Smashing Security

Think before you shrink! And our guest is faked

Nov 29, 2023

In this episode, technology journalist Jane Wakefield joins cybersecurity veterans Graham Cluley and Carole Theriault to discuss a range of interesting topics. They dive into the potential privacy risks of minimizing video calls, the debate on paying for Facebook and Instagram, and the issue of fake endorsements promoting cryptocurrency scams. They also explore the cost of privacy and the value of personal data. The podcast covers discussions on online privacy rulings, identity attacks, diversity in tech conferences, and the challenges of securing user accounts in the cloud. The episode features an interview with Adam Bateman, founder and CEO of Push Security, who talks about shadow identities. It's an entertaining and informative conversation with a warning for adult themes and language.

01:04:03

Creator website

Episode guests

Jane Wakefield

Adam

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Securing the identity attack surface in the cloud is crucial for maintaining a strong security posture.

Identities have become the new perimeter in the rise of cloud infrastructure, increasing the risk of compromised user accounts.

Facebook's new subscription option in Europe, allowing users to choose between personalized services with ads or an ad-free experience, is facing legal challenges due to the perceived disproportionality of the subscription cost.

Deep dives

Understanding the Identity Attack Surface

The concept of the identity attack surface refers to the user accounts that exist in the cloud, including those in SSO providers and various cloud applications. These accounts serve as potential entry points for attackers into an organization's cloud infrastructure. With the shift towards cloud-based infrastructure, securing the identity attack surface has become a crucial aspect of maintaining a strong security posture.

Introduction

2min

Introductions, Sponsor Thanks, and Discussion Topics

2min

Driving Experiences and Technology

14min

Fake Articles and Crypto Investment Scams

7min

The Cost of Privacy

10min

Online Privacy Ruling, Identity Attacks, and Sponsor Ads

4min

Glasgow GPT and Diversity in Tech Conferences

10min

Identity Attack Surface and Cloud Security

14min

Company Identity Security and Show Sponsorships

2min

Don't minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams?

All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Jane Wakefield.

Plus - don't miss our featured interview with Push Security founder and CEO Adam Bateman.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

XtraVue Trailer demo - YouTube.
Nvidia sued after video call mistake showed 'stolen' data - BBC News.
Valeo v. Nvidia complaint - DocumentCloud.
Fake BBC news article using Jane Wakefield’s name - Twitter.
Report a fraudulent webpage to Google Safe Browsing - Google.
Meta's EU ad-free subscription faces early privacy challenge - Yahoo!
Meta to offer ad-free subscription in Europe in bid to keep tracking other users - TechCrunch.
Meta’s EU ad-free subscription faces early privacy challenge - TechCrunch.
Facebook and Instagram to Offer Subscription for No Ads in Europe - Facebook.
noyb files GDPR complaint against Meta over “Pay or Okay” - NOYB.
Big Mac index 2023 - Statista.
Euro aea wages 2023 - Take-profit.org.
Boat Story review - The Guardian.
GlasgowGPT - the world's first Scottish artificial intelligence chatbot.
Gergely Orosz uncovers fake female speakers at a tech conference - Twitter.
Eliza-May Austin shares her experiences of being invited to speak at tech conferences - LinkedIn.
Boat Story - BBC iPlayer.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Push Security - Monitor and secure your entire identity attack surface, including non-SSO identities. Get notified in real-time to vulnerabilities across all your internet-facing identities, and have your staff guided to fix simple issues.
Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Device Trust for Okta. Watch the demo today!
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get 10% off!

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

Follow us on Twitter at @SmashinSecurity, or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Smashing Security

Think before you shrink! And our guest is faked

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding the Identity Attack Surface

The Evolution of Attack Strategies

Challenges in Protecting the Cloud Identity Attack Surface

Facebook introduces subscription option for users in Europe

Criticism and legal challenges against Facebook's subscription model

Remember Everything You Learn from Podcasts