Published June 18, 2023, 2:20 p.m. by Courtney
Welcome to the Surveillance Report - featuring techlore & The New Oil to keep you updated on the newest security & privacy news. This report recaps some new pegasus updates, the much-talked about Windscribe VPN incident, some interesting new research, and more.
techlore Support Methods (Including Monero): https://techlore.tech/support.html
The New Oil Support Methods (Including Monero): https://thenewoil.xyz/links.html
SR49 Sources: https://github.com/techlore/channel-content/blob/master/Surveillance%20Report%20Sources/SR49.md
🕵 Go Incognito Course - to learn about privacy: https://techlore.tech/goincognito
🏫 techlore Coaching - to get direct support: https://techlore.tech/coaching
💻 techlore Forum - to connect with other advocates: https://discuss.techlore.tech
🦣 Mastodon - to stay updated: https://social.lol/@techlore
We cannot provide our content without our Patrons, huge thanks to:
Afonso, Boori, BRIGHTSIDE, Casper, Clark, Cyclops, Eldarix, JohnnyO, Jon, kevin, Larry, love your content, NotSure, Poaclu, x
🧡 Join them on Patreon: https://www.patreon.com/techlore
💖 Our Other Support Methods: https://techlore.tech/support
You may also like to read about:
hello everyone and welcome to our second
week back for
surveillance report 49 where we are
dedicated to keeping you private and
secure and
up to date with the latest news in the
world
this report is going to recap some of
the most notable events in the last week
including some new pegasus updates which
we already started talking about last
week
um the very much uh hyped up windscribe
vpn incident which we will talk about
some new interesting research and a lot
more i'm henry from techlore
i am nathan from the new oil and today
you know what like
i feel like we don't give the monero
community enough love both nathan
on on the new oil and we at teclor
accept monero and we very much accept
donations and we enjoy that kind of
stuff so if you're
someone who likes monero and you want to
spare us some donations to keep this
show going for free that would be
awesome um just wanted to let you guys
know like we we like monero
monero's monero's life monero is love i
think i did that backwards i think it's
love life
live laugh love not even where i was
going but we'll take it we'll go ahead
and start with the data breaches let's
get into it so our first data breach
comes from estonia a cyber criminal has
downloaded close to 300 000 personal id
photos i mean that's pretty much all
there is to this story an estonian cyber
criminal stole 286
438 government id photos so you know
like driver's licenses and stuff like
that
along with names and id codes a suspect
has been arrested and at this time
there's really no
motive seems like he just did it because
he could if we learn anything else we'll
keep you updated
the 2020 olympics in tokyo have been hit
by a data breach
and information was leaked online this
came from fujitsu
and information included login details
and passwords of ticket holders which
in and of itself is not necessarily a
problem i mean you know it's a problem
but it's not like a huge thing
however those accounts can now be logged
into to obtain other sensitive
information like names addresses and
bank account numbers
the number of affected records was not
disclosed but it was described as quote
not substantial
university of california san diego
health has disclosed a data breach after
a phishing attack
this affected patients employees and
students between december 2nd 2020 and
april 8
2021. they haven't really commented too
much so we don't know for sure but
potential information that could have
been disclosed
includes full name dates of birth email
address fax number insurance information
lab results health information
social security numbers government id
numbers student id numbers payment or
financial information
and username and password ucsd is one of
the nation's best hospitals and has a
capacity of 808 beds we're talking like
a
four or five month period probably a
pretty significant number of people
caught up in this
we're gonna go to canada where calgary's
parking authority has exposed drivers
personal
data and tickets calgary has a lot of
pay for parking in their town
and the parking authority charges
directly for about 14 of those paid
spots it's not like a third party thing
unfortunately they were storing payment
information on an unencrypted server no
password no nothing just log on and
browse it and
the data that you could have accessed
includes full names dates of birth phone
numbers
email and postal address information
about any parking tickets or offenses
in which case would also be included
license plates and vehicle data and
in some cases location data as well as
partial card numbers and expiration
dates so
