Our two main stories is how Signal found a Cellebrite hardware analyzer. Then they say they found a bunch of vulnerabilities
Category: Podcasts
Security 265 – Signal’s Mobile Coin and Google vs Oracle
Signal is testing a new payment method that we are not thrilled about. Yes, they want to solve a hard problem, but we don’t think this is it. We end with the Google vs Oracle decision.
https://signal.org/blog/update-on-beta-testing-payments/
https://en.wikipedia.org/wiki/Google_LLC_v._Oracle_America,_Inc.#Supreme_Court
Security 264 – Facebook and Ubiquiti Leaks
We talk about two significant user leaks that happened recently. Facebook: https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/ Ubiquiti: https://krebsonsecurity.com/2021/04/ubiquiti-all-but-confirms-breach-response-iniquity/
Security 263 – Vaccination Privacy
We talk mainly about privacy in today’s show. One thing I’ve been thinking about is literally how do you prove your vaccination status. Seriously! Not just the card, but actual proof
Security 262 – Encrypted Email
TLDR: Give up on securing email. Its a trashfire and wasn’t design with security in mind. Everything about email from the protocol, to the clients, to the layers and layers of stuff built on top of it isn’t designed with security in mind.