns about privacy and security, prompting some to recommend avoiding touch ID. However, learning to protect and safeguard sensitive data is crucial.
Stay Secure with Router Patches Against Botnets
A critical vulnerability in TP-Link routers exploited by botnets underscores the necessity of promptly patching routers against cyber threats. Timely router updates and enabling automatic updates enhance cybersecurity protection.
Account Safety Alert: Beware of Fishing Campaign Impersonating LastPass Support
A recent phishing campaign impersonates LastPass customer service to solicit vault passwords in an effort to steal cryptocurrencies. Users are advised to remain cautious, avoid divulging sensitive information, and report suspicious communication attempts.
Use of Lock Button for Security Purposes
A security measure highlighted in the episode involves using a specific gesture on an iPhone to lock it requiring a passcode instead of Face ID or Touch ID. By pressing the lock button and a volume button simultaneously, users can trigger this feature when faced with potential privacy violations. Concerns over Fifth Amendment rights, particularly in encounters with law enforcement, emphasize the significance of safeguarding personal data through such proactive measures.
Implications of TikTok Ban and Data Privacy Concerns
The episode delves into the turbulent times for TikTok in the US, triggered by a bill imposing restrictions if certain conditions aren't met. The law targets app stores owned by American companies to hinder TikTok's availability. Amid reports of potential data privacy risks linked to the Chinese parent company, efforts to challenge the legality of the ban are underway. The broader discussion posits TikTok within the broader social media landscape's challenges, emphasizing the intricate nature of data manipulation and misinformation campaigns across various platforms.
