Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view.Read More

 

Tech Friday with Dave Hatter- January 21st 2022 - SPONSORED BY INTRUST IT


Athletes Warned to not to take phones to Olympics:

  • Beijing has promised to drop the Great Firewall that blocks services like Facebook for athletes at the Olympics
  • Security experts urge those going to exercise caution
  • Chinese companies known for data collection and surveillance are among the official sponsors and suppliers
  • Cybersecurity consultants warn that the systems in use could subject athletes to the intense surveillance that Chinese citizens suffer
  • A growing number of delegations are taking the threat to heart
  • Australia, Belgium, the Netherlands and Canada have advised athletes to keep devices off Wi-Fi networks and use burner phones
  • The US has issued a warning to American athletes that their devices may be infected with malware
  • "My advice to athletes would be to go buy a cheap second phone and don’t use your principal iPhone or Android system," said Larry Diamond, senior fellow at the Hoover Institution at Stanford University
  • "We don’t know where this is headed.The only thing we know is that China is constructing the most sophisticated authoritarian digital surveillance state, and I don’t think people should be blasé in taking their equipment to interact with that"- Diamond
  • Beijing has rejected the allegations saying, "This is completely groundless and these concerns are wholly unnecessary."
  • One of the 5G technology suppliers is Huawei, the company blacklisted by the U.S. and others
  • Other support will come from China Unicom Beijing, whose parent company is on the Treasury Department’s list of sanctioned Chinese companies
  • If you travel to China, a burner device is the way to go

Required Olympics app has "devastating" encryption bug:

  • All attendees of the upcoming Olympics must use an app that that has encryption flaws which could leak personal information per a new report from a cybersecurity company
  • MY2022 app is purported to monitor Covid and is mandatory for athletes, journalists and other attendees
  • Jeffrey Knockel, author of the report for Citizen Lab, said a "simple but devastating flaw" could leak health information, voice messages and other data
  • The International Olympic Committee (IOC) said users can disable the app's access to some data and that two unnamed cyber security organizations "confirmed that there are no critical vulnerabilities."
  • IOC said "The user is in control over what the... app can access on their device," and added that installing it on mobile devices isn't required because it's available as a web application as well
  • "China has a history of undermining encryption technology to perform political censorship and surveillance," Knockel said
  • "As such, it is reasonable to ask whether the encryption in this app was intentionally sabotaged for surveillance purposes or whether the defect was born of developer negligence," he continued, adding that "the case for the Chinese government sabotaging MY2022's encryption is problematic."
  • The app is transparent about the medical information collected but it's not clear who has access to the information
  • MY2022 also contains a list of "politically sensitive" phrases in China

Don't store passwords in your browser:

  • Experts constantly warn about the need to use strong, unique passwords for each account
  • Many people store passwords in their web browser because it's easy and convenient
  • Recently security experts have warned again about storing passwords in browser after a recent security breach
  • AhnLab reported an employee stored their passwords in the browser on a device shared with family members
  • Unbeknownst to the employee, the device was infected malware known as Redline Stealer
  • Redline Stealer was able to access the stored passwords including the password to the company’s VPN
  • The hacker was able to breach the employee's organization with the VPN credentials
  • AhnLab said "Although the account credentials storing feature of browsers is very convenient, as there is a risk of leakage of account credentials upon malware infection, users are recommended to refrain from using it and only use programs from clear sources"
  • It's better to use a secure password manager like LastPass
  • Learn about the best password managers here:https://www.pcmag.com/picks/the-best-password-managers
  • There is an update for Chrome you should install

Sponsored Content

Sponsored Content