Firewalls Don't Stop Dragons Podcast

Treat Plugins Like Apps

Listen Later

Software plugins allow you to add functionality to existing applications. Web browsers commonly use these extensions to add functionality like shopping helpers, password managers, ad blockers and much, much more. In a way, these add-ons are like “apps” for the browser. Like apps, they can view and manipulate your data. In the browser, they may alter the web page, track pages you visit, and even mine any data you might enter into web forms. Also like apps, plugins can have permissions which you must agree to when you install them. Therefore, we need to be very careful which plugins we install and make sure we trust the maker. Today I’ll explain how to audit your plugins.

In other news: The TikTok ban has been given a 75-day reprieve; the Trump administration fires scores of cybersecurity experts; Apple Intelligence will soon be enabled by default on iPhones and Macs; some clever researchers have hacked the iPhone USB-C connection; a tricky new smishing campaign tricks users into bypassing Apple protections; PowerSchool hack affects 62M students and 9M teachers; new AI took can identify where a photo was taken; Subaru hack exposes scary amount of location data collection; fuzzing tool find over 100 bugs in modern cellular network; Texas sues Allstate for using private car data; FTC to ban GM from sharing location info; exercise equipment collects lots of personal data; federal court finally rules that Section 702 FISA data access requires a warrant.

Article Links
  1. [theverge.com] Trump signs order refusing to enforce TikTok ban for 75 days https://www.theverge.com/2025/1/20/24348213/trump-tiktok-ban-executive-order-sale-delay-china
  2. [techcrunch.com] Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision https://techcrunch.com/2025/01/22/trump-administration-fires-members-of-cybersecurity-review-board-in-horribly-shortsighted-decision/
  3. [macrumors.com] macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically https://www.macrumors.com/2025/01/21/macos-sequoia-15-3-apple-intelligence-opt-out/
  4. [9to5mac.com] Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams https://9to5mac.com/2025/01/14/security-vulnerability-in-iphones-usb-c-port-and-a-gotcha-with-imessage-scams/
  5. [Tech Radar] PowerSchool hack keeps getting worse – 62 million students now thought to be affected https://www.techradar.com/pro/security/powerschool-hack-keeps-getting-worse-62-million-students-now-thought-to-be-affected
  6. [404media.co] The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds https://www.404media.co/the-powerful-ai-tool-that-cops-or-stalkers-can-use-to-geolocate-photos-in-seconds/
  7. [wired.com] Subaru Security Flaws Exposed Its System for Tracking Millions of Cars https://www.wired.com/story/subaru-location-tracking-vulnerabilities/
  8. [The Hacker News] RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations https://thehackernews.com/2025/01/ransacked-over-100-security-flaws-found.html
  9. [gizmodo.com] Texas Sues Allstate for Collecting Driver Data to Raise Premiums https://gizmodo.com/texas-sues-allstate-for-collecting-driver-data-to-raise-premiums-2000549878
  10. [techcrunch.com] GM banned from sharing driving and location data with insurance companies https://techcrunch.com/2025/01/17/gm-banned-from-sharing-driving-and-location-data-with-insurance-companies/
  11. [consumerreports.org] Your Exercise Bike Knows a Lot About You—and It Doesn’t Keep Every Secret https://www.consumerreports.org/health/health-privacy/exercise-machine-privacy-a3907557984/
  12. [eff.org] VICTORY! Federal Court (Finally) Rules Backdoor Searches of 702 Data Unconstitutional https://www.eff.org/deeplinks/2025/01/victory-federal-court-finally-rules-backdoor-searches-702-data-unconstitutional
  13. Tip of the Week: Treat Extensions Like Apps: https://firewallsdontstopdragons.com/treat-extensions-like-apps/ 
    14. Further Info
    • Data Privacy Week 2025: https://firewallsdontstopdragons.com/data-privacy-week-2025/ 
    • Private TikTok web app: https://www.sticktock.com/ 
    • Enabling Apple’s Advanced Data Protection: https://support.apple.com/en-us/108756 
    • OSINT location analysis examples: https://gralhix.com/list-of-osint-exercises/osint-exercise-001/ 
    • Claw Your Data Back tool: https://cyd.social/ 
    • Send me your questions! https://fdsd.me/qna 
    • Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book 
    • Subscribe to the newsletter: https://fdsd.me/newsletter 
    • Become a patron! https://www.patreon.com/FirewallsDontStopDragons 
    • Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch 
    • Give the gift of privacy and security: https://fdsd.me/coupons 
    • Generate secure passphrases! https://d20key.com/#/
      • Table of Contents

      Use these timestamps to jump to a particular section of the show.

      • 0:00:07: Intro
      • 0:01:03: Listener survey ended
      • 0:01:37: News preview
      • 0:03:54: Trump signs order refusing to enforce TikTok ban for 75 days
      • 0:10:02: Trump administration fires members of cybersecurity review board in “horribly shortsighted” decision
      • 0:14:50: macOS Sequoia 15.3 and iOS 18.3 Enable Apple Intelligence Automatically
      • 0:21:51: Security vulnerability in iPhone’s USB-C port, and a gotcha with iMessage scams
      • 0:24:51: Clever iPhone Smishing attack
      • 0:28:35: PowerSchool hack keeps getting worse
      • 0:32:55: The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds
      • 0:43:37: Subaru Security Flaws Exposed Its System for Tracking Millions of Cars
      • 0:49:28: 5G fuzzing
      • 0:54:02: Allstate sued, FTC Bans GM data selling, fitness device data
      • 0:56:52: FISA 702 court victory
      • 1:01:23: Tip of the Week: Treat Plugins Like Apps
      • 1:08:12: Wrap up and looking ahead
        • ...more
        View all episodesView all episodes
        Download on the App Store
        Firewalls Don't Stop Dragons PodcastBy Carey Parker
        • 4.9
        • 4.9
        • 4.9
        • 4.9
        • 4.9

        4.9

        64 ratings

        More shows like Firewalls Don't Stop Dragons Podcast

        View all
        Hidden Brain by Hidden Brain, Shankar Vedantam

        Hidden Brain

        43,687 Listeners

        Global News Podcast by BBC World Service

        Global News Podcast

        7,913 Listeners

        Hacked by Hacked

        Hacked

        187 Listeners

        This Week in Tech (Audio) by TWiT

        This Week in Tech (Audio)

        3,059 Listeners

        Security Now (Audio) by TWiT

        Security Now (Audio)

        2,011 Listeners

        The Daily by The New York Times

        The Daily

        113,121 Listeners

        Darknet Diaries by Jack Rhysider

        Darknet Diaries

        8,077 Listeners

        FT News Briefing by Financial Times

        FT News Briefing

        684 Listeners

        Surveillance Report: Weekly News For Digital Freedom by Techlore

        Surveillance Report: Weekly News For Digital Freedom

        110 Listeners

        Hard Fork by The New York Times

        Hard Fork

        5,576 Listeners

        The Ezra Klein Show by New York Times Opinion

        The Ezra Klein Show

        16,525 Listeners

        Closed Network Privacy Podcast by Simon Walsh

        Closed Network Privacy Podcast

        20 Listeners

        Watchman Privacy by Gabriel Custodiet

        Watchman Privacy

        75 Listeners

        The Weekly Show with Jon Stewart by Comedy Central

        The Weekly Show with Jon Stewart

        11,013 Listeners

        The 404 Media Podcast by 404 Media

        The 404 Media Podcast

        398 Listeners