All right folks you have the download button on security assessment podcast
00:00:00,000 –> 00:00:04,840
brought to you by our company Lipani security if you’re interested go to the
00:00:04,840 –> 00:00:09,800
link in the show notes below and check out all of our services software that we
00:00:09,800 –> 00:00:14,240
offer as well as our blogs about security in all our past podcast
00:00:14,240 –> 00:00:19,680
episodes I want to thank you all for listening and let the show begin
00:00:19,680 –> 00:00:25,360
all right let the show begin our first episode of the security assessment
00:00:25,360 –> 00:00:40,040
podcast I am your host Brandon and this show is going to be we’re gonna try to
00:00:40,040 –> 00:00:45,960
do a weekly show about the security every week a lot of you guys might
00:00:45,960 –> 00:00:49,720
remember me from the technology geek podcast which I did for many many years
00:00:49,720 –> 00:00:54,720
but recently we don’t I have not done that show I’ve been concentrating more
00:00:54,720 –> 00:01:00,200
on the business and things that are going on in the security world and the
00:01:00,200 –> 00:01:05,240
hardware world all that kind of stuff so the show is gonna be a little bit
00:01:05,240 –> 00:01:09,560
different for those of you that remember me from the technology geek podcast but
00:01:09,560 –> 00:01:13,360
except we’re gonna be focusing more on security we’re gonna talk about other
00:01:13,360 –> 00:01:16,000
things trust me tech news gadgets all that kind of stuff but more security
00:01:16,000 –> 00:01:20,880
focused here now on this show and speaking of security news we’ll dive
00:01:20,880 –> 00:01:27,240
right in here so a lot of a lot of things really going on overseas right
00:01:27,240 –> 00:01:33,000
now we all know obviously about the Russia and Ukraine situation but
00:01:33,000 –> 00:01:39,320
apparently that there has been research done and people have found out apparently
00:01:39,320 –> 00:01:44,000
Russia has hacked over 10,000 security cameras in Ukraine and they’ve been
00:01:44,000 –> 00:01:50,600
using these cameras specifically to target attacks target specific cities
00:01:50,600 –> 00:01:58,640
just their their strikes on Ukraine get updates on what’s going on in Ukraine
00:01:58,640 –> 00:02:03,760
all that so recently they have went ahead and they have Ukraine’s shut down
00:02:03,760 –> 00:02:09,520
a lot of their security cameras really to protect themselves as well as you
00:02:09,520 –> 00:02:16,160
know Russia spying on them and things like that what’s concerning to me though
00:02:16,160 –> 00:02:20,040
is some of the camera vendors that they use over there are here in America
00:02:20,040 –> 00:02:24,120
Ukraine has not yet released a list of what camera vendors or what kind of
00:02:24,120 –> 00:02:31,360
cameras were infected I would really like to know that because the odds are
00:02:31,360 –> 00:02:34,680
chance some of those camera vendors are probably used over here I know they for
00:02:34,680 –> 00:02:41,160
the only thing we got so far about this was that the cameras are made by China
00:02:41,160 –> 00:02:45,120
North Korea and Russia so that could be a whole sort of whole bunch of brands I
00:02:45,120 –> 00:02:50,920
wish they would release it they have not yet I know people are trying to find out
00:02:50,920 –> 00:02:54,440
obviously it’s probably not the top thing on Ukraine’s list to get out there
00:02:54,440 –> 00:02:57,800
but is something very important if you see any weird activity or anything like
00:02:57,800 –> 00:03:01,480
that going on on your cameras it may be something worth taking a look at so just
00:03:01,480 –> 00:03:08,240
keep yourself you know you know kind of keep an eye on things just see what’s
00:03:08,240 –> 00:03:13,520
going on with your camera system and if you see anything obviously turn them off
00:03:13,520 –> 00:03:17,840
right away and then also to the news I think it’s important enough really to
00:03:17,840 –> 00:03:22,720
talk about because it’s still all stuff in Ukraine going on but apparently Russia
00:03:22,720 –> 00:03:26,760
hackers were inside Ukraine’s telecom giant for months and they haven’t
00:03:26,760 –> 00:03:32,320
Russian hackers were inside Ukraine’s telecom giant Kistar forgive me if
00:03:32,320 –> 00:03:37,320
I butchered that and apparently they’ve been in for by the last year doing cyber
00:03:37,320 –> 00:03:41,840
attacks all that kind of stuff so one of the things that I guess is concerning
00:03:41,840 –> 00:03:46,800
about that is if you do send any email or any information over to Ukraine your
00:03:46,800 –> 00:03:53,640
data possibly could have gotten hung up with this America obviously has been
00:03:53,640 –> 00:03:57,840
communicating with Ukraine for a lot of things so it’s very concerning now one
00:03:57,840 –> 00:04:04,040
of the things they said if people need to be worried about is people using SIM
00:04:04,040 –> 00:04:06,680
cards because of the attacks anybody that used used an ATM anything like that
00:04:06,680 –> 00:04:12,280
anybody who’s communicated to anybody overseas you know so there’s just they
00:04:12,280 –> 00:04:16,800
have the attackers wiped almost I mean wiped almost everything so it’s gonna be
00:04:16,800 –> 00:04:20,880
almost impossible to find out who did it but they said there’s thousands of
00:04:20,880 –> 00:04:24,560
virtual servers and PCs that they said that they got access to so like I said
00:04:24,560 –> 00:04:29,800
you just be very cautious if you are speaking to anybody over there as it you
00:04:29,800 –> 00:04:37,080
know you could have been exposed if you give any personal information so just be
00:04:37,080 –> 00:04:41,620
concerned about that also to anybody I wanted to bring this up because I get to
00:04:41,620 –> 00:04:47,120
get some people ask me about it 23 and me still a mess over there they’ve been
00:04:47,120 –> 00:04:51,840
hit with about 30 lawsuits since December the breach apparently what
00:04:51,840 –> 00:04:57,360
they’re saying is 6.9 million of their users were exposed to some point they
00:04:57,360 –> 00:05:04,160
see roughly about 14,000 accounts were compromised so I mean it’s a big deal
00:05:04,160 –> 00:05:10,240
over there I’m very skeptical about this the fact that I’m 23 and me is trying to
00:05:10,240 –> 00:05:18,080
say oh it’s not our fault it’s your fault and all that kind of stuff they’re
00:05:18,080 –> 00:05:22,400
