DiscoverThe Host Unknown PodcastEpisode 202 - The Dog Eating Episode
Episode 202 - The Dog Eating Episode

Episode 202 - The Dog Eating Episode

Update: 2024-09-16
Share

Description

This week in InfoSec  (11:25 )

With content liberated from the “today in infosec” twitter account and further afield

12th September 2014: Stephane Chazelas contacted Bash maintainer Chet Ramey about a vulnerability he dubbed "Bashdoor", which later becoming known as Shellshock. It was publicly disclosed 12 days later.

Shellshock was kind of a big deal - and the vuln had been in Bash for 25 years!

https://x.com/todayininfosec/status/1834293229472416242  

9th September 2001: Mark Curphey started OWASP (the Open Web Application Security Project). In 2023 it was renamed the Open Worldwide Application Security Project.

https://x.com/todayininfosec/status/1833191889790480500  

 

Rant of the Week (16:33 )

WhatsApp's 'View Once' could be 'View Whenever' due to a flaw

A popular privacy feature in WhatsApp is "completely broken and can be trivially bypassed," according to developers at cryptowallet startup Zengo.

According to cofounder Tal Be'ery, his team was building a web interface when they discovered a flaw in WhatsApp's View Once. While the feature was supposed to be limited to platforms where the necessary controls could be enforced, such as mobile clients, the WhatsApp API server didn't properly enforce it.

The server would still send these messages to other platforms, but they couldn't be viewed - unless someone fiddled with the code.

"The View [O]nce media messages are technically the same as regular media messages, only with the “view once” flag set," the technical explanation states.

"Which means it’s the virtual equivalent of putting a note on the picture that says 'don’t look.' All that is required for attackers to circumvent it, is merely to set this flag to false and the media become regular and can be downloaded, forwarded and shared."

 

Billy Big Balls of the Week (27:10 )

Australia’s government spent the week boxing Big Tech

The fun started on Monday when prime minister Anthony Albanese announced his intention to introduce a minimum age for social media, with a preference for the services to be off limits until kids turn 16.

"I want kids to have a childhood," the PM urged. "I want them off their devices … I want them to have real experiences with real people."

Albanese promised legislation to enact the rule will be tabled before Australia's next election, due by 2025. Opposition leader Peter Dutton broadly supported the proposal, which is pitched at parents who are tired of having to protect their kids online.

 

Industry news (34:34 )

DoJ Distributes $18.5m to Western Union Fraud Victims

Poland's Supreme Court Blocks Pegasus Spyware Probe

UK Recognizes Data Centers as Critical National Infrastructure

Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn

TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

Irish Data Protection Regulator to Investigate Google AI

Microsoft Vows to Prevent Future CrowdStrike-Like Outages

Record $65m Settlement for Hacked Patient Photos

Malicious Actors Spreading False US Voter Registration Breach Claims

 

Tweet of the Week (41:57 )

https://x.com/MikeTalonNYC/status/1834311262563377553


Come on! Like and bloody well subscribe!

Comments 
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Episode 202 - The Dog Eating Episode

Episode 202 - The Dog Eating Episode

Andrew Agnês, Thom Langford, Javvad Malik