Angry Tech News Show

Tech news and opinion from an angry programmer with a microphone

Tag: security

podcast

Angry Tech News #73: Identity Bubble

Post author By Ryan Bemrose
Post date August 22, 2023

Podcast: Play in new window | Download (Duration: 28:29 — 26.1MB)

News Flash: CAPTCHAs are worthless! Plus, Food AI wants to kill us all. Microservices security is more scary and complicated than we imagined. And copyrights are eroding our culture

Links

Bots can solve CAPTCHAS faster than humans
https://www.theregister.com/2023/08/15/so_much_for_captcha_then/

NZ supermarket chain Pak ‘n’ Save AI meal planner suggests poison recipes
https://www.techspot.com/news/99750-supermarket-ai-meal-planner-suggests-chlorine-gas-ant.html

Shadow Access Impact Report
https://stackidentity.com/wp-content/uploads/2023/08/Shadow-Access-Impact-Report.pdf

Music labels only want culture preserved if they can control it
https://www.engadget.com/sony-and-other-music-labels-sue-internet-archive-for-digitizing-old-records-110108988.html

Tags ai, archive.org, captcha, copyright, microservices, security

podcast

Angry Tech News #38: Iconic Faceprint

Post author By Ryan Bemrose
Post date July 26, 2022

Podcast: Play in new window | Download (Duration: 22:35 — 14.7MB)

TikTok, Twitter, and Ubisoft screw their users, European government screws everyone, a way to defeat air gaps, yet another NPM supply chain attack, and a new product that will help you reach your inner cyborg!

Links:

TikTok bends over your privacy
https://www.engadget.com/fcc-commissioner-google-facebook-ban-tik-tok-064559992.html
https://www.pandasecurity.com/en/mediacenter/security/tiktok-privacy-faceprints/

Firefox starts stripping tracking tags from URLs
https://www.bleepingcomputer.com/news/security/new-firefox-privacy-feature-strips-urls-of-tracking-parameters/

Smart contact lenses
https://www.forbes.com/sites/johnkoetsier/2022/05/18/mojo-visions-smart-contact-lens-ready-for-real-world-testing/

Ubisoft shows who really owns your games
https://www.pcgamesn.com/assassins-creed-liberation-steam

Twitter has no ethics
https://therecord.media/twitter-apologizes-for-abusing-user-security-information-after-150-million-ftc-settlement/

Iconburst NPM supply chain attack
https://blog.reversinglabs.com/blog/iconburst-npm-software-supply-chain-attack-grabs-data-from-apps-websites

DMA, DSA pass EU parliament
https://epic.org/european-parliament-adopts-dsa-dma/

ETSC mandates black boxes
https://www.zerohedge.com/political/today-all-new-vehicles-eu-will-have-surveillance-black-boxes

Using SATA cable to defeat air gaps
https://www.bleepingcomputer.com/news/security/air-gapped-systems-leak-data-via-sata-cable-wifi-antennas/

Tags contact-lenses, europe, firefox, npm, security, tiktok, twitter, ubisoft

podcast

Angry Tech News #7: Munition Parser

Post author By Ryan Bemrose
Post date October 26, 2021
1 Comment on Angry Tech News #7: Munition Parser

Podcast: Play in new window | Download (Duration: 19:17 — 11.5MB)

Argentinian data breach, NPM supply chain attack, Apple as a bad security neighbor, Play store fees dropping, and the return of the 90s encryption ban

Links:

Argentina RENAPER DB breached
https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/
https://techstory.in/argentinas-entire-population-at-risk-hacker-steals-government-id-database/

NPM supply chain attack: UA-Parser-JS lib released with backdoor
https://www.bleepingcomputer.com/news/security/popular-npm-library-hijacked-to-install-password-stealers-miners/
https://blog.sonatype.com/npm-project-used-by-millions-hijacked-in-supply-chain-attack

Apple silently fixing reported bugs without giving credit
https://www.bleepingcomputer.com/news/apple/apple-silently-fixes-ios-zero-day-asks-bug-reporter-to-keep-quiet/

Bringing back the encryption ban – this time “hacking tools”
https://www.bleepingcomputer.com/news/security/us-govt-to-ban-export-of-hacking-tools-to-authoritarian-regimes/
https://public-inspection.federalregister.gov/2021-22774.pdf

Tags apple, argentina, encryption, google, npm, security, ua-parser-js

podcast

Angry Tech News #0 – Friday, 3 September 2021

Post author By Ryan Bemrose
Post date September 5, 2021
4 Comments on Angry Tech News #0 – Friday, 3 September 2021

Podcast: Play in new window | Download (20.1MB)

Chinese government restricts video games to 3hrs per week for kids. Reddit continues its crusade against communities that don’t join the hivemind. Samsung shows that when you buy a TV, it’s not really yours. Security researcher turns memory bus into a wifi antenna.

Links:

Chinese mandate – kids under 18 limited to 3hrs/wk of video games
http://www.news.cn/english/2021-08/30/c_1310157506.htm

2019 Chinese restrictions on video gaming
https://www.npr.org/2019/11/06/776840260/china-introduces-restrictions-on-video-games-for-minors

Writing games for China market under new restrictions
https://nikopartners.com/game-regulations-in-china-everything-you-need-to-know/

Reddit has banned r/NoNewNormal
https://www.reddit.com/r/OutOfTheLoop/comments/pek9e6/why_are_subreddits_going_privatepinning_protest/

Reddit admin “worstnerd” posted an “Analysis of Covid Denial”
https://www.reddit.com/r/redditsecurity/comments/pfyqqn/covid_denialism_and_policy_clarifications/

Samsung to remotely brick TVs stolen from warehouse
https://www.theregister.com/2021/08/24/samsung_tv_block/

ThreatPost reports “noted air-gap researcher Mordechai Guri created a proof-of-concept”
https://threatpost.com/air-gap-attack-turns-memory-wifi/162358/

Tags china, reddit, samsung, security, south africa, video games