gonna hit this is gonna be a big class-action lawsuit you know it’s going
00:05:22,400 –> 00:05:25,200
to be like I said they’ve already gotten hit with 30 lawsuits already and I just
00:05:25,200 –> 00:05:30,400
don’t like the way they’re handling this saying that well that if this setting
00:05:30,400 –> 00:05:33,520
wasn’t if you turn the setting off you your account wouldn’t have been breached
00:05:33,520 –> 00:05:36,480
so it’s your fault for not turning this thing off I just I don’t particularly
00:05:36,480 –> 00:05:39,600
care the way they’re handling this they’re not taking any responsibility
00:05:39,600 –> 00:05:43,240
and that is a rather concerning speaking of lawsuits if you remember in 2020 the
00:05:43,240 –> 00:05:52,040
Google had Google got a lawsuit against them for claiming that the incognito
00:05:52,040 –> 00:05:56,520
mode apparently they’re still tracking you in incognito mode they apparently
00:05:56,520 –> 00:06:00,760
settled that with five billion I don’t know exactly how it’s gonna be dished
00:06:00,760 –> 00:06:04,440
out yet they haven’t talked about it yet but I’m sure there will be a lot anybody
00:06:04,440 –> 00:06:08,240
I guess it’s using cognitos give me a title to a few bucks so we will have to
00:06:08,240 –> 00:06:12,200
kind of to see what happens with that and keep an eye on that going forward
00:06:12,200 –> 00:06:18,120
and then also to that big class-action lawsuit was settled with that company
00:06:18,120 –> 00:06:22,360
home advisor apparently they were selling people saying hey you know you
00:06:22,360 –> 00:06:25,880
can get great leads from our company and apparently they were selling garbage
00:06:25,880 –> 00:06:29,600
leads to people and people were I mean losing money because you’re getting all
00:06:29,600 –> 00:06:33,480
these leads and and all that and you’re collecting tons of leads and stuff like
00:06:33,480 –> 00:06:37,120
that and the most you you pay per lead but get a lot of leads were garbage so
00:06:37,120 –> 00:06:43,280
apparently there was a big class action lawsuit with that and apparently
00:06:43,280 –> 00:06:47,560
everybody’s going to be entitled to so much money I mean it won’t be you’re not
00:06:47,560 –> 00:06:50,920
gonna get back everything you lost but I’m sure they’re they dished out at
00:06:50,920 –> 00:06:54,000
checks I know some people I saw on the internet got you know 30 40 50 dollars
00:06:54,000 –> 00:06:58,000
it really depends on how much you lost with those particular that class-action
00:06:58,000 –> 00:07:03,360
lawsuit but that was another lawsuit like I said it’s a lot of lawsuits are
00:07:03,360 –> 00:07:05,760
getting settled here early in this first part of them you know the month so but
00:07:05,760 –> 00:07:10,680
like I said I wanted to bring that up as well there there’s been so many of these
00:07:10,680 –> 00:07:14,480
lawsuits and it’s gonna keep going on but yeah 20 like it’s 23 in May home
00:07:14,480 –> 00:07:19,080
advisor Google all these lawsuits got settled this week so we’re moving moving
00:07:19,080 –> 00:07:24,880
forward so last pass the the largest I think password management company in the
00:07:24,880 –> 00:07:29,460
world I think anyway announced on their blog that they’re going to be making
00:07:29,460 –> 00:07:33,360
some serious changes to their system as you guys know they got hit a few times
00:07:33,360 –> 00:07:38,760
with a bunch of cyber attacks things of that nature last pass I actually have
00:07:38,760 –> 00:07:43,960
lost confidence in them there’s been too many attacks all and stuff over the last
00:07:43,960 –> 00:07:49,200
couple years I think it’s not all their fault as a company gets bigger and
00:07:49,200 –> 00:07:53,760
bigger it’s hard to sometimes to keep the security locked down well I mean it
00:07:53,760 –> 00:07:57,140
is their fault but it’s harder for them to lock it down and their their system
00:07:57,140 –> 00:08:01,400
is closed source so they don’t have people can’t review their code and some
00:08:01,400 –> 00:08:05,000
of that so but they are now trying to tighten things up a little bit on their
00:08:05,000 –> 00:08:10,520
blog they said they’re gonna be there asking customers to update their master
00:08:10,520 –> 00:08:15,080
password to make it longer and more secure they are going to be enforcing
00:08:15,080 –> 00:08:18,880
and enrolling multi-factor authentication and all these changes
00:08:18,880 –> 00:08:23,840
are going to be rolling out as they are trying to go ahead and make their
00:08:23,840 –> 00:08:29,600
systems more secure they should have been doing I know you know there’s
00:08:29,600 –> 00:08:34,000
always been a fine line in security between usability and secure you know
00:08:34,000 –> 00:08:40,640
secure ability in a sense of you don’t want to make something too secure that
00:08:40,640 –> 00:08:44,120
it’s so complicated that people don’t want to use it especially if you’re a
00:08:44,120 –> 00:08:47,140
for-profit business but you also don’t want to make it income you know too
00:08:47,140 –> 00:08:51,600
simple and insecure because then you’re not really doing your customers a
00:08:51,600 –> 00:08:55,000
service so that’s a very tough line to walk and specifically in the password
00:08:55,000 –> 00:09:00,800
management business it’s extremely difficult just because of the way things
00:09:00,800 –> 00:09:05,880
are you know it generally in this world people tend to take convenience over
00:09:05,880 –> 00:09:11,280
security and that’s perfectly normal but when you’re running a password
00:09:11,280 –> 00:09:15,520
management that has access to everything for people to get you have to be really
00:09:15,520 –> 00:09:20,480
secure and I think they’ve really dropped the ball on it I personally
00:09:20,480 –> 00:09:25,680
recommend that everybody use bitwarden that’s what I use they walk much fine
00:09:25,680 –> 00:09:32,040
they walk it’s much I like the way they run their company much more all their
00:09:32,040 –> 00:09:36,320
code is open source so hackers and things like that can look and see hey
00:09:36,320 –> 00:09:40,560
there’s a bug or report to them and they can patch it I like the fact that they
00:09:40,560 –> 00:09:44,840
have third-party audits done regularly that are public knowledge so they can
00:09:44,840 –> 00:09:50,280
have accountability so what they do is they have we have the security audits
