Podcast Episode Details
Back to Podcast Episodes
Chinese Spying, Facebook Shadow Contact Information, iPhone X FaceID Privacy – WB37
This is your Shared Security Weekly Blaze for October 8th 2018 with your host, Tom Eston. In this week’s episode: Chinese Spying, Facebook Shadow Contact Information and iPhone X FaceID Privacy.
Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.
Hi everyone, this is Tom Eston, Co-host of the Shared Security podcast. Welcome to the Shared Security Weekly Blaze where we update you on the top 3 security and privacy topics from the week. These weekly podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
I have a small favor to ask you. We would really appreciate it if you could leave us a review on iTunes. To leave a review, simply click the iTunes link in our show notes for this episode. We’ll be sure to thank you for your review on a future episode of the podcast. Thanks for your support!
In late breaking news on Thursday last week, a report from Bloomberg has detailed a large scale supply chain attack which is believed to be one of the largest spying programs ever conducted by a nation-state. According to the report, a very small microchip about the size of a pencil tip or grain of rice was installed and hidden in servers that were being used by approximately 30 American companies which include Apple and Amazon. These chips were apparently installed during the manufacturing process in server motherboards manufactured by a company called Super Micro, which happens to manufacture its products in China. Of course, as you might assume, these chips were allegedly installed by the Chinese government to spy on American companies giving China the competitive advantage in the highly competitive technology space. While Amazon, Apple, Supermicro and even China are denying the claims made in this report from Bloomberg, it’s not that far of a stretch when you consider that China has been known to install malicious software into the hardware supply chain in the past and that 75% of all mobile devices and 90% of all PC’s in the world are manufactured in China.
Whether this story is true or not, securing the hardware supply chain is a very difficult problem to solve, even when hardware is manufactured in a country like the United States. For example, back in 2016 one US based mobile phone company, that makes cheap Android based phones, found a software backdoor installed on their devices which would send information from the device, you guessed it, back to China. So while the hardware itself was not manufactured in China, the software on the Android device was. I remember when I was working as a security consultant several years ago we would strongly advise business clients that when traveling to China they should use a “disposable” laptop and mobile device with very little or no corporate data on them. When our clients returned from China we strongly told them to never ever plug their laptop back into their corporate network and to give it to us for forensic analysis. We gave this advice
Published on 7 years, 2 months ago