New Episode Alert EP113

Mass surveillance concerns and new cyber-attacks! 🔥

March 23, 2020

Weekly Blaze PodcastEpisode 113March 23 2020

COVID-19 Mass SurveillanceNew Coronavirus Cyber-AttacksEncryption Backdoors

A few weeks ago I read a very interesting news story about how car thieves are now able to

clone the key fob from not just high-end cars like Tesla's, but also from more mid-level brands like Toyota, Hyundai, and Kia

. Basically, researchers found a new vulnerability in the car's ignition system which can allow for easy key fob cloning. This will allow a thief to start the engine. Now while we wait for car manufactures to fix this latest issue, there is still a huge problem with what are called key fob relay attacks. This is an attack where thieves use a device to boost the signal from your car's key fob in order to open your car door and drive off with your car. That's why I still recommend using a Silent Pocket key fob faraday sleeve to prevent these attacks. And you can get 15% off one right now at

silentpocket.com

by using discount code "sharedsecurity".

Israel passes emergency law to use mobile data for COVID-19 contact tracing

I'm sure you're like me and you're being constantly bombarded with COVID-19 SPAM and news almost minute by minute so I don't want to cover anything related to the coronavirus that's already being discussed in the media but there were a few very interesting cybersecurity and privacy related news stories that I think are worthy of talking about on the podcast this week.

First was the story about Israel passing an emergency law to use mobile phone data for tracking people infected with COVID-19 which would include ways to identify and quarantine others that may have come into contact with those that have been infected. Details of how this type of tracking will work from a technical perspective have not been released but

from what BBC news has reported

, the location data of people's mobile devices will be collected from telecom companies by the Israeli domestic security agency and shared with health officials. The BBC also reports that the health ministry will be involved in monitoring the location of infected people to ensure that they are following quarantine rules and it only seems natural at this point that local law enforcement will be used to force people to stay in quarantine.

In my opinion this is a very scary precedent and has huge ramifications for the privacy of Israeli citizens. This type of tracking, using people's own smartphones, could truly become a method of mass surveillance and also a way for us to be tracked for forced containment if necessary. And if you don't think this could happen in the US, think again. The

Wall Street Journal reports

that the US government is considering similar location-tracking technology with the tech giants and other companies. As you know, the US government has changed its position several times on restricting movement of US citizens due to COVID-19, so it's not out of the question that a mass surveillance program, in the name of stopping coronavirus infections, could happen if the infection rate doesn't decrease.

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

In other coronavirus news,

COVID-19 cyber-attacks are on a dramatic increase and it's not just phishing attacks you need to worry about

. Everything from spear-phishing campaigns that are targeting health care workers and hospitals, malware targeting manufacturing, finance, transportation, and the pharmaceutical industry, and even a fake Android app called "COVID19 Tracker" was found to abuse user permissions to change the phone's lock screen password and

install ransomware in return for a $100 bitcoin ransom

. There is even a malware campaign going around using a fraudulent version of the Johns Hopkins Coronavirus Map in the form of a malicious executable. It's really a full on onslaught of attacks right now that are taking advantage of the panic, fear, and chaos that has ensued because of the coronavirus. Now more than ever, you need to stay vigilant and also tell your friends and family to do the same. In fact, if you have elderly family members, be sure to also check in with them on their cyber-hygiene in addition to their physical well-being. Tell them to watch out for emails and files from unknown or spoofed sources, and more importantly, tell them to not click on suspicious links or open attachments in email. In fact, I tell people to never click on links in email just because of the risk of falling for a well-crafted phish. Please make sure you give some basic cybersecurity knowledge for elderly friends and family members because they, unfortunately, are a target in these crazy times.

WhatsApp And Signal Replaced By New Mystery Messaging App for EU Diplomats

In privacy news, diplomats in the European Union have been asked to dump WhatsApp and begin using a mystery app for secure messaging with no further details on what the app is or how it works. This

new secret messaging service is being rolled out by the European External Action Service (or EEAS) which is a group of politicians and civil servants that support the EU in conducting diplomacy efforts with countries outside of the EU

. While the case to move away from WhatsApp makes sense given that WhatsApp is owned by Facebook and that there have been targeted attacks towards WhatsApp in the past, it's surprising that another, more proven open source end-to-end messaging app like Signal wasn't chosen to be authorized for use instead. Many suspect that because the EU may be set to mandate encryption backdoors into popular end-to-end messaging apps in the near future, the EU may be getting ready for this by creating their own secure messaging app that already has a backdoor installed.

Keep in mind, it's not just the EU that is pushing for backdoors in secure messaging apps. In fact in the US, a new bill being introduced by Congress called "EARN IT", which stands for the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act, is fundamentally about preventing child sex abuse by forcing tech companies to "scan" messages for illegal content from a "best practices" list that is governed by a government commission. This commission is led by Attorney General Barr who has said many times in the past that tech companies should give the government backdoor access to apps in order to bypass encryption. This new act, while having good intentions, seems more of a vehicle to get backdoors installed in the apps that we use every day.

For more details on this bill and other news on how governments world-wide are trying to force tech companies to create backdoors see our show notes for a link to our friends at the Electronic Frontier Foundation

FebruaryMonthly ShowEpisode 97In episode 97 of our monthly show we discuss how Chinese hackers caused the Equifax data breach, new coronavirus phishing attacks to be aware of, and how to stay (almost) anonymous online.

Watch this episode on our YouTube Channel!

Thank you to our sponsor

Silent Pocket!

Take advantage of this exclusive offer and help support this podcast!

Visit

silent-pocket.com

to shop Silent Pocket's great line of privacy focused products.