00:09:50,280 –> 00:09:54,720
done once they fix the problems and all that they post the security audits up to
00:09:54,720 –> 00:09:58,960
their customers to show hey we had an audit done we found problems we fixed it
00:09:58,960 –> 00:10:03,440
so it keeps us honest the worst kind what really what last pass did that
00:10:03,440 –> 00:10:07,840
really upset me about them was they had an issue they knew they had an issue
00:10:07,840 –> 00:10:13,200
they kept it very hush-hush and then when they finally did have a breach
00:10:13,200 –> 00:10:17,160
because the issue they never patched they they didn’t react to it well they
00:10:17,160 –> 00:10:22,480
didn’t hate they they didn’t hand in quick didn’t react to it quick enough
00:10:22,480 –> 00:10:27,080
their response times were terrible with it you know the whole thing with them is
00:10:27,080 –> 00:10:32,000
just I just don’t particularly care for the way they’ve handled it and I do like
00:10:32,000 –> 00:10:36,640
the way last pass I’m sorry excuse me I do like the way bitwarden has handled
00:10:36,640 –> 00:10:41,440
any issues they’ve had quickly they’ve open sourced everything like they should
00:10:41,440 –> 00:10:45,600
for a company like that they have done everything the way I would have done it
00:10:45,600 –> 00:10:50,200
and the way I think is responsible to do it when you’re looking at you have
00:10:50,200 –> 00:10:54,200
people’s whole lives in their database and I know you’re saying what whole lives
00:10:54,200 –> 00:10:58,200
well yeah because most people use these passwords man for their bank accounts
00:10:58,200 –> 00:11:01,320
for all that kind of stuff very sensitive data that really needs to be
00:11:01,320 –> 00:11:07,240
overly secure you know it’s one of those things when you are when you’re storing
00:11:07,240 –> 00:11:11,840
people’s passwords to their personal information it needs to be tight and
00:11:11,840 –> 00:11:17,320
fortunately last pass I think they’ve just I think at the beginning they were
00:11:17,320 –> 00:11:21,160
ahead of their time with password managing and I think they just grew too
00:11:21,160 –> 00:11:25,060
fast grew too big and just you know they’re they they just got bigger than
00:11:25,060 –> 00:11:29,720
what they could handle they didn’t patch the code right they didn’t handle
00:11:29,720 –> 00:11:33,040
security audits and everything properly and sometimes that happens bitwarden is
00:11:33,040 –> 00:11:38,160
a lot smaller company they’re open source so that they can put the stuff
00:11:38,160 –> 00:11:42,200
out there if you want you know their their attitude is well here’s the code
00:11:42,200 –> 00:11:44,640
you know take a look let me know what you think if you want to run your own
00:11:44,640 –> 00:11:47,520
password managers you can here’s our code to do it so you’re safe and secure
00:11:47,520 –> 00:11:51,920
with it you run your own or you can buy our service I mean I think everything
00:11:51,920 –> 00:11:56,400
the way bitwarden has done it is is appropriate and compared to last pass
00:11:56,400 –> 00:12:01,920
they really stepped up their game so I am very very much pro bitwarden it’s the
00:12:01,920 –> 00:12:09,080
one I recommend they are not a sponsor of this podcast I want to point that out
00:12:09,080 –> 00:12:12,800
I’m recommending them because I personally use them I personally had
00:12:12,800 –> 00:12:16,680
good experiences with them also – they have iOS support they have Android
00:12:16,680 –> 00:12:22,280
support so if you’re using it on your desktop and you say hey I would like to
00:12:22,280 –> 00:12:26,000
use this on my phone as well you can use it on your phone as well and they have
00:12:26,000 –> 00:12:30,880
browser extensions it’s really really well done they have they’re actually
00:12:30,880 –> 00:12:35,160
adding passkey now which is a very important thing it’s in beta it should
00:12:35,160 –> 00:12:39,120
be out where instead of just using a password use a long key they support
00:12:39,120 –> 00:12:43,520
biometric so if you’re on a Mac or on your phone it can use face ID you can
00:12:43,520 –> 00:12:46,880
use ID your thumb ID your fingerprint ID like I said everything about them is
00:12:46,880 –> 00:12:53,360
being done properly for a password manager and that’s why I am very very
00:12:53,360 –> 00:12:57,560
pro bitwarden they are not a sponsor if they would like to I would be more than
00:12:57,560 –> 00:13:01,440
having to take them on as a sponsor but like I said the way they are handling
00:13:01,440 –> 00:13:05,080
the password manager I am very very for I actually have had companies in the
00:13:05,080 –> 00:13:09,320
past that wolf said to me you know we’re not comfortable hosting on bitwarden
00:13:09,320 –> 00:13:13,000
we’d like to host we like bit wouldn’t like to host it ourselves on our own
00:13:13,000 –> 00:13:16,400
server so we don’t have a big bill because they got a lot of users because
00:13:16,400 –> 00:13:19,000
you pay by the user with their their hosting count so you can actually take
00:13:19,000 –> 00:13:23,680
bit wardens code and host your own server and I am and it’s really cool like
00:13:23,680 –> 00:13:28,520
I said I I really like it because like I said if you’re a big company and say hey
00:13:28,520 –> 00:13:32,200
you know we don’t want to spend you know two three thousand a month on on you
00:13:32,200 –> 00:13:36,440
know password but we want something secure and safe you can actually use bit
00:13:36,440 –> 00:13:40,640
what it actually has the software and everything built out for you all you
00:13:40,640 –> 00:13:44,360
have to do is load it on your own server and you can manage it yourself so I
00:13:44,360 –> 00:13:47,600
really like the way they do this kind of twice that they’re really as a password
00:13:47,600 –> 00:13:51,240
manager they are right where you’d want to be and that’s why I really think if
00:13:51,240 –> 00:13:55,240
you are going to use a password manager I strongly recommend using bitwarden
00:13:55,240 –> 00:13:59,600
because they do they’ve got they are on the right track they handle incident
00:13:59,600 –> 00:14:03,920
response properly I’ve looked into the way they secure stuff with encrypt stuff
00:14:03,920 –> 00:14:08,320
like I said everything is being done right like I said I think last passage
00:14:08,320 –> 00:14:13,720
become too big of a company and they are putting their profit over people and
