Sign up to save your podcasts
Or
Share Episode 37 - Merry New Year!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 37 - Merry New Year!
Welcome back to the New year and the new look Host Unknown, with a slightly less ethnically diverse lineup than usual, but, but still the same average quality and distinctly suspect ethics you have come to expect from Host Unknown.
This week Thom displays his love of the Animaniacs, Andy has audio issues and Graham has the voice of a midnight hour radio show host.
Smutty or Security?
Graham wins by a nose and a euphemism.
This Week in InfoSec
Liberated from the “today in infosec” twitter accoun):
6th January 1982: The final draft of the script for the movie WarGames was printed. Due to the Cold War and relative ignorance about remotely accessible computers, the film released in 1983 scared the hell out of politicians, the military, and adults. And inspired a generation of hackers!
https://twitter.com/todayininfosec/status/1214381338028953600
8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker". 8 months later it was published in issue 7 of the hacker zine Phrack.
http://phrack.org/issues/7/3.html#article
https://twitter.com/todayininfosec/status/1215026869600313344
9th January 2001: Macromedia, the maker of the Flash media player, claimed that Flash was secure because it was "a constrained environment by design".
https://web.archive.org/web/20010123231000/http://www.zdnet.com/zdnn/stories/news/0,4586,2672473,00.html
https://twitter.com/todayininfosec/status/1215067971963375616
End of the road for Flash
https://twitter.com/gcluley/status/1344822920946872320
https://www.bbc.co.uk/news/technology-55497353
Rant of the Week
https://www.bbc.co.uk/news/technology-55573149
https://threatpost.com/facebooks-mandatory-data-sharing-whatsapp-ire/162828/
WhatsApp is forcing users to agree to sharing information with Facebook if they want to keep using the service.
The update is designed to “offer integrations across the Facebook Company Products”, which also includes Instagram and Messenger.
Some of the data that WhatsApp collects includes:
- User phone numbers
- Other people’s phone numbers stored in address books
- Profile names
- Profile pictures and
- Status message including when a user was last online
- Diagnostic data collected from app logs
The company warns users in a pop-up notice that they "need to accept these updates to continue using WhatsApp" - or delete their accounts.
"Opt in, or fuck off by 8th Feb."
But…. some good news!
And the UK is still considered part of the “European region”, even if we’re not in the EU. Yes, we are still Europeans in 2021!
However, the new version of the privacy policy for European users explicitly says that data can be shared with other Facebook companies to show personalised advertising and offers, make suggestions for content, and "help" to complete purchases, among other reasons.
What’s telling to me...
In 2018, the founders of WhatsApp quit FB over disagreements about privacy and encryption. Walking away from $850 million...
https://www.theguardian.com/technology/2018/apr/30/jan-koum-whatsapp-co-founder-quits-facebook
https://www.forbes.com/sites/parmyolson/2018/09/26/exclusive-whatsapp-cofounder-brian-acton-gives-the-inside-story-on-deletefacebook-and-why-he-left-850-million-behind/
If they can walk away from $850 million, surely WhatsApp users can switch to Signal.
Alternatives:
- Signal
- Wickr
Billy Big Balls
Elon Musk has become the wealthiest person on the planet, surpassing Amazon CEO Jeff Bezos, thanks to the continued rise in Tesla’s stock price. Musk is now worth around $188 billion, according to Bloomberg’s Billionaires Index.
“How strange,” Musk tweeted Thursday. “Well, back to work ...”
Musk eclipsing Bezos’ own extravagant personal wealth of around $187 billion marks the latest development in a years-long rivalry between the two tech magnates.
https://www.theverge.com/2021/1/7/22163361/elon-musk-billionaire-richest-world-jeff-bezos-tesla-stock-spacex
Encrypted messaging app Signal says it’s seeing a swell of new users signing up for the platform, so much so that the company is seeing delays in phone number verifications of new accounts across multiple cell providers.
