Nothing is more frustrating to me than a podcast where I can’t find the RSS Feed link. Well, it occurs to me that I didn’t make mine readily visible . . . until now. If you want the raw RSS feed, go to https://www.littlebrotherpodcast.com/feed/podcast/ and enjoy!
Major data broker pwnt. Stingrays at the DNC. Net neutrality is dead. EAS Misfires in Los Angeles.
Interview with Alex Marthews of Restore The Fourth. We talk about surveillance and laws to control it.
Opsec: Apple opts you into image analysis, and settles a lawsuit over Siri hearing too much. Cars record too much info, and so do ALPRs.
Pwns: US Treasury Department, Volkswagen.
Fail: Waymo
Links:
Mozilla Foundation’s analysis of cars and privacy
What happens without Net Neutrality
The four episodes where I spoke about data brokers selling your car’s location data: 146, 147, 148 and 150.
Podcast: Play in new window | Download
This is the full interview with Alex Marthews of Restore the Fourth that appeared in Episode 157 in slightly abridged form.
Podcast: Play in new window | Download
Errata: At the end of the episode, I mentioned that Episode 157 will drop on January 15th. That date should be January 12th.
Senators write a stern letter to carmakers. Meta sues NSO group and wins. Using the DMCA as a censorship tool.
Focus: Resources for protecting your privacy (see below)
Opsec: Careless posting on Social Media
Fail: City of Albany, NY
Resources:
Podcast: Play in new window | Download
Site that tracks ALPRs. Target sued for collecting biometrics.
Eight telecoms pwnt by Chinese hackers. Pegasus spyware again. iVerify countermeasures for Pegasus. Data brokers tracking where they’re not supposed to. FBI says to use end-to-end encryption. No, really, they did. Choosing an app for that. What is “well-managed” encryption.
Listener letters: A brief primer on cell phone locks, and a promise to talk about it more.
I’m experimenting with Airplane mode; how that’s going.
Podcast: Play in new window | Download
Russia imposes literally impossible fine on Google. National Public Data goes bankrupt. iPhones can reboot themselves, locking law enforcement out.
The cell network not only knows where you are, but it actually has to. Using airplane mode to prevent the cell network from knowing where you are. How to set up offline navigation on Android and iPhone.
Pwns: Albany ENT, Change Healthcare, Hannaford
Fail: CALEA
Podcast: Play in new window | Download
Due to a mix of circumstances, including me having a cold that has left my voice unreliable, I am postponing episode 154 until 2024-11-24. Talk to you then!
Go vote!
Syncthing for Android coming to an end. ARM Holdings PLC to cancel Qualcomm’s design license. Streaming services to become easier to cancel. Zero day in Fortigate? Rockwell teams up with Fortigate. Chinese actors attacking phones of Trump, Harris and Vance.
Pwns: Calgary Public Library, Hot Topic, Internet Archive (again). 23 And Me settles. Georgia fends off an attack.
Opsec: Geofence warrants squashed, to be heard again. Cell phone tracking tools publicly available. You can be tracked by other means, too.
Fail: Sam’s Club.
Podcast: Play in new window | Download
Harvard students develop an automatic doxx machine. Spy infrastructure “borrowed” by foregn actors. DirecTV buys Dish Network for $1.00.
Security Alert: FortiOS appliances
Pwns: Internet Archive, Nevada Joint Union High School District, Casio, Moneygram, Ecovac.
Medical device maker refuses to repair critical device because it is too old. Follow up on the Marion Recorder incident of last year.
Encrypted apps are great, but not a panacea.
Fail: Fisker
Links:
Info on opting out of public databases
Podcast: Play in new window | Download
Seven digit speeding tickets. Car impounded due to ALPR error. Ghost has been infiltrated by law enforcement. UC Berkeley teams up with both the US and Chinese governments. Larry Ellison may control CBS News. He also thinks you should be on your best behavior. Cloudflare offers a free solution to block AI scraping. Passwords are a little less of a pain in the ass, maybe.
Alert: CVE-2024-20017 Zero-click vulnerability for some Mediatek chipsets when running as an AP.
The US Army adopts Software Bills of Materials. Some portable electronic devices in Lebanon exploded. Kaspersky appoints its own replacement without consulting you first. Your car’s tracking of you might get some government attention. Yet another ALPR mistake.
Pwn: Town of Ulster, New York shows us the right way to handle a breech. Fail: HR department sacked after their ALPR rejects the CV of a hiring manager.
Podcast: Play in new window | Download
WCBS 880 AM is no more. Facebook advertisers might actually be listening after all, or maybe not. Security researcher under restraining order for calling out a lie. Ford listens to their customers. Navy OpSec fail.
Fail: Oakland Police. Pwn: Durex
Podcast: Play in new window | Download