00:14:13,720 –> 00:14:17,800
insecurity you cannot do that you have to put security over profit one of the
00:14:17,800 –> 00:14:23,200
other companies that I used to recommend that I don’t anymore is to to know to
00:14:23,200 –> 00:14:27,140
to know to them and proton proton mail I used to be really pro both of these
00:14:27,140 –> 00:14:34,880
companies they run they’re running encrypting email services so in other
00:14:34,880 –> 00:14:38,540
words if you wanted to you could send an email to somebody with that was
00:14:38,540 –> 00:14:42,260
encrypted and so they can only open if they had the password or if they had the
00:14:42,260 –> 00:14:45,800
PGP key or anything like that but apparently recently there was a recent
00:14:45,800 –> 00:14:50,920
document that somebody sent me back from late news late November to donota is
00:14:50,920 –> 00:14:58,740
actually they were there they were supposed to be always okay crit you
00:14:58,740 –> 00:15:03,940
know encrypting email keeping your email safe and stuff that and apparently when
00:15:03,940 –> 00:15:07,720
you send an encrypt email it still is encrypted in their systems but because
00:15:07,720 –> 00:15:14,080
of a law that came out in Germany now there is a case right now they’re being
00:15:14,080 –> 00:15:19,580
required to be able to allow law enforcement to monitor mailboxes and
00:15:19,580 –> 00:15:25,880
this is kind of concerning to me because one of the things they are saying this
00:15:25,880 –> 00:15:29,680
is the way they responded to us I asked them a question about it they shouldn’t
00:15:29,680 –> 00:15:33,480
change anything for other users their emails should continue to be encrypted
00:15:33,480 –> 00:15:38,300
by default nevertheless to de nova sees a one-time bypass of encryption as a
00:15:38,300 –> 00:15:43,160
security risk to all customers now that’s what they said however he goes
00:15:43,160 –> 00:15:48,600
nothing I want to say as we emphasize surveillance measure only affects newly
00:15:48,600 –> 00:15:55,180
received unencrypted emails so in other words if somebody sent you an email from
00:15:55,180 –> 00:16:00,360
say Gmail or wherever you’re coming from those emails are not encrypted so if
00:16:00,360 –> 00:16:06,360
they sent if they sent you an email like say from your Gmail account they would
00:16:06,360 –> 00:16:10,140
capture it and read it or allow the law enforcement people to read it the
00:16:10,140 –> 00:16:14,900
company cannot decrypt data that is already encrypted so any of your emails
00:16:14,900 –> 00:16:19,120
that are there are safe also to they’ve added this if you send any encrypted or
00:16:19,120 –> 00:16:26,240
end-to-end encrypted emails through to to through to to note out those messages
00:16:26,240 –> 00:16:30,800
will still be encrypted so that’s a bit concerning so basically if I send you an
00:16:30,800 –> 00:16:37,280
email from to to know that’s encrypted they can’t read it but if you would just
00:16:37,280 –> 00:16:41,400
you know log into your Gmail your outlook or your Yahoo AOL whatever you’re using
00:16:41,400 –> 00:16:45,800
and send me a message to my to know account they could read it so kind of I
00:16:45,800 –> 00:16:51,660
mixed feelings about this now because they’re there I used to recommend them
00:16:51,660 –> 00:16:56,440
to people because they’re in sending encrypted safe email you still can send
00:16:56,440 –> 00:16:59,440
encrypted emails but before this all email sent to you was encrypted they
00:16:59,440 –> 00:17:03,720
did not keep logs they did not keep anything like that now they’re kind of
00:17:03,720 –> 00:17:07,560
changing their tune saying that you know if an email is sent unencrypted we can
00:17:07,560 –> 00:17:11,280
you know we can catch it so I am a little upset about that that is not the
00:17:11,280 –> 00:17:17,000
service they sold that is not the service that they used to have them as
00:17:17,000 –> 00:17:22,880
well as ProtonMail bunchies encrypted email services now are starting to do
00:17:22,880 –> 00:17:29,400
this and it’s rather concerning like you sold the fact that you know if I
00:17:29,400 –> 00:17:35,400
somebody sent me an email it would be received and encrypted no matter what
00:17:35,400 –> 00:17:39,760
now so only the emails I send from your company are encrypted so any emails I
00:17:39,760 –> 00:17:44,920
get back or not I mean it’s it’s just basically saying like oh if you you know
00:17:44,920 –> 00:17:48,920
it’s if you use our service you’re safe but if you’re gonna use receive email
00:17:48,920 –> 00:17:52,140
from companies outside it’s different and that that’s a big problem to me
00:17:52,140 –> 00:17:55,840
because if you’re running a bit you know it’s one thing to say email other
00:17:55,840 –> 00:18:00,280
friends that are using Tutanota but the problem is if they offer business level
00:18:00,280 –> 00:18:05,640
encrypt this is actually what’s on there say business level encryption all your
00:18:05,640 –> 00:18:11,640
emails encrypted and secure yes all your emails are encrypted and secure but if
00:18:11,640 –> 00:18:16,200
you’re running a business all these other companies are going to be sending
00:18:16,200 –> 00:18:19,040
you emails not all those emails are going to be encrypted so that’s actually
00:18:19,040 –> 00:18:23,280
kind of a lie because it means that any email that you get somebody if a
00:18:23,280 –> 00:18:28,480
business logs on to their Google Google workspace account or somebody logs on
00:18:28,480 –> 00:18:33,640
to their office 365 and shoot you an email to your Tutanota account first of
00:18:33,640 –> 00:18:37,280
all they don’t know you’re on Tutanota because they’re just sending it to your
00:18:37,280 –> 00:18:39,280
domain but like and then all of a sudden that email now is can be read because it
00:18:39,280 –> 00:18:44,120
was sent unencrypted it’s just not it’s not that’s not what they sold and the
00:18:44,120 –> 00:18:48,800
fact that they made a tool that can hang out there and catch these email so in
00:18:48,800 –> 00:18:51,760
other words the catch they’re catching the emails before they go to the
00:18:51,760 –> 00:18:55,000
encryption so that’s that’s a breach of security and I am not for that now
00:18:55,000 –> 00:19:00,880
they’re even posting on their website now they’re keeping count amount of
00:19:00,880 –> 00:19:05,640
reports that they’re asking law enforcement is asking for and stuff like