lots of information they don't know if
this information has been accessed yet
or you know what it was used for but as
always you should assume that if it was
open
somebody probably found it an unknown
number of british columbians personal
information has been found for sale
after homewood health was extorted
homewood health is a mental health
services provider and they were quote
unquote hacked earlier this year that's
all they said they didn't say if it was
like ransomware or what
once again they did not comment on the
number of records
or the information itself actually but
it appears to impact both employees and
patients and the attack
actually trickled down to other agencies
that work with homewood health like
bc housing translink and the provincial
health services authority
northern ireland's covid certification
service was suspended after a data leak
northern ireland's department of health
they had an online portal where you
could apply for a digital certification
proving that you've been vaccinated it's
not really a breach because this is
again kind of like the unsecured server
thing from calgary we don't really know
if anyone took advantage of this but
basically there was a glitch
where certain users were able to view
the information of other users
in theory a malicious actor could have
found that and decided to take advantage
of it the article doesn't really give a
lot of details but it said that the
systems were temporarily taken offline
so the problem could be fixed our last
article from data breaches
isn't really a data breach but it's just
something worth knowing it says
enterprise data breach costs reach
record high during the pandemic
basically the average cost of a data
breach is now 4.24 million dollars
according to ibm
which is up 10 from 2020 so this stuff
is just getting more and more expensive
the amount of time to detect and contain
a data breach is also
up to 287 days on average and even
using solutions like ai and machine
learning and encryption companies still
only saved about 1.5 million dollars so
personal opinion i think most companies
are willing to take the gamble until
regulations start finding them and
making them hurt and then they'll start
paying attention now we're going to move
on
to companies and we're going to kick
right off with the windscribe
incident so windscribe is a vpn provider
the headline is vpn servers seized by
ukrainian authorities weren't encrypted
i'm going to start off by saying the
headlines a little bit misleading
winscribe had two servers in ukraine
that were confiscated by authorities in
regards to an investigation
the servers were running openvpn but
they used outdated settings
from 2018 which was tied to a
vulnerability that could decrypt the
data
this wasn't actually like oh these are
just unencrypted servers for anyone to
just go access when scribe did address
this
very quickly within a couple weeks it
was discovered they have now patched the
issue
but the authorities were able to seize
and decrypt the data this was a big
oversight by them
it was a vulnerability it was disclosed
three years ago and they haven't updated
so it's the kind of thing that they
should be defending against they
published a blog post covering like what
they did and what they hope to do to
address this issue in the future couple
things here
one this is why like we always say even
if you use vpns you should always be
careful with them it doesn't mean
they're terrible tools and you should
never use vpns
it just means that there are very valid
concerns and you should understand that
when you're using a vpn provider
two this didn't just impact winscribe
the winscribe ceo
actually dumped some server certificates
from other vpn providers
nordvpn could have been hit by this
expressvpn
tour guard and perfect privacy the one
provider that was specifically mentioned
by the windscrap ceo for doing things
properly was ivpn
so this story i think overall is very
much blown out of proportion at least
people misunderstood what it meant and
like the actual error that was done
it's good in my opinion that when skype
seemed to respond really well to this
they didn't try to like throw this under
the rug and they said hey like we
as always you're placing a lot of trust
in a vpn provider up next we're gonna go
over to google news google they have
that google flock technology that we've
been talking about
for a while now luckily it's been very
unpopular it's essentially a privacy
sandbox that's trying to replace cookies
so that google essentially has more
first party control of what to do with
people's data
they have updated the schedule for this
privacy sandbox flock technology
for phasing out cookies the new timeline
split the bundle technologies
into five phases which they hope to
integrate into chrome by 2023.
