Artwork

A tartalmat a Carey Parker biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carey Parker vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.
Player FM - Podcast alkalmazás
Lépjen offline állapotba az Player FM alkalmazással!

Treat Plugins Like Apps

1:10:45
 
Megosztás
 

Manage episode 463390856 series 2372096
A tartalmat a Carey Parker biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carey Parker vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Software plugins allow you to add functionality to existing applications. Web browsers commonly use these extensions to add functionality like shopping helpers, password managers, ad blockers and much, much more. In a way, these add-ons are like “apps” for the browser. Like apps, they can view and manipulate your data. In the browser, they may alter the web page, track pages you visit, and even mine any data you might enter into web forms. Also like apps, plugins can have permissions which you must agree to when you install them. Therefore, we need to be very careful which plugins we install and make sure we trust the maker. Today I’ll explain how to audit your plugins.

In other news: The TikTok ban has been given a 75-day reprieve; the Trump administration fires scores of cybersecurity experts; Apple Intelligence will soon be enabled by default on iPhones and Macs; some clever researchers have hacked the iPhone USB-C connection; a tricky new smishing campaign tricks users into bypassing Apple protections; PowerSchool hack affects 62M students and 9M teachers; new AI took can identify where a photo was taken; Subaru hack exposes scary amount of location data collection; fuzzing tool find over 100 bugs in modern cellular network; Texas sues Allstate for using private car data; FTC to ban GM from sharing location info; exercise equipment collects lots of personal data; federal court finally rules that Section 702 FISA data access requires a warrant.

Article Links

  1. [theverge.com] Trump signs order refusing to enforce TikTok ban for 75 days https://www.theverge.com/2025/1/20/24348213/trump-tiktok-ban-executive-order-sale-delay-china
  2. [techcrunch.com] Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/
  3. [macrumors.com] macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically https://www.macrumors.com/2025/01/21/macos-sequoia-15-3-apple-intelligence-opt-out/
  4. [9to5mac.com] Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams https://9to5mac.com/2025/01/14/security-vulnerability-in-iphones-usb-c-port-and-a-gotcha-with-imessage-scams/
  5. [Tech Radar] PowerSchool hack keeps getting worse – 62 million students now thought to be affected https://www.techradar.com/pro/security/powerschool-hack-keeps-getting-worse-62-million-students-now-thought-to-be-affected
  6. [404media.co] The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/
  7. [wired.com] Subaru Security Flaws Exposed Its System for Tracking Millions of Cars https://www.wired.com/story/subaru-location-tracking-vulnerabilities/
  8. [The Hacker News] RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html
  9. [gizmodo.com] Texas Sues Allstate for Collecting Driver Data to Raise Premiums https://gizmodo.com/texas-sues-allstate-for-collecting-driver-data-to-raise-premiums-2000549878
  10. [techcrunch.com] GM banned from sharing driving and location data with insurance companies https://techcrunch.com/2025/01/17/gm-banned-from-sharing-driving-and-location-data-with-insurance-companies/
  11. [consumerreports.org] Your Exercise Bike Knows a Lot About You—and It Doesn’t Keep Every Secret https://www.consumerreports.org/health/health-privacy/exercise-machine-privacy-a3907557984/
  12. [eff.org] VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional
  13. Tip of the Week: Treat Extensions Like Apps: https://firewallsdontstopdragons.com/treat-extensions-like-apps/

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:00:07: Intro
  • 0:01:03: Listener survey ended
  • 0:01:37: News preview
  • 0:03:54: Trump signs order refusing to enforce TikTok ban for 75 days
  • 0:10:02: Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision
  • 0:14:50: macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically
  • 0:21:51: Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams
  • 0:24:51: Clever iPhone Smishing attack
  • 0:28:35: PowerSchool hack keeps getting worse
  • 0:32:55: The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds
  • 0:43:37: Subaru Security Flaws Exposed Its System for Tracking Millions of Cars
  • 0:49:28: 5G fuzzing
  • 0:54:02: Allstate sued, FTC Bans GM data selling, fitness device data
  • 0:56:52: FISA 702 court victory
  • 1:01:23: Tip of the Week: Treat Plugins Like Apps
  • 1:08:12: Wrap up and looking ahead
  continue reading

402 epizódok

Artwork
iconMegosztás
 
Manage episode 463390856 series 2372096
A tartalmat a Carey Parker biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Carey Parker vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Software plugins allow you to add functionality to existing applications. Web browsers commonly use these extensions to add functionality like shopping helpers, password managers, ad blockers and much, much more. In a way, these add-ons are like “apps” for the browser. Like apps, they can view and manipulate your data. In the browser, they may alter the web page, track pages you visit, and even mine any data you might enter into web forms. Also like apps, plugins can have permissions which you must agree to when you install them. Therefore, we need to be very careful which plugins we install and make sure we trust the maker. Today I’ll explain how to audit your plugins.