00:19:05,640 –> 00:19:08,320
that and apparently they’ve had 121 requests for data requests for real-time
00:19:08,320 –> 00:19:16,000
traffic they they’re listing on and that’s great that they’re listing at all
00:19:16,000 –> 00:19:19,560
but that doesn’t it doesn’t really fix the problem it just you know make you
00:19:19,560 –> 00:19:27,680
can make you more concerned you see how many how many people are asking for it
00:19:27,680 –> 00:19:30,640
how many people they’re complying with so for those of you that do work in the
00:19:30,640 –> 00:19:34,800
enterprise the there’s two big security vulnerabilities that came out this past
00:19:34,800 –> 00:19:42,480
it was just Friday Thursday or Friday came out apparently Juniper Networks
00:19:42,480 –> 00:19:47,360
apparently their firewalls has a critical remote code execution
00:19:47,360 –> 00:19:53,040
vulnerability which they are have flaw apparently it’s well it’s substantial
00:19:53,040 –> 00:20:00,200
flaw in the census it goes way way back to all even older versions so they have
00:20:00,200 –> 00:20:04,760
released a patch for that and then also to Avanti or Pulse Secure had a zero day
00:20:04,760 –> 00:20:14,640
vulnerability that they released a patch for it’s not really a patch more of a
00:20:14,640 –> 00:20:19,840
fix for right now so they can patch it but so that is another one that there’s
00:20:19,840 –> 00:20:25,080
been two big ones that came out last week and like I said luckily enough they
00:20:25,080 –> 00:20:31,000
have mitigation take not so much patches but mitigation techniques that you can
00:20:31,000 –> 00:20:35,940
go ahead and look that up as well anybody who got hit with the black
00:20:35,940 –> 00:20:43,940
basta in Bubba torrent illa ransomware if you were lucky enough that you
00:20:43,940 –> 00:20:53,080
haven’t saved the hard drive or just got hit with it recently Cisco has
00:20:53,080 –> 00:21:00,400
announced as well as a vast that they have a decryption tool that you can run
00:21:00,400 –> 00:21:08,080
and it will actually decrypt the data that those guys have put on your stuff
00:21:08,080 –> 00:21:15,480
that’s what ransomware is they encrypt your data so you can get to it but these
00:21:15,480 –> 00:21:19,560
guys actually have a tool now both of them the vast has one and now Cisco has
00:21:19,560 –> 00:21:25,160
one as well and you can actually run this and it will decrypt your data so
00:21:25,160 –> 00:21:28,800
you can get it back like I said it was always glad to see when they get these
00:21:28,800 –> 00:21:33,480
tools they don’t always happen but it was really nice to see somebody finally
00:21:33,480 –> 00:21:37,760
have a tool that can get your data back in those situations those of you by the
00:21:37,760 –> 00:21:45,000
way don’t forget to run your Microsoft Windows update because it’s past Tuesday
00:21:45,000 –> 00:21:49,400
was Microsoft’s patch Tuesday they patched 48 vulnerabilities on computers
00:21:49,400 –> 00:21:55,760
I know they have some of the vulnerabilities they patched did break
00:21:55,760 –> 00:22:01,080
things for some something IBM broke something with them and I think Adobe as
00:22:01,080 –> 00:22:05,520
well so love updates coming out for those things but yes they have had over
00:22:05,520 –> 00:22:10,960
48 patches came out this past week so that’s a pretty heavy patch Tuesday for
00:22:10,960 –> 00:22:16,800
Microsoft but I think I said at least they at least they got that done also to
00:22:16,800 –> 00:22:22,680
Adobe had some vulnerabilities with cold fusion that came out D link has some
00:22:22,680 –> 00:22:28,200
issues a couple of them that were released that have csv’s from the CIA
00:22:28,200 –> 00:22:33,840
say the cybersecurity infrastructure security agency so that was in the news
00:22:33,840 –> 00:22:39,720
this week as well coders if you use JIT lab don’t forget they also had a
00:22:39,720 –> 00:22:46,240
vulnerability this week you have to patch against so quite a bit of patching
00:22:46,240 –> 00:22:52,000
going on this week I mean it always does a second week second Tuesday of every
00:22:52,000 –> 00:22:56,040
month is always patched Tuesday from Microsoft and most companies go ahead
00:22:56,040 –> 00:22:59,800
and follow suit with that sort of stuff also – I do want to bring up as well we
00:22:59,800 –> 00:23:08,680
have a big piece on our website about signal really did a real deep dive into
00:23:08,680 –> 00:23:15,480
signal on our website because I felt it was important I know a lot of people
00:23:15,480 –> 00:23:20,200
especially recently friends of mine are looking for more secure messengers not
00:23:20,200 –> 00:23:26,720
just for personal use but for their businesses and signal is is about as I
00:23:26,720 –> 00:23:33,640
mean about as secure as you can get as far as a messaging platform meant that
00:23:33,640 –> 00:23:38,760
it was created by the guys who invented whatsapp and when whatsapp got bought by
00:23:38,760 –> 00:23:43,680
Facebook apparently Facebook said they weren’t going to compromise the
00:23:43,680 –> 00:23:47,960
integrity of it but apparently they have they do collect metadata and stuff like
00:23:47,960 –> 00:23:51,640
that on whatsapp even though it’s supposed to be a secure messenger again
00:23:51,640 –> 00:23:55,480
profit over people and so now these guys went out a bunch of years ago and
00:23:55,480 –> 00:24:00,680
started signal and it really is quite a you know it’s it’s a 501 nonprofit was
00:24:00,680 –> 00:24:07,960
founded in 2018 and unlike all the other messengers out there they actually do
00:24:07,960 –> 00:24:15,120
encrypt and and nobody can read it but you and the guy person that’s receiving
00:24:15,120 –> 00:24:18,440
it that’s not by the way Facebook messenger Snapchat Skype Google chat
00:24:18,440 –> 00:24:23,840
text messages they are not and and encrypted the only ones that are end to
00:24:23,840 –> 00:24:27,760
end encrypted right now are whatsapp allegedly signal definitely and I
00:24:27,760 –> 00:24:34,660
message definitely so those are two important things to remember if you’re
00:24:34,660 –> 00:24:40,540
going to send somebody a message you need to be safe and secure I guess it I
00:24:40,540 –> 00:24:45,080
message or the signal I recommend either or either or if it’s fine and whatsapp
00:24:45,080 –> 00:24:51,600
is supposed to be secure and I’m not exactly sure how much I trusted there’s
