For the latest Kaspersky Transatlantic Cable podcast, Dave and I dive into some of the biggest security stories that may have passed your radar this week. To kick off episode 107, we head to Kazakhstan. A while back, the government asked its citizens to install a certificate so they could monitor all traffic. Now Google, Apple and Mozilla have blocked that tracking in their browsers.
We then head over to the twisting saga of Valve, their bug bounty program and a researcher dropping two zero days. This is an interesting tale and one that seems to encompass some of the issues with current bug bounty programs and what is a bug that is needs to be fixed. After that, we head to the all-too-messy tale of a T-Mobile customer who had her location data given over to a bounty-hunter. This person, in turn harassed her in a serious manner. If you read one story this week, this one is the one to read.
The next story looks at how Xbox contractors had been listening into some customers’ voice commands — joining the mile-long list of other services caught doing the same thing. We end out the podcast with a pair of PSA’s from Facebook. One is a new data deletion feature, or should we say disconnection feature. The other is simply a Please STOP! for those posting copyright texts to Facebook and Instagram — they do nothing.
If you enjoy the podcast, consider subscribing and sharing with your friends who need more regular updates on security. For the full text of the stories, please visit the links below:
- Apple, Google, and Mozilla just made it harder for Kazakhstan to spy
- Researcher discloses second steam zero-day after Valve bug bounty ban
- Valve gets heavily criticized for mishandling a crucial bug report.
- T-Mobile ‘put my life in danger’ says woman stalked with black market location data
- Microsoft contractors listen to Xbox users in their homes
- Now you can see and control the data that apps and websites share with Facebook
- Don’t post this on Facebook or Instagram