As for what or who is responsible for so many new users interested in trying the platform, which is operated by the nonprofit Signal Foundation, there are two likely culprits: Tesla CEO Elon Musk and Signal competitor WhatsApp.
https://www.theverge.com/2021/1/7/22218989/signal-new-signups-whatsapp-facebook-privacy-controversy-elon-musk
Industry News
NYSE to Delist Chinese Telcos on National Security Grounds
One Million Compromised Accounts Found at Top Gaming Firms
Microsoft: SolarWinds Attackers Viewed Our Source Code
NYSE U-Turn Means Chinese Telcos Escape Delisting
Chinese APT Group Linked to Ransomware Attacks
Ransomware Surge Drives 45% Increase in Healthcare Cyber-Attacks
US: Fewer Than 10 Govt Agencies Hit by SolarWinds Attack
Most Public Sector Victims Refuse to Pay Ransomware Gangs
Dark Web User Numbers Spiked During #COVID19 Lockdown
Over a Third of TMT Firms Hit by Security Breach in 2020
Social Media Neuters Trump’s Accounts After Fans Storm Capitol
DoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes
Tweet)s) of the Week
Graham from the Smashing Security podcast:
@modesty_blaise0:
Due to travel restrictions, the USA had to organize a coup at home this year.
https://twitter.com/modesty_blaise0/status/1346965502703198208
Andy:
@ChatGotNext
You can’t even do this shit on GTA
https://twitter.com/ChatGotNext/status/1346911137439223822
Thom:
@YousefMunayyer
We spend $750 billion annually on "defense" and the center of American government fell in two hours to the duck dynasty and the guy in the chewbacca bikini
https://twitter.com/YousefMunayyer/status/1347026407294201863
Graham from the Smashing Security podcast:
@bocxtop
it’s literally harder to sign into gmail from a new device than it is to breach the capitol walls
https://twitter.com/bocxtop/status/1347003538468204545
Andy:
@notviking
starting to think it’d actually be incredibly easy to steal the declaration of independence
https://twitter.com/notviking/status/1346923223489736704
Thom: (serious)
@Olivia_Beavers
If there is still any question about how rhetoric can manifest into action, that question has been answered today.
https://twitter.com/Olivia_Beavers/status/1346901714767642630
They Pushed Me Out And Maced Me
Sticky Pickle of the Week
Sticky Pickle of the Week
Sticky Pickle of the Week
Graham applies his razor sharp mind to this weeks triple sticky pickle.
US nuclear launch codes were 00000000
Come on! Like and bloody well subscribe!
View all episodes
By Host Unknown, Thom Langford, Andrew Agnes, Javvad Malik
4.8
55 ratings
Welcome back to the New year and the new look Host Unknown, with a slightly less ethnically diverse lineup than usual, but, but still the same average quality and distinctly suspect ethics you have come to expect from Host Unknown.
This week Thom displays his love of the Animaniacs, Andy has audio issues and Graham has the voice of a midnight hour radio show host.
Smutty or Security?
Graham wins by a nose and a euphemism.
This Week in InfoSec
Liberated from the “today in infosec” twitter accoun):
6th January 1982: The final draft of the script for the movie WarGames was printed. Due to the Cold War and relative ignorance about remotely accessible computers, the film released in 1983 scared the hell out of politicians, the military, and adults. And inspired a generation of hackers!
https://twitter.com/todayininfosec/status/1214381338028953600
8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker". 8 months later it was published in issue 7 of the hacker zine Phrack.
http://phrack.org/issues/7/3.html#article
https://twitter.com/todayininfosec/status/1215026869600313344
9th January 2001: Macromedia, the maker of the Flash media player, claimed that Flash was secure because it was "a constrained environment by design".
https://web.archive.org/web/20010123231000/http://www.zdnet.com/zdnn/stories/news/0,4586,2672473,00.html
https://twitter.com/todayininfosec/status/1215067971963375616
End of the road for Flash
https://twitter.com/gcluley/status/1344822920946872320
https://www.bbc.co.uk/news/technology-55497353
Rant of the Week
https://www.bbc.co.uk/news/technology-55573149
https://threatpost.com/facebooks-mandatory-data-sharing-whatsapp-ire/162828/
WhatsApp is forcing users to agree to sharing information with Facebook if they want to keep using the service.
The update is designed to “offer integrations across the Facebook Company Products”, which also includes Instagram and Messenger.
Some of the data that WhatsApp collects includes:
- User phone numbers
- Other people’s phone numbers stored in address books
- Profile names
- Profile pictures and
- Status message including when a user was last online
- Diagnostic data collected from app logs
The company warns users in a pop-up notice that they "need to accept these updates to continue using WhatsApp" - or delete their accounts.
"Opt in, or fuck off by 8th Feb."
But…. some good news!
And the UK is still considered part of the “European region”, even if we’re not in the EU. Yes, we are still Europeans in 2021!
