2.5 Admins

2.5 Admins 166: 20 Second Cheque

Oct 26, 2023

Discussion on Google's measures to prevent malware sites in their ads, issues with using multiple profiles on Android devices, a speculative execution vulnerability in Apple Silicon, and the pros and cons of TP-Link Omada and Ubiquiti Unifi for managing small and medium business networks.

30:40

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The clever use of puny code in a malvertising attack highlights the importance of verifying the source of files before downloading.

A bug in Android 14 is causing storage access issues for users with multiple profiles on their Pixel 6 devices, making it advisable to postpone updating.

Deep dives

Clever Malvertising Attack Exploits Puny Code for Key Pass's Official Website

Attackers used puny code to create a look-alike website for Key Pass, which appeared legitimate due to the use of a visually similar character with a dot underneath it. The attack made it difficult to spot the presence of puny code in the address bar. Furthermore, the attackers went the extra mile by digitally signing the malware with a seemingly legitimate certificate, highlighting the importance of verifying the source even if a file appears to be signed. The incident emphasizes the need for caution when downloading files and ensuring they are indeed from the expected source.

Introduction

5min

The Cost and Potential Effectiveness of Running Ads

10min

Vulnerability in iOS and macOS browsers allows password disclosure

3min

Privacy concerns, side channel vulnerability, and speculation on wider implications

2min

Choosing between TP-Link or MADA and Ubiquiti Unify for managing small and medium business networks

2min

XSCE, Omada Gear, and Frustrations with Unify Controllers

9min

What Google should do to prevent malware sites in their ads, why you might want to avoid using multiple profiles on Android devices, a speculative execution vulnerability in Apple Silicon, and the pros and cons of TP-Link Omada and Ubiquiti Unifi.

Plugs

Support us on patreon

News

Clever malvertising attack uses Punycode to look like KeePass’s official website

pixel 6 can’t access storage with multiple profiles after updating to android 14

Hackers can force iOS and macOS browsers to divulge passwords and much more

Free Consulting

We were asked about the pros and cons of TP-Link Omada and Ubiquiti Unifi.