This is the Shared Security Weekly Blaze for April 23, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions, Silent Pocket and CISOBox. This episode was hosted by Tom Eston.
Show Transcript
This is your Shared Security Weekly Blaze for April 23rd 2018 with your host, Tom Eston. In this week’s episode: Android’s Toxic Hellstew of Vulnerabilities, Facebook’s New Privacy Controls and Russian Router Hacking.
The Shared Security Podcast is sponsored by Silent Pocket. With their patented Faraday cage product line of phone cases, wallets and bags you can block all wireless signals which will make your devices instantly untrackable, unhackable and undetectable. Visit silent-pocket.com for more details.
Hi everyone, I’m Tom Eston, co-host of the Shared Security podcast. Welcome to the Shared Security Weekly Blaze where we update you on the top 3 security and privacy topics from the week. These weekly podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
If you like this podcast we would really appreciate you leaving a review in iTunes or your favorite podcatcher app. Reviews really help move us up the podcast ratings list and are greatly appreciated.
Shout outs this week to @securityvoid, @HammerITConsult, @davegeek_ and @Yohun on Twitter as well as Tim Maliyil on Instagram and Richard, Jason and Eddie on Facebook for commenting, liking and sharing our posts on social media. Thank you for your support of the show!
There was an article this past week that totally got my attention and should get yours as well which was titled quote “Is your Android phone a ‘toxic hellstew’ of vulnerabilities?” end quote. Toxic hellstew does sound rather terrible so if you have an Android phone you may want to pay attention to this. A study was recently released that found that your Android phone may be lying to you about critical patches that should be installed by your device manufacture. This issue called the ‘hidden patch gap’ was discovered by German security firm Security Research Labs. The research shows that some popular Android devices from Google, Sony, Samsung and many others brands would show that they were fully patched when in fact they were missing security patches, and in some cases up to a dozen patches from a specific time period. This means that without current security patches, these Android devices were left vulnerable to various attacks. The researchers believe that manufactures are setting these false patch levels in an attempt to deliberately deceive consumers that their devices are secure. Device manufactures like Google have responded to the research stating that there are other layers of security in Android devices to protect them from attack and patching is just one of those layers. Of course they did not admit to providing consumers with a false sense of security.
While patching of Android devices has always been a challenge because of the known issue of device fragmentation, where older Android devices may never get updated, patching should be of up most importance to device manufactures because of the rise of mobile device attacks.
So what can you do to see the real patch level of your Android device? Well th
Published on 7 years, 8 months ago
If you like Podbriefly.com, please consider donating to support the ongoing development.
Donate