Firewalls Don't Stop Dragons Podcast

Redirect Ransom

Listen Later

QR codes are not inherently dangerous. They’re effectively links we can click in the real world using the camera app on our phone. Like hyperlinks on a web page, QR code “links” can take you to good websites or bad websites. They can also disguise their ultimate destination by using URL shortening services like bitly or owly. But now “free” QR code generator websites – that is, sites that will let you create one of these QR codes by entering the HTTP link you want it to take people to – are using these redirects to basically hold your QR code for ransom. The QR codes they give you use the redirect links to insert themselves into the middle – and after some time, they will stop working until you subscribe and pay them money. If you’ve already printed these codes on hundreds of business cards or dozens of plaques for your restaurant, they they’ve really got you over a barrel. I’ll help you avoid these scams.

In other news: Microsort warns that attackers are quickly leveraging newly reported zero-days; some Chrome extensions are making money by inserting affiliate links for thousands of websites; Microsoft appears to be readying a useful PC cleanup tool for release; Apple clarifies its policy on security updates for older OS releases; a report details how hidden AI algorithms are affecting the lives of DC residents; facial recognition systems are being installed in many soccer stadiums; Uber is planning to bombard their users with ads; Clearview AI has been fined 30M euros by France; Apple is ramping up its own ads on its various apps and devices; and I answer another Dear Carey question, this one on the case that is bringing Section 230 in front of the Supreme Court.

Article Links
  1. [Hacker News] Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html
  2. [BleepingComputer] Chrome extensions with 1 million installs hijack targets’ browsers https://www.bleepingcomputer.com/news/security/chrome-extensions-with-1-million-installs-hijack-targets-browsers/
  3. [PCWorld] Microsoft’s surprise PC Manager system optimizer takes aim at CCleaner https://www.pcworld.com/a rticle/1360140/microsoft-releases-beta-of-a-ccleaner-style-pc-manager-tool.html
  4. [Ars Technica] Apple clarifies security update policy: Only the latest OSes are fully patched https://arstechnica.com/gadgets/2022/10/apple-clarifies-security-update-policy-only-the-latest-oses-are-fully-patched/
  5. [WIRED] Algorithms Quietly Run the City of DC—and Maybe Your Hometown https://www.wired.com/story/algorithms-quietly-run-the-city-of-dc-and-maybe-your-hometown/
  6. [WIRED] Soccer Fans, You’re Being Watched https://www.wired.com/story/soccer-world-cup-biometric-surveillance/
  7. [Gizmodo] Uber Plans to Advertise to You At Every Stage of Your Ride, Using Your Own Data https://gizmodo.com/uber-ads-ride-share-uber-eats-1849678092
  8. [Naked Security] Clearview AI image-scraping face recognition service hit with €20m fine in France https://nakedsecurity.sophos.com/2022/10/26/clearview-ai-image-scraping-face-recognition-service-hit-with-e20m-fine-in-france/
  9. [Lifehacker] How to Block Apple’s Own Ads on Your iPhone https://lifehacker.com/how-to-block-apple-s-own-ads-on-your-iphone-1849703889
  10. Tip of the Week: https://firewallsdontstopdragons.com/qr-code-scams-revisited/
    11. Further Info
    • Send me your questions! https://fdsd.me/qna 
    • Support me! https://fdsd.me/support 
    • Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/
    • Check out my book, Firewalls Don’t Stop Dragons: https://www.amazon.com/gp/product/1484261887 
    • Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest 
    • Generate secure passphrases! https://d20key.com/#/ 
      • Table of Contents

      Use these timestamps to jump to a particular section of the show.

      • 0:00:42: Countdown to 300
      • 0:00:57: Twitter dumpster fire
      • 0:01:25: 5th edition update
      • 0:02:47: News preview
      • 0:04:38: Attackers rapidly exploiting 0-day bugs
      • 0:08:43: Chrome extensions committed click fraud
      • 0:14:50: New Microsoft PC Cleaner tool coming
      • 0:17:23: Apple doesn’t fix all bugs on older OS releases
      • 0:21:11: Secret algorithms that affect our lives
      • 0:27:23: Facial recognition spreading to many sports stadiums
      • 0:33:12: Uber plans to show you ads everywhere
      • 0:37:33: Clearview AI fined 20M Euros by France
      • 0:41:49: Apple to do more advertising in their apps
      • 0:44:18: Tip of the Week: QR codes hold links for ransom
      • 0:51:31: Dear Carey
      • 0:57:42: Upcoming stuff
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Firewalls Don't Stop Dragons PodcastBy Carey Parker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        64 ratings

        More shows like Firewalls Don't Stop Dragons Podcast

        View all
        Hidden Brain by Hidden Brain, Shankar Vedantam

        Hidden Brain

        43,628 Listeners

        Global News Podcast by BBC World Service

        Global News Podcast

        7,720 Listeners

        Hacked by Hacked

        Hacked

        190 Listeners

        This Week in Tech (Audio) by TWiT

        This Week in Tech (Audio)

        3,065 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,009 Listeners

        The Daily by The New York Times

        The Daily

        112,263 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,057 Listeners

        FT News Briefing by Financial Times

        FT News Briefing

        648 Listeners

        Surveillance Report: Weekly News For Digital Freedom by Techlore

        Surveillance Report: Weekly News For Digital Freedom

        109 Listeners

        Hard Fork by The New York Times

        Hard Fork

        5,561 Listeners

        The Ezra Klein Show by New York Times Opinion

        The Ezra Klein Show

        16,331 Listeners

        Closed Network Privacy Podcast by Simon Walsh

        Closed Network Privacy Podcast

        20 Listeners

        Watchman Privacy by Gabriel Custodiet

        Watchman Privacy

        75 Listeners

        The Weekly Show with Jon Stewart by Comedy Central

        The Weekly Show with Jon Stewart

        10,862 Listeners

        The 404 Media Podcast by 404 Media

        The 404 Media Podcast

        392 Listeners