the next google news is just quick it's
almost a research article but it's just
a new android malware that records
smartphones via vnc to steal their
passwords
it's just a new malware called vulture
it's also a banking trojan
but it can record your smartphone via
remote visual desktop software it also
requires you to fall for it
so beware of phishing scams and also be
aware of shady apps and try to get your
apps from trusted sources
okay this week we just have one apple
story apple has fixed a zero day
affecting iphones and macs exploited in
the wild it was known as cve 2021
30807 it was a memory corruption issue
on the
i o mobile frame buffer kernel extension
i don't know what that means but i'm
sure some of you out there do
it was reported by an anonymous
researcher and patches have been
released
for those of you who are wondering this
does not involve pegasus in any way
shape or form we'll talk about that a
little more in a minute
minute even still it fixes a zero day so
you should definitely take advantage of
that and update if you are an apple user
up next we're gonna go over to instagram
who's released a new
feature nathan wrote in the notes here
we still think instagram is trash and
you shouldn't use it but this is a good
example of privacy by default
because instagram is now defaulting
users under 16 into private accounts so
that their information by default won't
be visible to the world
we need to see more things like this in
our opinion instagram is still privacy
invasive themselves we know this
and there's still security issues and
it's still facebook we know we're not
saying it's a good service he should be
using we
we applaud some good moves that were
made disclaimer is unclear downloaded
instagram now we're gonna move on to the
app
citizen which is pretty controversial
citizen is now hiring
new yorkers at 25 an hour to live stream
crimes
the weird thing about this is this seems
to have been going on for quite a while
this hiring people
and they're doing it really in secret
like in the name of shell corporations
they're framing it in the context of
like filming it for journalism purposes
the whole thing is just really shady and
and being kept on the down low and
they're kind of distancing themselves
from it
this next story is a quick update to a
story we've covered some time ago
i believe it was last year there was
this couple in natick massachusetts
who ran their own little independent
newsletter
they may have said some critical things
about ebay maybe they didn't but for
whatever reason
some of the supervisors at ebay took
this newsletter really personally and
started cyber stalking this couple
at one point they sent him the pig mask
from the saw franchise and another time
they sent a book that was like
how to deal with the loss of a loved one
basically kind of implying like we're
gonna kill you
this is one of the supervisors i guess
the rest are still pending has been
sentenced to 18 months in prison
one year of home detention concurrent
with three years of supervised release
ebay is of course distancing themselves
from this and saying this was not
officially sanctioned behavior they were
rogue employees
stuff like that is why i really
encourage people to use po boxes and
fake names and stuff
because you never know who's just gonna
take something the wrong way and go off
the deep end
our last company story is just a real
quick update the
ransomware gang doppelpaymer has
rebranded as
grief in the future expect us to hear us
talking about them and know that they
used to be doppelpammer
next let's move into research so our
first research story a
researcher just out of sheer boredom did
a google search for php
mysql email register and found
a whole ton of tutorials and code
snippets the issue is he found that a
lot of these tutorials and examples
had vulnerabilities to sql injection
attacks basically meaning they shouldn't
be shared they were
inherently unsafe the moral of the story
here just be aware of copying pasting
things without understanding what you're
doing i run my own next cloud server i
use linux it is
fairly common for me to have to look up
you know okay what is what does this
code mean how do i do this
make sure you're not just copy paste
make sure you're actually understanding
what is the code i'm putting in doing
what is the command
doing and what does the error mean
because otherwise you run the risk of
copying and pasting
something malicious like that or
something unintentionally vulnerable up
next
there was a new report published by
blackberry's research and intelligence
team
that pretty much says that malware
developers are turning to more exotic
programming languages to help
in their quest of thwarting the
researchers they're essentially using
these less popular and unusual coding
languages
and that's making it harder for them to
detect the languages and what they're
doing
the main languages that seem to be used
are go like golang d delaying nim and
rust
which are the most commonly done to try
to evade detection by the security
community
up next this one's pretty cool there's
something called the fg01
which is the first tool that is aimed to
defeat gate recognition now for those
who don't know gate recognition would go
under like biometric surveillance where
you can identify someone by the way they