00:24:51,600 –> 00:24:55,360
a lot coming out about Facebook collecting metadata collecting phone
00:24:55,360 –> 00:24:59,920
number linking that to people’s Facebook accounts so they can figure out who’s
00:24:59,920 –> 00:25:03,640
sending these encrypted messages and all that so I would be I’m hesitant I like
00:25:03,640 –> 00:25:08,920
whatsapp I do use whatsapp but if I’m gonna send something safely and securely
00:25:08,920 –> 00:25:12,280
I usually use I message or signal yet the one thing that stinks about I
00:25:12,280 –> 00:25:17,060
message is the person has to be on an iPhone or you know you can’t you can’t
00:25:17,060 –> 00:25:23,740
get it I mean that’s the only thing I mean I wish I wish Apple would open up I
00:25:23,740 –> 00:25:29,260
message to to Android just because I think it would be I mean RCS eventually
00:25:29,260 –> 00:25:35,820
might fix this but it would make end to end encryption much safer and much
00:25:35,820 –> 00:25:41,580
better I think anyway but I mean Apple’s never gonna do that they’re a
00:25:41,580 –> 00:25:47,140
for-profit company they’re they’re not gonna give I message out to just anybody
00:25:47,140 –> 00:25:51,820
because they they want people to be locked into their platform with the blue
00:25:51,820 –> 00:25:55,100
bubbles and all that so they’re not going to they’ve already talked about it
00:25:55,100 –> 00:25:58,800
many a time saying that well if we put I message on Android it might make it so
00:25:58,800 –> 00:26:02,700
easy for people to get off of Apple so they’re not going to do that I wish they
00:26:02,700 –> 00:26:06,940
would though because it would just be so much better because I message it the way
00:26:06,940 –> 00:26:11,460
the way they store stuff the way they message I go it’s just so much safer
00:26:11,460 –> 00:26:15,180
than than Android I mean RCS is going to make it better but it’s not going to
00:26:15,180 –> 00:26:20,580
make it it’s gonna make it a little bit more secure but not as much as it
00:26:20,580 –> 00:26:25,060
because SMS messages are unbelievably insecure but like I said specifically I
00:26:25,060 –> 00:26:30,160
wish they would but so what I do is if I know the person has an Android I tell
00:26:30,160 –> 00:26:35,260
them I want to use signal talk to them because signal is cross-platform it even
00:26:35,260 –> 00:26:38,760
works on the desktop and all that kind of stuff it works on your desktop it
00:26:38,760 –> 00:26:42,480
works on Mac or Windows or it’s pretty much like since it’s since it’s just an
00:26:42,480 –> 00:26:46,940
app it’s it’s cross-platform which is very nice but the one thing I am
00:26:46,940 –> 00:26:51,940
concerned about signal though is they have made it public on their blog this
00:26:51,940 –> 00:26:55,820
is they are a nonprofit you know they are they do burn through a lot of money
00:26:55,820 –> 00:27:00,220
so they are looking for donations so I actually donate a few bucks a year to
00:27:00,220 –> 00:27:05,700
them because I do use signal I know it’s not much but if you all donated a few
00:27:05,700 –> 00:27:08,780
dollars to them you know it would help them out they are a nonprofit they are
00:27:08,780 –> 00:27:12,460
really my whole issue is I well I do like signal and I think they are a great
00:27:12,460 –> 00:27:19,340
platform I don’t know if enough of their users care enough about security that
00:27:19,340 –> 00:27:25,900
they’re willing to pay for it that’s the issue with security sometimes is you
00:27:25,900 –> 00:27:30,700
know somebody may use signal and say oh this is a wonderful great platform it’s
00:27:30,700 –> 00:27:34,340
very secure they do everything to you know authenticate they do everything
00:27:34,340 –> 00:27:39,260
right but the problem is the majority of people that use it probably don’t care
00:27:39,260 –> 00:27:46,140
enough about it to pay for it I know specifically a lot of journalists use
00:27:46,140 –> 00:27:50,820
signals so they can talk to their sources securely I know a lot of
00:27:50,820 –> 00:27:56,020
countries are using it right now especially in well actually some
00:27:56,020 –> 00:28:00,560
countries actually signal is gonna pull out of because they can’t get like I
00:28:00,560 –> 00:28:05,580
think it’s England wants them to make it eat you know want them to decrypt the
00:28:05,580 –> 00:28:10,280
messages so they can read them and signals like no that’s not what we do
00:28:10,280 –> 00:28:14,180
we’re not decrypting our messages we’re pulling out of England like so but I
00:28:14,180 –> 00:28:18,740
know over like Ukraine and places like that they have been using signal to
00:28:18,740 –> 00:28:22,420
communicate securely between whatever they’re doing over there with all that
00:28:22,420 –> 00:28:26,700
stuff so I do know a lot of people links in America thought of journalists use it
00:28:26,700 –> 00:28:30,900
I do know a bunch of people use it for communicating with their company if
00:28:30,900 –> 00:28:37,220
they’re sending around trade secrets stuff like that but I know but like I
00:28:37,220 –> 00:28:40,380
said my whole issue is is signal saying well we need you know we need to raise
00:28:40,380 –> 00:28:44,140
money we’re gonna keep this going we’re a nonprofit and my whole issue with that
00:28:44,140 –> 00:28:49,740
is well you know I don’t know if enough people using it care about it enough to
00:28:49,740 –> 00:28:56,460
pay for it I mean I pay five bucks you know I’m which is nothing when you’re
00:28:56,460 –> 00:29:01,100
looking at I think they said their runway cost runway cost is how much it
00:29:01,100 –> 00:29:04,500
cost to run the company nonprofit I think they’re saying it will cost like
00:29:04,500 –> 00:29:08,020
12 to 15 million a year that’s that’s a lot of money to run a nonprofit but
00:29:08,020 –> 00:29:12,220
again they’ve got server costs they’ve got server hosting things of that nature
00:29:12,220 –> 00:29:16,460
so you know that’s kind of part of it and also to authenticating the phone
00:29:16,460 –> 00:29:21,700
numbers and things like that so there’s there’s a lot going on there and it’s
00:29:21,700 –> 00:29:24,900
not cheap to make a secure service and since they are open source and since
00:29:24,900 –> 00:29:30,340
they are you know nonprofit you know it’s a little more complicated again
00:29:30,340 –> 00:29:34,660
they’re not a for-profit company they’re putting security over people so that’s
