• EP 232.5 Deep Dive - See for Miles and Miles with The IT Privacy and Security Weekly Update for the Week Ending March 4th., 2025

  • 2025/03/06
  • 再生時間: 19 分
  • ポッドキャスト

EP 232.5 Deep Dive - See for Miles and Miles with The IT Privacy and Security Weekly Update for the Week Ending March 4th., 2025

無料で聴く

ポッドキャストの詳細を見る

  • サマリー

  • How did Microsoft's Copilot expose private GitHub repositories, and what are the risks?

    Copilot accessed over 20,000 private GitHub repositories due to cached data from when they were public. Even after repos were made private, Copilot could still generate responses using this cached data, risking exposure of sensitive information like credentials and corporate secrets.


    What is the "nRootTag" exploit in Apple's Find My network?

    The "nRootTag" exploit allows attackers to track Bluetooth devices like AirTags without owners knowing. While AirTags use cryptographic keys to change Bluetooth addresses, attackers can rapidly compute these keys using GPUs, achieving a 90% tracking success rate.


    Why is the UK demanding an iCloud backdoor, and how has Apple responded?

    The UK wants access to encrypted iCloud data for law enforcement, but Apple opposes it, withdrawing its Advanced Data Protection from the UK. The US has also criticized the demand as a privacy and legal overreach.


    Why is Signal withdrawing from Sweden?

    Signal is leaving Sweden over proposed laws requiring backdoor access to encrypted chats. The company refuses to weaken encryption, emphasizing its commitment to user privacy.


    Why has the US reportedly halted offensive cyber operations against Russia?

    The US Cyber Command, under Defense Secretary orders, has paused cyber attacks on Russia, possibly for diplomatic reasons. Supporters see it as de-escalation; critics worry it weakens deterrence against Russian cyber threats.


    Why has Australia banned Kaspersky Lab products?

    Australia banned Kaspersky from government systems, citing espionage and foreign interference risks. The move signals concerns over antivirus software’s deep system access and the company's Russian ties.


    How was a Cellebrite exploit used to hack a Serbian student's phone?

    A Cellebrite zero-day targeting Android's Linux kernel USB drivers allowed attackers with physical access to bypass the lock screen. This raises concerns over surveillance tools being misused against activists.


    What changes did Mozilla make to Firefox Terms of Use, and why was there backlash?

    Mozilla initially claimed broad rights over user-submitted content, sparking fears of data monetization. After criticism, they revised the terms, clarifying user ownership and denying AI data harvesting.
    続きを読む 一部表示

あらすじ・解説

How did Microsoft's Copilot expose private GitHub repositories, and what are the risks?

Copilot accessed over 20,000 private GitHub repositories due to cached data from when they were public. Even after repos were made private, Copilot could still generate responses using this cached data, risking exposure of sensitive information like credentials and corporate secrets.


What is the "nRootTag" exploit in Apple's Find My network?

The "nRootTag" exploit allows attackers to track Bluetooth devices like AirTags without owners knowing. While AirTags use cryptographic keys to change Bluetooth addresses, attackers can rapidly compute these keys using GPUs, achieving a 90% tracking success rate.


Why is the UK demanding an iCloud backdoor, and how has Apple responded?

The UK wants access to encrypted iCloud data for law enforcement, but Apple opposes it, withdrawing its Advanced Data Protection from the UK. The US has also criticized the demand as a privacy and legal overreach.


Why is Signal withdrawing from Sweden?

Signal is leaving Sweden over proposed laws requiring backdoor access to encrypted chats. The company refuses to weaken encryption, emphasizing its commitment to user privacy.


Why has the US reportedly halted offensive cyber operations against Russia?

The US Cyber Command, under Defense Secretary orders, has paused cyber attacks on Russia, possibly for diplomatic reasons. Supporters see it as de-escalation; critics worry it weakens deterrence against Russian cyber threats.


Why has Australia banned Kaspersky Lab products?

Australia banned Kaspersky from government systems, citing espionage and foreign interference risks. The move signals concerns over antivirus software’s deep system access and the company's Russian ties.


How was a Cellebrite exploit used to hack a Serbian student's phone?

A Cellebrite zero-day targeting Android's Linux kernel USB drivers allowed attackers with physical access to bypass the lock screen. This raises concerns over surveillance tools being misused against activists.


What changes did Mozilla make to Firefox Terms of Use, and why was there backlash?

Mozilla initially claimed broad rights over user-submitted content, sparking fears of data monetization. After criticism, they revised the terms, clarifying user ownership and denying AI data harvesting.
続きを読む 一部表示

EP 232.5 Deep Dive - See for Miles and Miles with The IT Privacy and Security Weekly Update for the Week Ending March 4th., 2025に寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。