Our two main stories is how Signal found a Cellebrite hardware analyzer. Then they say they found a bunch of vulnerabilities
Signal is testing a new payment method that we are not thrilled about. Yes, they want to solve a hard problem, but we don’t think this is it. We end with the Google vs Oracle decision.
We talk about two significant user leaks that happened recently. Facebook: https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/ Ubiquiti: https://krebsonsecurity.com/2021/04/ubiquiti-all-but-confirms-breach-response-iniquity/
We talk mainly about privacy in today’s show. One thing I’ve been thinking about is literally how do you prove your vaccination status. Seriously! Not just the card, but actual proof
TLDR: Give up on securing email. Its a trashfire and wasn’t design with security in mind. Everything about email from the protocol, to the clients, to the layers and layers of stuff built on top of it isn’t designed with security in mind.