00:29:34,660 –> 00:29:38,180
why I’m very much pro you know giving them money because they are actually
00:29:38,180 –> 00:29:42,980
creating a wonderful service and putting the security over profitability but
00:29:42,980 –> 00:29:46,660
unfortunately they rely on donations like I said I don’t know if there’s
00:29:46,660 –> 00:29:51,140
enough people that care about that service or care enough about what’s
00:29:51,140 –> 00:29:55,300
going on behind the scenes to be able to you know keep going I would imagine
00:29:55,300 –> 00:30:00,900
probably the founders they did very well selling to Facebook what’s app and
00:30:00,900 –> 00:30:04,620
imagine that they may actually put more money in to keep it going but there’s no
00:30:04,620 –> 00:30:08,340
guarantee with that I hope signal doesn’t go out of business because they
00:30:08,340 –> 00:30:10,900
have been done a lot of good work recently and help protect a lot of
00:30:10,900 –> 00:30:15,260
people and I just I don’t think they’re gonna be able to come up with enough
00:30:15,260 –> 00:30:19,540
money and keep going the same thing goes for Firefox you know Mozilla Firefox is
00:30:19,540 –> 00:30:27,180
like the alternative to Chrome they’re the alternative to a lot of other
00:30:27,180 –> 00:30:32,860
browsers and you know Mozilla is another one putting security over everything
00:30:32,860 –> 00:30:38,820
else they are a nonprofit organization but the problem is is again when you’re
00:30:38,820 –> 00:30:44,500
making a browser that’s pro security you know pro putting people first in your a
00:30:44,500 –> 00:30:49,840
nonprofit you have to rely on people donating and I don’t know if enough
00:30:49,840 –> 00:30:53,860
people I mean Mozilla has a big user base but again I think people just
00:30:53,860 –> 00:30:58,340
download it and use it and I don’t think enough people care about the security or
00:30:58,340 –> 00:31:02,500
what Mozilla is trying to do here to be able to to get enough donations to pay
00:31:02,500 –> 00:31:08,980
for their you know tens of millions of dollars a year and cost of running so
00:31:08,980 –> 00:31:13,580
you know it’s a it’s a very weird situation we’re in right now when it
00:31:13,580 –> 00:31:18,820
comes to you know security in the sense of you know these companies are trying
00:31:18,820 –> 00:31:23,780
to be nonprofit so they can put their put users first but it’s also tough when
00:31:23,780 –> 00:31:28,220
you’re trying to you know gain you know trying to earn money you know it’s it’s
00:31:28,220 –> 00:31:33,020
a different it’s a different situation I know specifically places like I think I
00:31:33,020 –> 00:31:39,140
know I know Firefox has run into some really tough issues and even signal as
00:31:39,140 –> 00:31:43,260
well and in places like China Egypt Cuba Iran places like that where they’ve
00:31:43,260 –> 00:31:49,900
actually banned Firefox and banned stuff like signal because of they don’t like
00:31:49,900 –> 00:31:54,060
the end-to-end encryption stuff and all that and again you know it’s I mean it’s
00:31:54,060 –> 00:31:59,220
a fortune for those people that yeah they can’t use a service because their
00:31:59,220 –> 00:32:02,660
country is against it especially in places like China and stuff where they
00:32:02,660 –> 00:32:07,460
are companies are must provide you know a way for them to read data and so that
00:32:07,460 –> 00:32:13,420
that’s that’s kind of the whole controversy behind tick-tock is you know
00:32:13,420 –> 00:32:18,220
the people are using tick-tock and toasted over there and and since it is a
00:32:18,220 –> 00:32:22,620
Chinese company you know they do have you know the the right in China to look
00:32:22,620 –> 00:32:29,620
through data and stuff like that of their people but since that is since
00:32:29,620 –> 00:32:34,500
Americans and other countries are using him that’s kind of where the security
00:32:34,500 –> 00:32:38,780
issue comes in is if it’s somebody who’s an American citizen do they have the
00:32:38,780 –> 00:32:42,940
right to look through it and it says it is hosted over in China do they have or
00:32:42,940 –> 00:32:50,100
you know are they looking through you know Americans data and so that so that
00:32:50,100 –> 00:32:54,380
that’s kind of why they did the ban on tick-tock because you’re dealing with a
00:32:54,380 –> 00:32:58,300
country that is is allowed to you know spy on their people but we don’t allow
00:32:58,300 –> 00:33:04,300
that in America well the problem is you have politicians and stuff like that
00:33:04,300 –> 00:33:07,660
that have tick tock on their phone and they’re in all these private discussions
00:33:07,660 –> 00:33:11,100
and stuff like that so that’s kind of where the controversy kind of came in
00:33:11,100 –> 00:33:15,660
with tick-tock and like I said you also have other companies as well other
00:33:15,660 –> 00:33:20,740
countries as well that like like I said like Egypt and Cuba and places like that
00:33:20,740 –> 00:33:26,340
where you know they don’t they’re allowed to spy on their people too and
00:33:26,340 –> 00:33:30,300
then when it’s an Americans data that’s where the kind of the controversy comes
00:33:30,300 –> 00:33:33,420
in so like I said there is that I feel that security and encryption is a human
00:33:33,420 –> 00:33:39,840
right but a lot of other countries don’t feel that same way so that’s like I said
00:33:39,840 –> 00:33:45,780
that’s part of the problem also – one of the others I wanted to bring up as well
00:33:45,780 –> 00:33:50,300
with tuna tuna Noda and proton mail one of the other issues I have with this
00:33:50,300 –> 00:33:56,760
whole situation with them capturing encrypted email and and the reason I do
00:33:56,760 –> 00:34:00,780
have a big issue with this is because a lot of places news outlets will say well
00:34:00,780 –> 00:34:06,900
hey use you know email us at this website and it’ll be an attitude to know
00:34:06,900 –> 00:34:10,740
the address or at a proton mail address that if you’re a whistleblower and
00:34:10,740 –> 00:34:15,720
you’re going to email them from an email address that’s not a to denote account
00:34:15,720 –> 00:34:20,280
we’re not a proton mail account um you’re you’re exposing your information
00:34:20,280 –> 00:34:24,580
out there if you’re trying to silently whistle blow something you’re not going
00:34:24,580 –> 00:34:30,440