walk their gate so someone has released
a 3d printable shoe extension that can
change your step length and foot tilt
angle
when this is used in conjunction with
baggy clothes they claim that this
should help you defeat most gait
recognition systems in a healthier way
than like a rock in your shoe the author
notes that they have not had a chance to
actually test this against a real-world
known gate recognition system so it's
not necessarily like a recommended
solution yet but
it seems to in theory work then last but
not least we have a
another slightly misleading headline the
title says you really shouldn't roll
your own crypto an empirical study of
vulnerabilities in cryptographic
libraries
basically researchers examined eight
existing open source cryptographic
libraries which were open ssl
gnu tls mozilla nss wolf ssl botan
lib gcrypt libra ssl and boring ssl it's
a pretty short article it's only 15
pages
feel free to go read it the main
takeaway for me basically they found
that the more
bloated a code was like the more code
there was the more complex it was
the more vulnerabilities they found
which is probably not surprising i think
the reason they chose that headline you
really shouldn't roll your own crypto
was just kind of to say this stuff is
really hard
and even stuff that has been around for
a long time is not necessarily perfect
and so by going it alone you really run
the risk of making it worse or making
really big mistakes
let's move into politics we'll start
with an update on
pegasus first off somebody in the cyber
security subreddit has shared what they
claim is a document dump regarding
pegasus like manuals and memos and stuff
that kind of better explains how it
works and what it does they also claim
to have an android variant of pegasus if
any of you are code savvy
and want to run it or examine it in a
controlled environment like a virtualbox
it should be noted do so at your own
risk this is a random stranger on reddit
if you like getting your information
straight from the source
this could potentially be a good source
run it at your own risk
meanwhile israel has opened an official
investigation into the nso group on
wednesday
unidentified israeli government groups
visited the offices nso is cooperating
at this point in time
based on other journalistic reports in
the recent past like the past week or so
the groups involved are believed to be
the foreign ministry the justice
ministry
military intelligence and mossad we will
let you know
what they say when they say something
our next update is about the kessia
ransomware we talked about how
our evil had disappeared and also
darkseid who was responsible for like
the colonial pipeline and the jbs
ransomware attack both of those kind of
disappeared and they seemed to have
resurfaced as
black matter and heron researchers are
saying they're showing a lot of the same
behavior
same code same tactics so they're
probably rebrands kind of like earlier
we talked about uh grief and
doppelpayment it's just one of those
things worth having on your radar
our next story is going to be about
unemployment benefits
you may have to submit to facial
recognition first
colorado the state of colorado now
requires facial recognition verification
from a service called
id dot me to claim unemployment benefits
so that's pretty much the main story
we're starting to see this increase in
rise in privacy invasive tech in the
world
where even getting things like
unemployment are going to require
handing over facial recognition first
um unemployment agencies in 25 states
with two more underway have already
teamed up with id dot me
the next one i thought was pretty fun
i'll tell you why at the end fresno in
california wants to watch you as you
park
at the park fresno city council has
anonymously approved the use of
automated license plate readers at two
of the city's largest parks
which i believe is woodward park and
roading
at this time it seems like a fairly
decent system so when a car enters the
park they have 30 minutes to pay via a
kiosk or mobile app or
leave and if they don't the system will
summon a nearby officer
the database is cleared daily and not
open to police keywords
at this time so we'll see if that opens
up why this is funny is i was at
woodward park last weekend
our next story i thought that this was
like somehow an exaggerated or
misleading headline but
nope so the headline says police are
telling shot spotter to alter evidence
from gunshot detecting ai police around
the country are using an audio
surveillance technology called shot
spotter
which is basically a whole bunch of
microphones that are designed to detect
and know
any gunshots that they pick up and to
note the timing location there's also
human analysts who work there so if shot
spotter hears something and
it's not totally sure if it was a
gunshot or not then a human can listen
to it and say like oh no that was a
firework or like yes that was a gunshot
or whatever
long story short the police have an
unarguable
proven record of asking shotspotter
basically like hey can you take another
look at this are you sure that that
wasn't a gunshot
are you sure that that wasn't at this
time in this place and basically they're
altering evidence to fit
their stories they're basically planning
evidence this is one of the reasons that
