Podcast Episode Details
Back to Podcast Episodes
Massive Apple FaceTime Privacy Bug, Selling Your Privacy for Money, Insecure Smart Light Bulbs
This is your Shared Security Weekly Blaze for February 4th 2019 with your host, Tom Eston. In this week’s episode: The massive Apple FaceTime privacy bug, selling your privacy for money, and insecure smart light bulbs.
Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.
Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
In breaking news this past week, a very serious privacy bug in Apple FaceTime was found by a 14-year-old high school student who was trying to FaceTime his friends while playing Fortnite. The bug allows someone to force other Apple devices that have FaceTime installed (everything from iPhones, iPads and laptops or Mac’s running newer versions of macOS) to answer a FaceTime call, even if the other person doesn’t take any action. Essentially, this turns an iPhone into a surveillance device where the microphone stays active. If you’re interested in learning more about the fascinating story on how this bug was discovered and the painful path that this 14-year-old and his parents had to take to notify Apple of the issue, check out the link provided in our show notes for this episode. In response to this bug, Apple has disabled group FaceTime functionality but it’s still not a bad idea to turn off FaceTime in your Apple device settings until a patch is released. Apple states that an update will be issued in coming weeks. In the meantime, be sure to follow the podcast on Twitter, Facebook and Instagram for the latest updates on when a patch will be released.
Organizations’ internal networks are overly permissive and can’t distinguish trusted from untrusted applications. Attackers abuse this condition to move laterally through networks, bypassing address-based controls to spread malware. Edgewise abstracts security policies away from traditional network controls that rely on IP addresses, ports, and protocols and instead ties controls directly to applications and their data paths.
Edgewise allows organizations to analyze the network attack surface and segment workloads based on the software and how it’s communicating. Edgewise monitors applications and protects data paths using zero trust segmentation.
Visit edgewise.net to get your free month of visibility.
Facebook was in the news once again this past week when it was revealed in a TechCrunch story that Facebook was secretly paying users, from 13 to 35 years old, up to $20 per month plus referral fees to install an app called “Facebook Research” or known internally at Facebook as “Project Atlas”. This app is essentially a VPN and allowed Facebook to capture almost all data being used on an a personal Apple device including messages, photos, phone call data, and web browsing history. Facebook even went as far as to distribute this app outside of the Apple AppStore through Apple’s Enterprise Developer Program, which Apple designed for companies to distribute apps within an organization. The TechCrunch story prompted Apple last week to revoke Facebook’s access to this program as a terms of servi
Published on 6 years, 10 months ago