Eric has to deal with a stolen credit card. Jon checks in again on the telcos who resell your location data. Your Amazon cylinder might email an audio recording to someone. GDPR makes the web much faster. Eric likes time, Jon almost likes Apple.

Notes:

• Krebs follow up on location data tracking
• Alexa eavesdropping scandal
• GDPR Fallout
• All about time by Zach Holman
• Steam Link! Oh, wait...

Eric has to deal with a stolen credit card. Jon checks in again on the telcos who resell your location data. Your Amazon cylinder might email an audio recording to someone. GDPR makes the web much faster. Eric likes time, Jon almost likes Apple.

Comcast gets two bits of followup; look up the real-time location of nearly any cell phone user in the states; more Google duplex and cylinder security; a Sunday sermon with some Oatmeal.

Links:

• Followup: eFail (nice lego dumpster fire) - https://boingboing.net/2018/05/21/mime-considered-harmful.html
• Followup: Comcast Mesh - https://www.engadget.com/2018/05/21/comcast-is-now-selling-mesh-wifi-pods-to-its-internet-customer/
• Followup: Comcast Leaks - https://www.engadget.com/2018/05/22/xfinity-bug-revealed-personal-data-router/
• Don't Share the Where - https://krebsonsecurity.com/2018/05/mobile-giants-please-dont-share-the-where/
• More Google Duplex - https://9to5google.com/2018/05/21/google-duplex-explained-turing-test/
• Cylinder Security - https://www.techrepublic.com/article/smart-office-secrets-alexa-siri-and-google-assistant-could-hear-commands-the-human-ear-cant/
• Do You Hear Laurel? - https://www.nytimes.com/interactive/2018/05/16/upshot/audio-clip-yanny-laurel-debate.html
• Adam Savage's Sunday Sermon - https://youtu.be/krTMy64VusE
• The Oatmeal: Making Things - http://theoatmeal.com/comics/making_things

Comcast gets two bits of followup; look up the real-time location of nearly any cell phone user in the states; more Google duplex and cylinder security; a Sunday sermon with some Oatmeal.

Eric's password buttons were pushed this week, not-so-secure eMail clients, and a touch of Google I/O. Fake coin offerings and ... a knife?

Links:

• Password Rant - https://twitter.com/ericwuehler/status/996509740673908736
• Followup: Eero + Echo - https://daringfireball.net/thetalkshow/2018/05/08/ep-221
• Weird Al Hamilton Polka - https://www.youtube.com/watch?v=3v0c6smpHSk
• eMail Client Vulnerabilities - https://efail.de/
• Google I/O - https://www.theverge.com/2018/5/8/17328828/google-io-keynote-summary-highlights-news-recap-2018
• Ordering with a Voice Assistant - https://twitter.com/jonathan_b_king/status/996517910158819335
• Buy Howeycoins! - https://www.howeycoins.com/index.html
• Cutco Cheese Knife - https://www.cutco.com/products/product.jsp?item=traditional-cheese-knife

Eric's password buttons were pushed this week, not-so-secure eMail clients, and a touch of Google I/O. Fake coin offerings and ... a knife?

Links:

• Password Rant - https://twitter.com/ericwuehler/status/996509740673908736
• Followup: Eero + Echo - https://daringfireball.net/thetalkshow/2018/05/08/ep-221
• Weird Al Hamilton Polka - https://www.youtube.com/watch?v=3v0c6smpHSk
• eMail Client Vulnerabilities - https://efail.de/
• Google I/O - https://www.theverge.com/2018/5/8/17328828/google-io-keynote-summary-highlights-news-recap-2018
• Ordering with a Voice Assistant - https://twitter.com/jonathan_b_king/status/996517910158819335
• Buy Howeycoins! - https://www.howeycoins.com/index.html
• Cutco Cheese Knife - https://www.cutco.com/products/product.jsp?item=traditional-cheese-knife

 

Logging in with only a physical key, Twitter's oopsie, Facebook fires a stalker and Signal's messages do not "self-destruct". Jon chats about stuff from the Microsoft Build conference. Eric still likes Netflix. Jon likes books.

Links:

• Gigabit Router Followup - Botnet - https://www.zdnet.com/article/botnets-competing-to-attack-vulnerable-gpon-fiber-routers/
• Gigabit Router Followup - Fix - https://thehackernews.com/2018/05/protect-router-hacking.html
• Death to Passwords! - https://www.yubico.com/2018/04/yubico-and-microsoft-introduce-passwordless-login/
• Twitter logs passwords - https://blog.twitter.com/official/en_us/topics/company/2018/keeping-your-account-secure.html
• Facebook fires analyst for stalking - https://arstechnica.com/information-technology/2018/05/facebook-fires-security-analyst-accused-of-using-access-to-stalk-women/
• Signal notifications do not self-destruct - https://motherboard.vice.com/en_us/article/kzke7z/signal-disappearing-messages-are-stored-indefinitely-on-mac-hard-drives
• Microsoft Build 2018 - https://www.theverge.com/2018/5/8/17319908/microsoft-build-conference-2018-news-recap-highlights-windows-10
• Netflix: Lost in Space - https://www.netflix.com/title/80104198
• Book: Old Man's War - https://www.amazon.com/Old-Mans-War-John-Scalzi-ebook/dp/B000SEIK2S/

Logging in with only a physical key, Twitter's oopsie, Facebook fires a stalker and Signal's messages do not "self-destruct". Jon chats about stuff from the Microsoft Build conference. Eric still likes Netflix. Jon likes books.

Jon describes farm equipment, while Eric teaches driving lessons. Routers around the world are vulnerable, and a critical battle is won for the open web. A fun book tracking hackers and a crazy project for a VGA adapter.

Links:

• What is a flail? - https://en.wikipedia.org/wiki/Flail_mower
• Oregon Instructional Permit - http://www.oregon.gov/ODOT/DMV/TEEN/pages/permit.aspx
• Vulnerable GPON Routers - https://threatpost.com/millions-of-home-fiber-routers-vulnerable-to-complete-takeover/131593/
• Not a Computer Crime - https://www.eff.org/deeplinks/2018/04/dc-court-accessing-public-information-not-computer-crime
• Python Environment - https://www.xkcd.com/1987/
• The Cuckoo's Egg - https://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/1416507787/
• Software Defined Radio - https://osmocom.org/projects/osmo-fl2k/wiki/Osmo-fl2k

Jon describes farm equipment, while Eric teaches driving lessons. Routers around the world are vulnerable, and a critical battle is won for the open web. A fun book tracking hackers and a crazy project for a VGA adapter.