This week we talk more about the facebook scam about impersonation. Google+ has a breach which accelerates its demise. A certain rapper has a passcode of 000000. We discuss if that is good or bad.
189 – Facebook’s Week of Problems
Facebook had a breach: https://newsroom.fb.com/news/2018/09/security-update/
Facebook security settings: https://www.facebook.com/settings?tab=security
Facebook Shadow Contact Info: https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051
GPGTools: https://gpgtools.org/open-letter
NordVPN weird bug: https://twitter.com/CiPHPerCoder/status/1044625129278443522?s=19
Security 188 – Stalking Apps
We have a light week, but we must keep on keeping on.
Faxploit: https://blog.checkpoint.com/2018/08/12/faxploit-hp-printer-fax-exploit/
Fix: https://support.hp.com/us-en/document/c06097712
Fortnite Exploit: https://www.androidcentral.com/epic-games-first-fortnite-installer-allowed-hackers-download-install-silently
Ajit Pai knew about DDOS attack: https://arstechnica.com/tech-policy/2018/08/ajit-pai-knew-ddos-claim-was-false-in-january-says-he-couldnt-tell-congress/
Is the CA wildfires issue a net neutrality issue? Maybe: https://twitter.com/gigastacey/status/1033724768099426304
Staking app got hacked: https://nakedsecurity.sophos.com/2018/08/30/hacked-stalking-app-reveals-victims-photos-texts-and-location-info/
Security 187 – Post Defcon
We recap Hacker Summer camp. The sights, the sounds, the random room searches.
Room Searches: https://arstechnica.com/tech-policy/2018/08/security-theater-meets-def-con-as-room-searches-spark-controversy/
Voting Machines: https://thenextweb.com/tech/2018/08/13/an-11-year-old-hacked-a-government-website-and-changed-election-results-at-defcon/
Voicemail vulnerability: https://mashable.com/2018/08/10/voicemail-hack-password-reset-2fa/#nbbfkK9anmqU
Ajit Pai said the FCC wasn’t DDoS’d: https://arstechnica.com/tech-policy/2018/08/ajit-pai-knew-ddos-claim-was-false-in-january-says-he-couldnt-tell-congress/
Security 186 – Delete All The Tweets
We teased this last week, and never got to it.
1) How to delete your tweets: https://gitlab.com/chaimtime/nuketweets
I forked the project, but I can’t find the OP to credit.
2) Fornite sidesteps the play store. This is a bad idea: https://www.theverge.com/2018/8/3/17645982/epic-games-fortnite-android-version-bypass-google-play-store
3) Android P is here