to be able to you know it’s there they’re catching non encrypted emails so
00:34:30,440 –> 00:34:36,060
kind of ruins the whole point of being a whistleblower and the privacy you know
00:34:36,060 –> 00:34:41,420
these companies think oh hey we’re using you know tuna Nova or proton mail so that
00:34:41,420 –> 00:34:46,220
we’re getting these things securely you’re not actually and that that’s kind
00:34:46,220 –> 00:34:51,660
of what the concern is is you have a source that is coming to you thinking
00:34:51,660 –> 00:34:58,500
they’re sending it to you securely via an encrypted email message but it’s not
00:34:58,500 –> 00:35:01,900
it’s actually getting caught because it’s unencrypted what you with the best
00:35:01,900 –> 00:35:06,620
way to do would be to go ahead and create a to denote account or a proton
00:35:06,620 –> 00:35:09,900
mail account and send it to that address from so sweet stain because if it stays
00:35:09,900 –> 00:35:14,540
to denote a to to denote our pro time at a proton mail it’s encrypted so that
00:35:14,540 –> 00:35:18,340
would be the only way you’d be able to protect yourself but the problem is a
00:35:18,340 –> 00:35:20,980
lot of people most people don’t know that and that’s kind of the the dangerous
00:35:20,980 –> 00:35:26,800
and the scary part of the whole situation they do have open source
00:35:26,800 –> 00:35:32,900
software out there stuff like global leaks which is a open source software
00:35:32,900 –> 00:35:39,160
completely free for a company to put in place and what it actually does is it
00:35:39,160 –> 00:35:43,260
actually allows your source to submit data to a news organization securely
00:35:43,260 –> 00:35:49,980
anonymously and safely I’ve actually looked into this I’m actually gonna
00:35:49,980 –> 00:35:53,700
write something up for the web plate eventually about this I haven’t gotten
00:35:53,700 –> 00:35:57,040
to it yet but I will and I’ve actually really done an in-depth look into their
00:35:57,040 –> 00:36:01,120
systems and what it does is it actually sends you actually upload completely
00:36:01,120 –> 00:36:05,880
anonymously they don’t save any logs on the server or anything like that and
00:36:05,880 –> 00:36:09,440
then what it does you upload the actual data to the server and encrypts it only
00:36:09,440 –> 00:36:15,580
the person on the other end that’s in charge of looking at you know that data
00:36:15,580 –> 00:36:20,480
can actually open it and view it nobody else and even the server admin can look
00:36:20,480 –> 00:36:25,400
at that data because it’s encrypted it’s only available to the person that’s in
00:36:25,400 –> 00:36:29,580
charge of that server as far as the person that’s in charge of reading it
00:36:29,580 –> 00:36:34,080
whether it’s legal or a report or whatever like that it’s much more
00:36:34,080 –> 00:36:37,160
secure way of doing it like I said it’s called global leaks I’ll put a link in
00:36:37,160 –> 00:36:42,000
the description below they’re not a sponsor it’s completely free it’s open
00:36:42,000 –> 00:36:44,900
source and like I said it actually is a much more secure way for your contact or
00:36:44,900 –> 00:36:51,380
your whatever whistleblowers whatever to send data to a reporter or to news
00:36:51,380 –> 00:36:57,740
organization and they’re completely it’s completely anonymous there’s no logs or
00:36:57,740 –> 00:37:02,340
no nothing and this way they can get it up to you securely without risking their
00:37:02,340 –> 00:37:06,680
lives or their jobs or whatever they’re trying to leak out to you just sending
00:37:06,680 –> 00:37:11,900
an email through to to Nova proton mail is not a secure thing anymore unless you
00:37:11,900 –> 00:37:18,020
do it through you know through proton mail or through to to note I and most
00:37:18,020 –> 00:37:22,580
people don’t know to do that so it’s actually quite a not as a secure way of
00:37:22,580 –> 00:37:26,460
doing it sending it via email but like I said global leaks is a it’s a completely
00:37:26,460 –> 00:37:32,420
open source piece of software any company anybody can use it you could set up be
00:37:32,420 –> 00:37:36,740
set up the server takes me 20 minutes to set up and then like I said somebody can
00:37:36,740 –> 00:37:40,900
go right to the site whatever upload stuff and then the person that’s marked
00:37:40,900 –> 00:37:46,700
as the receiver or the reviewer can go ahead and review it and see if what
00:37:46,700 –> 00:37:50,460
they’re gonna do with it but like I said the even the server admin cannot see it
00:37:50,460 –> 00:37:54,380
it’s all encrypted all the database stuff is all encrypted all the passwords
00:37:54,380 –> 00:37:57,460
or everything is the software was done so well and with the thought of
00:37:57,460 –> 00:38:01,300
protecting sources it’s a really great I wish more people would use it
00:38:01,300 –> 00:38:05,320
unfortunately it’s one of those things where it was created I don’t know how
00:38:05,320 –> 00:38:09,020
many people are actually using it but I wish more people would because it is
00:38:09,020 –> 00:38:12,700
such a great piece of software and again that is global leaks if you don’t know
00:38:12,700 –> 00:38:17,380
how to install it reach out to us we can always help you out with that this isn’t
00:38:17,380 –> 00:38:20,660
an ad but it is something that most news organizations really should know about
00:38:20,660 –> 00:38:25,140
and like I said they’re what it amazes me to is like I said it is open source
00:38:25,140 –> 00:38:30,340
it is completely free and I like I said I wish more more organizations would
00:38:30,340 –> 00:38:35,180
would use it I think it will be eventually it’s just gonna take time to
00:38:35,180 –> 00:38:38,780
get people on board with it so and that is like I said global leaks I will put a
00:38:38,780 –> 00:38:43,260
link in the show notes as well so folks I’m gonna wrap it up on our first
00:38:43,260 –> 00:38:47,780
episode like I said if you you can listen to all of our old shows which we
00:38:47,780 –> 00:38:51,460
don’t have yet this would be the first one like I said at the panty security
00:38:51,460 –> 00:38:55,460
calm also to check out all of our services and everything we offer at our
00:38:55,460 –> 00:39:00,220
site like I said lapani security calm and I want to thank you for listening
00:39:00,220 –> 00:39:05,220
and we will talk to you on the next episode thank you very much
00:39:05,220 –> 00:39:12,660