In other news: The TikTok ban has been given a 75-day reprieve; the Trump administration fires scores of cybersecurity experts; Apple Intelligence will soon be enabled by default on iPhones and Macs; some clever researchers have hacked the iPhone USB-C connection; a tricky new smishing campaign tricks users into bypassing Apple protections; PowerSchool hack affects 62M students and 9M teachers; new AI took can identify where a photo was taken; Subaru hack exposes scary amount of location data collection; fuzzing tool find over 100 bugs in modern cellular network; Texas sues Allstate for using private car data; FTC to ban GM from sharing location info; exercise equipment collects lots of personal data; federal court finally rules that Section 702 FISA data access requires a warrant.

Article Links

  1. [theverge.com] Trump signs order refusing to enforce TikTok ban for 75 days https://www.theverge.com/2025/1/20/24348213/trump-tiktok-ban-executive-order-sale-delay-china
  2. [techcrunch.com] Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/
  3. [macrumors.com] macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically https://www.macrumors.com/2025/01/21/macos-sequoia-15-3-apple-intelligence-opt-out/
  4. [9to5mac.com] Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams https://9to5mac.com/2025/01/14/security-vulnerability-in-iphones-usb-c-port-and-a-gotcha-with-imessage-scams/
  5. [Tech Radar] PowerSchool hack keeps getting worse – 62 million students now thought to be affected https://www.techradar.com/pro/security/powerschool-hack-keeps-getting-worse-62-million-students-now-thought-to-be-affected
  6. [404media.co] The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/
  7. [wired.com] Subaru Security Flaws Exposed Its System for Tracking Millions of Cars https://www.wired.com/story/subaru-location-tracking-vulnerabilities/
  8. [The Hacker News] RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html
  9. [gizmodo.com] Texas Sues Allstate for Collecting Driver Data to Raise Premiums https://gizmodo.com/texas-sues-allstate-for-collecting-driver-data-to-raise-premiums-2000549878
  10. [techcrunch.com] GM banned from sharing driving and location data with insurance companies https://techcrunch.com/2025/01/17/gm-banned-from-sharing-driving-and-location-data-with-insurance-companies/
  11. [consumerreports.org] Your Exercise Bike Knows a Lot About You—and It Doesn’t Keep Every Secret https://www.consumerreports.org/health/health-privacy/exercise-machine-privacy-a3907557984/
  12. [eff.org] VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional
  13. Tip of the Week: Treat Extensions Like Apps: https://firewallsdontstopdragons.com/treat-extensions-like-apps/

Further Info

Table of Contents

Use these timestamps to jump to a particular section of the show.

  • 0:00:07: Intro
  • 0:01:03: Listener survey ended
  • 0:01:37: News preview
  • 0:03:54: Trump signs order refusing to enforce TikTok ban for 75 days
  • 0:10:02: Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision
  • 0:14:50: macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically
  • 0:21:51: Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams
  • 0:24:51: Clever iPhone Smishing attack
  • 0:28:35: PowerSchool hack keeps getting worse
  • 0:32:55: The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds
  • 0:43:37: Subaru Security Flaws Exposed Its System for Tracking Millions of Cars
  • 0:49:28: 5G fuzzing
  • 0:54:02: Allstate sued, FTC Bans GM data selling, fitness device data
  • 0:56:52: FISA 702 court victory
  • 1:01:23: Tip of the Week: Treat Plugins Like Apps
  • 1:08:12: Wrap up and looking ahead
  continue reading

402 epizódok

Minden epizód

×
 
Loading …

Üdvözlünk a Player FM-nél!

A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.

 

Gyors referencia kézikönyv

Hallgassa ezt a műsort, miközben felfedezi
Lejátszás