we don't like this ai stuff it's only as
good as the information that's put into
it
especially when it can be altered after
the fact i don't know what could have
been done to prevent this other than
just not using it all together which is
fine with me our next story is a piece
of good news
president biden here in the u.s has
issued a national security memorandum
ordering a baseline performance goal to
be set for critical infrastructure
operators so in other words
cisa and nist now have to get together
and develop minimum cyber security
standards for
high-level companies to follow
personally i think this is a really good
thing bruce schneier in one of his books
makes the argument
that when the government sets this kind
of baseline manufacturers will start
producing that for the public sector too
because now that's a marketing thing
they can stick that on the box and be
like
we meet cisa standards we me nist stand
it's kind of like how you see everybody
saying
military-grade encryption which assuming
that they're actually meeting that
standard if one company starts doing it
everybody else has to do it to keep up
which makes everybody
safer by default there was an older
story where the u.s postal service was
secretly monitoring american social
media accounts
to look for any indication of an
upcoming crime which is super creepy by
the way and it's just one more reason to
avoid social media you should join detox
day august 2nd check out our earliest
videos cool yeah
do all that there's an update to that
now the efs electronic frontier
foundation they have now sued the us
postal service
claiming that it violates the first
amendment rights to protest and free
speech we'll see what happens
on a similar note relating to the eff if
you live in america this week the us
congress will be voting on
among other things section 702 of the
foreign intelligence surveillance act
known as fisa this is a major way that
the us government is allowed to access
emails and other communications quote to
aid in national security investigations
basically this is what authorizes the
nsa to just collect everything
indiscriminately and then for the police
to go in after the fact and be like well
since you have these communications
we'll go ahead and look through them
this year four representatives have put
forward an amendment that would severely
limit the legality of mass surveillance
if you are an american voter you may
want to call your politicians
and voice your opinion about that up
next 48 advocacy groups have called on
the ftc
to ban amazon surveillance these 48
civil rights and advocacy groups are
organized by
athena which asks the ftc to exercise
rulemaking authority by banning this
technology
banning continuous corporate
surveillance of public spaces and
protecting the public from data abuse
it's important to note they aren't just
necessarily targeting amazon
specifically
they're kind of a textbook example of
what the problem is which is things like
the ring the alexa and sidewalk
which all together pretty much see
everything going on 24 7.
we'll see if anything happens with this
our next story is going to go to brazil
this is just a real quick one
brazil has created a cyber attack
response network i think we covered
something similar in new york a couple
weeks ago
gonna quote the article brazil has
created a cyber attack response network
aimed at promoting faster response to
cyber threats and vulnerabilities
through coordination between federal
government bodies we're starting to see
more and more countries create these
organizations and these agencies to take
the digital world more seriously and
start responding faster next
headline is space the final frontier of
europe's migrant surveillance
quotes a new industry is offering border
agencies around the world access to
advanced space-based surveillance
capabilities once reserved for the most
advanced intelligence agencies
they're using satellites able to track
signals from satellite phones and other
emitters
these companies are then selling access
to the data obtained to anyone willing
to pay
including uk and eu border agencies
space is kind of a creepy new era
of like tracking capabilities that we
already kind of know of but it looks
like it's just leaking more into the
real world and it's becoming more
accessible our next couple of stories
come from australia so the first one
covetsafe uploaded 1.65 million
handshakes and was only used by new
south wales and victoria
the coveted safe app identified 2 827
potential close contacts from 37
668 encounters in new south wales
victoria here's the interesting part to
me
only 17 cases were identified separately
to manual contact tracing efforts not to
be political but
in my opinion this is a lot like
surveillance in general where we see
that
it's it doesn't really do much that we
haven't already been doing other ways
maybe that was because of bad
implementation or maybe just the wrong
technology it seems to me like we've
covered a lot more data breaches
than the 17 cases that this app found
this is why we're like so hesitant of
these
apps it's starting to seem like the
research is saying that the efficacy
isn't really there again maybe that's
because not everybody's using it i don't
know maybe we're part of the problem our
next story from australia is
