The Rise of Cellular IoT

Nov 6, 2023

The podcast discusses the risks and privacy concerns of connecting devices to the internet. It highlights recent security breaches and privacy issues with services like 1Password and genetic testing companies. The chapter also explores cybercriminal tactics, ad-blocking wars on YouTube, and the importance of contact key verification in iMessage. The podcast concludes with a discussion on the privacy concerns of cellular modems in IoT devices and the lack of control users have over their data.

Ask episode

Chapters

Transcript

Episode notes

Introduction

00:00 • 4min

Discussion on a Breach at Octa and Potential Impact on One Password Users

04:06 • 2min

Privacy Concerns and Breaches in Genetic Testing Services

05:52 • 23min

Cyber Criminal Tactics and Code Signing Challenges

29:13 • 8min

Annoyances of Ads and the Importance of Contact Key Verification

37:42 • 16min

Password Management Habits and CPAP Machines

53:38 • 1min

The Privacy Concerns of Cellular Modems in IoT Devices

54:54 • 10min

Connecting all our stuff to the internet – making devices “smart” – brings with it a lot of risks. Besides the more obvious cybersecurity vulnerabilities, these devices are also collecting a lot of personal data, offsetting razor thin profit margins by monetizing our data. In most cases, we can limit this data exfiltration using outbound firewalls and DNS services, or just by disconnecting the devices from the internet altogether. But lately I've been seeing devices coming configured with cellular data connections, which would effectively bypass your home network entirely - and therefore your ability to block or control the data flow. In other news: 1Passwords discloses security breach; Drug makers to pay 23andMe for access to your DNA; EFF publishes guidance for 23andMe customers after further data breach; Apple's private Wi-Fi MAC address feature has never worked right, until now; Hackers find side-channel attack on Apple Silicon to pull private data from Safari browsers; Windows PCs targeted with new malware; YouTube is waging a new way on ad blockers; Apple's iMessage has new method to thwart 'ghost' listeners; the White House releases sweeping executive order on AI; Pew publishes new study on data privacy views. Article Links [BleepingComputer] 1Password discloses security incident linked to Okta breach https://www.bleepingcomputer.com/news/security/1password-discloses-security-incident-linked-to-okta-breach/ [Bloomberg] Drugmakers Are Set to Pay 23andMe Millions to Access Consumer DNA https://www.bloomberg.com/news/articles/2023-10-30/23andme-will-give-gsk-access-to-consumer-dna-data [Electronic Frontier Foundation] What to Do If You're Concerned About the 23andMe Breach https://www.eff.org/deeplinks/2023/10/what-do-if-youre-concerned-about-23andme-breach [AppleInsider] Apple's private Wi-Fi MAC addresses were security theater until iOS 17.1 https://appleinsider.com/articles/23/10/27/apples-private-wi-fi-mac-addresses-were-security-theater-until-ios-171 [Ars Technica] Hackers can force iOS and macOS browsers to divulge passwords and much more https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/ [TechRadar] Windows PCs are being targeted with a nasty new malware - here's what you need to know https://www.techradar.com/pro/security/windows-pcs-are-being-targeted-with-a-nasty-new-malware-heres-what-you-need-to-know [404media.co] YouTube's 'War' on Adblockers Shows How Google Controls the Internet https://www.404media.co/youtubes-war-on-adblockers-shows-how-google-controls-the-internet/ [9to5mac.com] iMessage Contact Key Verification blocks the ‘ghost proposal’ plan by government spy agency https://9to5mac.com/2023/10/30/imessage-contact-key-verification-reason/ [Mashable] White House drops an AI regulation bombshell: 10 new mandates that'll shake up the industry https://mashable.com/article/white-house-drops-ai-regulation-bombshell [pewresearch.org] How Americans View Data Privacy https://www.pewresearch.org/internet/2023/10/18/how-americans-view-data-privacy/ Tip of the Week: The Rise of Cellular IoT https://firewallsdontstopdragons.com/the-rise-of-cellular-iot/ Further Info Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch Give the gift of privacy and security: https://fdsd.me/coupons Send me your questions! https://fdsd.me/qna Support our mission! https://fdsd.me/support Subscribe to the newsletter: https://fdsd.me/newsletter Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book Generate secure passphrases! https://d20key.com/#/ Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:56: News rundown 0:03:11: 1Password discloses security incident linked to Okta breach 0:06:09: Drugmakers Are Set to Pay 23andMe Millions to Access Consumer DNA 0:10:08: What to Do If You're Concerned About t...