However, the new version of the privacy policy for European users explicitly says that data can be shared with other Facebook companies to show personalised advertising and offers, make suggestions for content, and "help" to complete purchases, among other reasons.
What’s telling to me...
In 2018, the founders of WhatsApp quit FB over disagreements about privacy and encryption. Walking away from $850 million...
https://www.theguardian.com/technology/2018/apr/30/jan-koum-whatsapp-co-founder-quits-facebook
https://www.forbes.com/sites/parmyolson/2018/09/26/exclusive-whatsapp-cofounder-brian-acton-gives-the-inside-story-on-deletefacebook-and-why-he-left-850-million-behind/
If they can walk away from $850 million, surely WhatsApp users can switch to Signal.
Alternatives:
- Signal
- Wickr
Billy Big Balls
Elon Musk has become the wealthiest person on the planet, surpassing Amazon CEO Jeff Bezos, thanks to the continued rise in Tesla’s stock price. Musk is now worth around $188 billion, according to Bloomberg’s Billionaires Index.
“How strange,” Musk tweeted Thursday. “Well, back to work ...”
Musk eclipsing Bezos’ own extravagant personal wealth of around $187 billion marks the latest development in a years-long rivalry between the two tech magnates.
https://www.theverge.com/2021/1/7/22163361/elon-musk-billionaire-richest-world-jeff-bezos-tesla-stock-spacex
Encrypted messaging app Signal says it’s seeing a swell of new users signing up for the platform, so much so that the company is seeing delays in phone number verifications of new accounts across multiple cell providers.
As for what or who is responsible for so many new users interested in trying the platform, which is operated by the nonprofit Signal Foundation, there are two likely culprits: Tesla CEO Elon Musk and Signal competitor WhatsApp.
https://www.theverge.com/2021/1/7/22218989/signal-new-signups-whatsapp-facebook-privacy-controversy-elon-musk
Industry News
NYSE to Delist Chinese Telcos on National Security Grounds
One Million Compromised Accounts Found at Top Gaming Firms
Microsoft: SolarWinds Attackers Viewed Our Source Code
NYSE U-Turn Means Chinese Telcos Escape Delisting
Chinese APT Group Linked to Ransomware Attacks
Ransomware Surge Drives 45% Increase in Healthcare Cyber-Attacks
US: Fewer Than 10 Govt Agencies Hit by SolarWinds Attack
Most Public Sector Victims Refuse to Pay Ransomware Gangs
Dark Web User Numbers Spiked During #COVID19 Lockdown
Over a Third of TMT Firms Hit by Security Breach in 2020
Social Media Neuters Trump’s Accounts After Fans Storm Capitol
DoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes
Tweet)s) of the Week
Graham from the Smashing Security podcast:
@modesty_blaise0:
Due to travel restrictions, the USA had to organize a coup at home this year.
https://twitter.com/modesty_blaise0/status/1346965502703198208
Andy:
@ChatGotNext
You can’t even do this shit on GTA
https://twitter.com/ChatGotNext/status/1346911137439223822
Thom:
@YousefMunayyer
We spend $750 billion annually on "defense" and the center of American government fell in two hours to the duck dynasty and the guy in the chewbacca bikini
https://twitter.com/YousefMunayyer/status/1347026407294201863
Graham from the Smashing Security podcast:
@bocxtop
it’s literally harder to sign into gmail from a new device than it is to breach the capitol walls
https://twitter.com/bocxtop/status/1347003538468204545
Andy:
@notviking
starting to think it’d actually be incredibly easy to steal the declaration of independence
https://twitter.com/notviking/status/1346923223489736704
Thom: (serious)
@Olivia_Beavers
If there is still any question about how rhetoric can manifest into action, that question has been answered today.
https://twitter.com/Olivia_Beavers/status/1346901714767642630
They Pushed Me Out And Maced Me
Sticky Pickle of the Week
Sticky Pickle of the Week
Sticky Pickle of the Week
Graham applies his razor sharp mind to this weeks triple sticky pickle.
US nuclear launch codes were 00000000
Come on! Like and bloody well subscribe!
More shows like The Host Unknown Podcast
View all
Security Now (Audio)
1,983 Listeners
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
636 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Grumpy Old Geeks
6,020 Listeners
Hacked
183 Listeners
CyberWire Daily
1,009 Listeners
Smashing Security
312 Listeners
Click Here
415 Listeners
Darknet Diaries
7,913 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
314 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
43 Listeners
The AI Fix
29 Listeners