In episode 92 of our monthly show Tom and Scott talk about Amazon’s new smart glasses that work with Alexa, what webkey’s are and how they could be used for social engineering, and why you should always erase old hard drives and other data storage before selling or giving away computers and other electronics.
Looking to up your privacy and security game while you travel? Then you need to check out Silent Pocket’s patented product line of faraday bags, wallets, backpacks, and other accessories at silentpocket.com. Be sure to use discount code “sharedsecurity” at checkout to receive 15% off your order.
Here are the show notes and links to articles discussed during the show:
Give a listen to our 10 year anniversary episode, and our interviews with Aaron Zar from Silent Pocket, and Max Krohn from Keybase.io.
“Another experimental product is Echo Frames, but I think these have legs. These aren’t augmented reality glasses like Microsoft’s Hololens or Google Glass — there’s no display on them, and no camera like Glass had. Instead, you talk to the glasses and Alexa talks back to you. They make more sense than the Echo Loop, since the speakers are right near your ears and you don’t need to raise a hand up to listen
Amazon has had lots of privacy issues around Alexa recordings including how contractors have been listening to these recordings and that you can only manually delete your recordings one at a time. Amazon’s privacy policies are starting to change! Check out our latest episode of the Weekly Blaze for more details.
“USB webkeys( USB web keys ) are a great way of getting people to remember your logo, yet it saves the trouble of remembering a lengthy URL. Plug the Webkey into a USB port and your pre-programmed website automatically launches — just like magic! If you’ve read Harry Potter, you’ll appreciate this Muggle equivalent of the Portkey. The USB Web key is a low cost alternative to USB flash memory devices, and an effective way of promoting your company, new product launch, training material, or recruitment campaign. It’s available in various shapes. The USB Web key is pre-programmed with the URL (may up to 110pcs characters) that you provide. Every device is guaranteed to be virus free.”
Here’s the Twitter thread that Scott mentioned on the show about the webkey given out at the information security conference:
A great physical/cyber #socialEngineering experiment. A honey webkey!
Wonder how many inserted this? Did the #InformationSecurity folks approve of this marketing tactic?
Hey, @agent0x0 @streetsec the next gen beyond #HoneySticks => #HoneyPhones for you. 🙂 https://t.co/u9B1vR6Iaj
— Rebecca Herold (@PrivacyProf) August 22, 2019
Study: 3 in 5 secondhand hard drives still contain previous owner’s data
“59 percent of secondhand hard disks sold on marketplaces like eBay are not properly wiped and still contain data from their previous owners, according to a new study by the University of Hertfordshire and commissioned by Comparitech.We purchased 200 used hard drives from online marketplaces, secondhand shops, and conventional auctions: 100 in the USA and 100 in the UK. University researchers then performed forensic analysis to determine whether any attempt had been made at deleting the contents of the drive and whether those attempts were successful.
We uncovered a wide range of sensitive and private information left by previous owners. The remnant data included, among other things, employment and payroll records, family and holiday photos, business documents, visa applications, resumes and job applications, lists of passwords, passport and driver’s license scans, tax documents, bank statements, and lists of students attending senior high schools.”
Here’s a great guide we talked about on how to erase/wipe most electronic storage including SD cards.
Be sure to follow the Shared Security Podcast on Facebook, Twitter and Instagram for the latest news and commentary. If you have feedback or topic ideas for the show you can email us at feedback[aT]sharedsecurity.net. First time listener to the podcast? Please subscribe on your favorite podcast listening app or watch and subscribe on our YouTube channel.