also about covid and contact racing i
don't know how to pronounce that quantus
contest is working with the
international air transport association
to make covet 19 safe travel happen once
the australia's borders are reopened
we've talked about this we're starting
to see more and more places
are wanting you to publicly disclose
your vaccination status which kind of
like we talked about earlier with
ireland and their data breach
this may result in some sort of
centralized database that you have to
access
it's something to be aware of and we'll
see how it unfolds our final
political news taiwan probes reports of
officials messaging accounts being
hacked
line is a messaging app in east asia
which is kind of like whatsapp except
it's not even
end to encrypted they've been in trouble
for the past for employee snooping as
well in messages which is not fun
more than 100 accounts belonging to
officials displayed quote abnormal
activities
and authorities are now investigating
this the moral of the story is
use safe messengers that are ideally
open source and have end-to-end
encryption
we're not going to move over to our foss
section free and open source our first
story relates to brave with help from
google an impersonatedbrave.com phishing
site
has now pushed malware some attackers
created brave within
accentede.com as a spoof of brave.com
they purchased and ran google ads to
steer traffic to this website
so the moral here check the website try
to use the official source whenever
possible
avoid ads so i guess this is another
perk of ad blockers you would have
avoided this situation there's not much
to do
once you're on the site unless you're
actively checking the url and trying to
catch that it's more about prevention
here
before you download a program maybe i
would double check a url i've never
thought about that before
but maybe it'd be good to recommend
every time you download something
you should just check the url real quick
normally i'll do it when i'm logging
into a sensitive account but maybe i
should start also adding that for when i
download things
now we're gonna talk about firefox
firefox vpn is now available in seven
more countries austria belgium france
germany italy spain and switzerland
and they have added split tunneling
which is an amazing feature
additionally they have now changed their
pricing to offer
annual semi-annual and monthly
subscriptions at five dollars eight
dollars and ten dollars a month
respectively it will stay
five dollars a month for customers who
already signed up
just so you guys know it mozilla vpn is
just molved vpn with their own little
mozilla branded stuff generally speaking
we just recommend all that and now that
molvet is monthly
at half the cost pretty much you should
just go with molvet up next we're gonna
move over to signal the messenger
they have fixed the bug that sent random
images to the wrong contact this was a
very serious bug
but it was very hard for them to catch
someone reported this issue and they
were trying really hard to reproduce it
and they just couldn't reproduce it and
they finally were able to figure out
what happened this month
and they finally got it patched moral
story don't keep anything sensitive on
your phone it's kind of an unrealistic
moral just be cautious when you're
sending images and always double check
the thing that sucked about it is if you
look at the article and the screenshots
you wouldn't know that it sent
additional pictures
it looks like it just pulled random
photos from the user's camera roll
you're right sometimes that's not
feasible but if you can
try not to keep i've got memes and stuff
on my phone that would certainly be
weird if i sent my co-worker like a
random
meme that didn't make sense in context
but it's not like they're gonna get a
naked picture
or something and that's what i mean when
i say like sensitive with that bug you
wouldn't have even known if it sent that
they would just be like uh why'd you
send me this also if you're an android
user go ahead and patch that
i think my moral of the story here is
just be so weird
that it doesn't even seem like out of
the ordinary if you send like a random
friend a nude or something
just start doing that now and then when
something like this happens it's like oh
that's just them being done just ignore
it our next story is about the matrix
chat
element they have raised 30 million
dollars to boost matrix i'm gonna quote
the article here element the startup
founded by the team who created matrix
just raised 30 million dollars of series
b
funding in order to further accelerate
matrix development and improve element
the flagship matrix app the round is led
by protocol labs and metaplanet the fund
established by jan
talon co-founder of skype and kazaa
personally i'm not exactly reassured by
those names but we'll see what they do
so far in my opinion they haven't given
us a reason to distrust them so
give them the benefit of the doubt with
the funding they have said that they
plan to complete peer-to-peer matrix
implementations they plan to implement a
native decentralized end-to-end
voice-over ip or video conferencing and
build a
quote relative decentralized reputation
system in order to combat abuse
unquote this one is kind of unfortunate
so there's a
app called barinsta which is a facebook
