Firewalls Don't Stop Dragons Podcast

Redirect Ransom

Listen Later

QR codes are not inherently dangerous. They’re effectively links we can click in the real world using the camera app on our phone. Like hyperlinks on a web page, QR code “links” can take you to good websites or bad websites. They can also disguise their ultimate destination by using URL shortening services like bitly or owly. But now “free” QR code generator websites – that is, sites that will let you create one of these QR codes by entering the HTTP link you want it to take people to – are using these redirects to basically hold your QR code for ransom. The QR codes they give you use the redirect links to insert themselves into the middle – and after some time, they will stop working until you subscribe and pay them money. If you’ve already printed these codes on hundreds of business cards or dozens of plaques for your restaurant, they they’ve really got you over a barrel. I’ll help you avoid these scams.

In other news: Microsort warns that attackers are quickly leveraging newly reported zero-days; some Chrome extensions are making money by inserting affiliate links for thousands of websites; Microsoft appears to be readying a useful PC cleanup tool for release; Apple clarifies its policy on security updates for older OS releases; a report details how hidden AI algorithms are affecting the lives of DC residents; facial recognition systems are being installed in many soccer stadiums; Uber is planning to bombard their users with ads; Clearview AI has been fined 30M euros by France; Apple is ramping up its own ads on its various apps and devices; and I answer another Dear Carey question, this one on the case that is bringing Section 230 in front of the Supreme Court.

Article Links
  1. [Hacker News] Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html
  2. [BleepingComputer] Chrome extensions with 1 million installs hijack targets’ browsers https://www.bleepingcomputer.com/news/security/chrome-extensions-with-1-million-installs-hijack-targets-browsers/
  3. [PCWorld] Microsoft’s surprise PC Manager system optimizer takes aim at CCleaner https://www.pcworld.com/a rticle/1360140/microsoft-releases-beta-of-a-ccleaner-style-pc-manager-tool.html
  4. [Ars Technica] Apple clarifies security update policy: Only the latest OSes are fully patched https://arstechnica.com/gadgets/2022/10/apple-clarifies-security-update-policy-only-the-latest-oses-are-fully-patched/
  5. [WIRED] Algorithms Quietly Run the City of DC—and Maybe Your Hometown https://www.wired.com/story/algorithms-quietly-run-the-city-of-dc-and-maybe-your-hometown/
  6. [WIRED] Soccer Fans, You’re Being Watched https://www.wired.com/story/soccer-world-cup-biometric-surveillance/
  7. [Gizmodo] Uber Plans to Advertise to You At Every Stage of Your Ride, Using Your Own Data https://gizmodo.com/uber-ads-ride-share-uber-eats-1849678092
  8. [Naked Security] Clearview AI image-scraping face recognition service hit with €20m fine in France https://nakedsecurity.sophos.com/2022/10/26/clearview-ai-image-scraping-face-recognition-service-hit-with-e20m-fine-in-france/
  9. [Lifehacker] How to Block Apple’s Own Ads on Your iPhone https://lifehacker.com/how-to-block-apple-s-own-ads-on-your-iphone-1849703889
  10. Tip of the Week: https://firewallsdontstopdragons.com/qr-code-scams-revisited/
    11. Further Info
    • Send me your questions! https://fdsd.me/qna 
    • Support me! https://fdsd.me/support 
    • Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/
    • Check out my book, Firewalls Don’t Stop Dragons: https://www.amazon.com/gp/product/1484261887 
    • Would you like me to speak to your group about security and/or privacy? https://fdsd.me/speakerrequest 
    • Generate secure passphrases! https://d20key.com/#/ 
      • Table of Contents

      Use these timestamps to jump to a particular section of the show.

      • 0:00:42: Countdown to 300
      • 0:00:57: Twitter dumpster fire
      • 0:01:25: 5th edition update
      • 0:02:47: News preview
      • 0:04:38: Attackers rapidly exploiting 0-day bugs
      • 0:08:43: Chrome extensions committed click fraud
      • 0:14:50: New Microsoft PC Cleaner tool coming
      • 0:17:23: Apple doesn’t fix all bugs on older OS releases
      • 0:21:11: Secret algorithms that affect our lives
      • 0:27:23: Facial recognition spreading to many sports stadiums
      • 0:33:12: Uber plans to show you ads everywhere
      • 0:37:33: Clearview AI fined 20M Euros by France
      • 0:41:49: Apple to do more advertising in their apps
      • 0:44:18: Tip of the Week: QR codes hold links for ransom
      • 0:51:31: Dear Carey
      • 0:57:42: Upcoming stuff
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Firewalls Don't Stop Dragons PodcastBy Carey Parker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        64 ratings

        More shows like Firewalls Don't Stop Dragons Podcast

        View all
        Freakonomics Radio by Freakonomics Radio + Stitcher

        Freakonomics Radio

        32,011 Listeners

        WSJ What’s News by The Wall Street Journal

        WSJ What’s News

        4,338 Listeners

        Making Sense with Sam Harris by Sam Harris

        Making Sense with Sam Harris

        26,319 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,010 Listeners

        Risky Business by Patrick Gray

        Risky Business

        372 Listeners

        Click Here by Recorded Future News

        Click Here

        418 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,045 Listeners

        Your Undivided Attention by The Center for Humane Technology, Tristan Harris, Daniel Barcay and Aza Raskin

        Your Undivided Attention

        1,602 Listeners

        Techlore Surveillance Report by Techlore

        Techlore Surveillance Report

        105 Listeners

        The Ancients by History Hit

        The Ancients

        3,263 Listeners

        Hard Fork by The New York Times

        Hard Fork

        5,509 Listeners

        The Rest Is History by Goalhanger

        The Rest Is History

        15,249 Listeners

        Closed Network Privacy Podcast by Simon Walsh

        Closed Network Privacy Podcast

        20 Listeners

        The Peter Zeihan Podcast Series by Peter Zeihan

        The Peter Zeihan Podcast Series

        395 Listeners

        The 404 Media Podcast by 404 Media

        The 404 Media Podcast

        386 Listeners