Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view.Read More

 

Tech Friday with Dave Hatter - February 4th 2022 - SPONSORED BY INTRUST IT


Teslas hacked:

  • Nineteen-year-old security specialist David Colombo reported that he gained control of over 25 Teslas in 13 countries
  • Colombo found the a vulnerability in TeslaMate, a third-party app used to analyze Tesla data
  • Third-party apps extend the capabilities of a vehicle and create additional revenue through app-related fees
  • Colombo indicated he could locate each car, disable security, open doors and windows even while driving, play music at full volume, and more
  • Fortunately, he could not control steering, braking or acceleration
  • Colombo said the vulnerability was due to errors by the owners, not a security flaw in Tesla’s software
  • Tesla’s security team is reportedly looking in to it
  • Hacking cars is not new, Wired reported on a hacked Jeep Grand Cherokee years ago
  • This appears to be the first time a vehicle has been hacked through a third-party app
  • "[Automakers] need to think about self-defending cars before self-driving cars," Srinivas Kumar, a vice president at DigiCert
  • "If a car can't defend itself from an attack, do you trust it to be self-driving?" - Kumar
  • Read Colombo's post about it here: https://medium.com/@david_colombo/how-i-got-access-to-25-teslas-around-the-world-by-accident-and-curiosity-8b9ef040a028

"Smart clothing" and privacy:

  • Experts have predicted there will be more than 76 billion Internet of Things (IoT) devices, aka "smart" devices by 2025
  • Experts estimate that we each generate 1.7MB of data every second
  • Gartner recently forecast global spending on wearable devices would exceed $81.5 billion
  • Every day items are increasingly becoming "smart" including your clothes which could impact wearable sales
  • Clothes are now being made with IoT sensors and come in many shapes and sizes
  • "Smart" garments can unlock revealing insights about your health
  • All this data creates a revealing digital footprint
  • There are many questions: Who owns this data? Who has access to it? How it is protected? Is it being sold to third-parties?
  • Security export Mikko Hyppönen likened IoT to asbestos and coined the Hyppönen law, which states when an appliance is described as being "smart", it's vulnerable
  • I'll pass on "smart" clothing

How to Read Your iOS 15 App Privacy Report:

  • Apple launched the App Tracking Transparency Framework (ATT) last year to the chagrin of Facebook and Google
  • ATT requires that app developers must clearly explain their privacy policy and data collection practices in the Apple Store
  • Users can opt-out of data collection and still install and use an app
  • Apple's new App Privacy Report provides insight into how often apps access data and sensors
  • It rolled out in iOS 15.2, you can access it at Settings > Privacy > App Privacy Report
  • The App Privacy Report records details about what apps are doing for a rolling seven-day period
  • App activity data is stored on your phone, if you disable this feature, the data will be deleted from your phone
  • The report has four sections
    • Data & Sensor Access
    • App Network Activity
    • Website Network Activity
    • Most Contacted Domains
  • Data & Sensor Access shows when apps access sensitive data and sensors
  • App Network Activity which domains your apps have connected with. There is a distinction between domains the app contacted "directly" and those "contacted by other content."
  • Website Network Activity which does the same thing as App Network Activity but for sites loaded through in-app browsers, or mobile browsers like Safari and Firefox
  • Most Contacted Domains tracks the most contacted domains across all your apps
  • Maximilian Zinkus, a cryptographer at Johns Hopkins University, said "If an app is unexpectedly tracking location, microphone, or other sensors, that’s a huge red flag"
  • Zinkus also said "I would recommend uninstalling and even filing a report with Apple through the App Store if an app really seems to have unexplained access"
  • Delete any app that has suspicious or unexpected activity
  • In general, less apps are better

Sponsored Content

Sponsored Content