front end kind of like tedit
or knitter knitter is the twitter front
end just like ted it for
reddit these are all just like front
ends for you to visit these sites
without having to access the site but
barrista was
served a cease and desist order from
facebook which is very sad
are they complying with the cease and
desist order as far as i know yeah
they've gone ahead and stopped
development and basically shut down
that's terrible i know facebook yep our
last
fosstory software downloaded 30 000
times from
i'm not even going to try to pronounce
that p-y-p-l-p-i
pi pi sure ransack developer's machine
so basically from what i can tell
reading this article
this is another example of an open
source publicly available repo
that somebody co-opted and planted
malicious code which was then downloaded
by anybody who
accessed that repo you know who
downloaded the code from it this is just
our periodic reminder
open source is always preferable but it
does not automatically mean that it's
perfect it does not automatically mean
that it's safer you still have to use
your best judgment and caution when
accessing open source
anything we are now gonna move over into
the misfits to finish out the news this
week
the first one an italian tv announcer
at the olympics did not realize he was
on air when he asked the password for
his computer he then proceeded to claim
that the password
booth.03 was too difficult to type
and said it should have been something
like mickey mouse goofy or pluto he then
complains they didn't need the dot
because they're not quote
nasa there's a bit to break down here
one i don't ever say passwords out loud
to people
if someone asks me for a password or
something i'll text it to them through
signal or something like that
i normally have disappearing messages on
signal so i don't mind too much for
unimportant things
for me his attitude towards it is the
most interesting thing he's like that's
so complicated we're not nasa
like why does it matter so i think
that's kind of the most interesting
thing for me people don't really see the
importance of just basic security for
their computers
that's a hard issue to deal with because
that's very ingrained in our society our
next story
a teenager on an airplane sent a photo
of a replica gun via airdrop to everyone
who had their settings configured to
receive unsolicited photo from strangers
this caused a three-hour delay as the
plane still at the gate was evacuated
and searched the teen was not allowed to
report whatever camp you fall in whether
this was overreaction or whether this
was
some teen making a bad joke the moral
here for the rest of us is
turn off the features that you aren't
using on your devices like bluetooth
and just try and secure your devices in
my opinion these people are lucky that
he didn't try to drop in some kind of
malware or something that would have
been like
actually visually disturbing like gore
pictures or porn turn off things you're
not using
our final story of the week this is good
for parents out there who are listening
to this future ai toys could be smarter
than parents but a lot less protective
i actually want to start off by reading
what some of these are because i was
just going through this and it's like oh
i've never seen this before
there's a roi by robot which creates
personalized lessons to teach kids
educational subjects like science
languages and math
it has a camera and microphone to detect
facial and emotional reactions from kids
and all the information is collected and
controlled through a parent or
guardian's account
i do believe that's one of the good
examples but even then that's an example
of how these toys are looking nowadays
between 2014 2017 a toy company called
genesis toys sold
my friend kayla which was an interactive
doll that could listen to
and respond to kids but it was recording
its conversations with kids as well as
conversations with parents
siblings and anyone else around the doll
they also said that they were able to
share this data with third-party
companies there's a lot of stories you
can check them out in the sources as
always
this is basically just a warning to
parents and would-be parents
that smart toys are coming you do need
to be concerned about the data policies
and
you're literally trusting your kids with
these toys well that was
all the news for the week it was a
pretty fun week we covered a lot of
big stories and some of them are still
ongoing we will see if
fresno does in fact add the license
plate trackers to their parks that
should be fun but that's it so again our
promo spot this week is for the monero
community and we do support monero both
nathan and i do
we want to thank you for listening to
the surveillance support we're happy to
know that you're keeping up to date with
the newest news
and of course the final thing we always
ask you is to share the podcast around
because the more people who are educated
on this stuff and hear about it
the more effective we're all going to be
against all these issues thanks again
for listening
thank you nate and see everyone next
week
2CUTURL
Created in 2013, 2CUTURL has been on the forefront of entertainment and breaking news. Our editorial staff delivers high quality articles, video, documentary and live along with multi-platform content.
© 2CUTURL. All Rights Reserved.