Podcast Episode Details
Back to Podcast Episodes
US Customs and Border Protection Data Breach, Sign in with Apple, Leaked Facebook Emails
This is your Shared Security Weekly Blaze for June 17th 2019 with your host, Tom Eston. In this week’s episode: the US Customs and Border Protection data breach, the new sign in with Apple button, and more leaked Facebook emails.
Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer.
Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
Apple made a few big privacy announcements at its Worldwide Developers Conference the other week including: updates to how Apple’s HomeKit securely transmits and stores video from home security systems, new permission settings in iOS 13 to further limit location sharing, heath data that is used by Apple Watch is now being encrypted and stored on your watch or within iCloud, and that you can now lock your Mac remotely through Apple’s activation lock feature if your Mac happens to be lost or stolen. But the biggest privacy announcement was “Sign in with Apple” which is a new feature that looks to roll out later in the year with iOS 13. Sign in with Apple is a button that is very similar to Facebook or Google’s “one-click” sign-on buttons you might see on many apps and websites. These buttons leverage your Facebook or Google accounts to sign you in without creating a separate login ID. The problem with this is that sometimes your personal information, which Facebook and Google collect about you, gets shared with these sites and can be used to track you. Apple’s one-click sign-on solution authenticates using Face ID without sending any personal information to a third-party company. On top of that Apple’s solution will auto-generate a random “relay” email address that will hide your real email address. I like this a lot as email addresses are commonly used as a user name and is one of the ways you happen to be linked back to a data breach. In addition, Apple says you’ll be able to disable these randomly generated email addresses if you don’t want to use an app anymore.
Now the biggest challenge for Apple will be if developers will start using this new feature when developing their applications. Many have already been using Facebook and Google for one-click sign-on buttons, so Apple may have to find ways to convince developers that there is a more secure, and private approach to help protect their users personal information.
Remember just recently on episode 88 of our monthly show I talked about how US Customs and Border Protection (or CBP) was now using facial recognition at several US airports in order to board flights? Well, it seems that a CBP database, storing images of travelers and license plates, was hacked and compromised. Apparently it was a subcontractor who had the data that had gotten compromised. It’s not known who the subcontractor is nor did CBP provide any other details except that the agency became aware that on May 31st the subcontractor had transferred the photos to its network. CBP also stated that this was a violation of their policies and that several members of Congress have been alerted and that law
Published on 6 years, 6 months ago