Apple’s Accidental Stalkerware

Apple’s Accidental Stalkerware - ThreatWire

Рет қаралды 26,116

Hak5

Күн бұрын

Пікірлер: 70

@zipperwookie4926 4 ай бұрын

Remember when Apple said their privacy priorities made their products the better choice? Pepperidge Farm remembers

@ZeroCrystal 4 ай бұрын

And if you believe what Apple says, you'd be naïve.

@starmap 4 ай бұрын

@@ZeroCrystal trust no one

@sumduma55 4 ай бұрын

I'm betting this wifi geo-position story is the AI story and isn't real. While Google Street view does collect wireless information and logs it with GPS coordinates and Wiggle will do the same when roaming the streets, apple doesn't do this that I'm aware of. Plus WPS is already a wireless acronym for the protected setup button on consumer grade wifi routers. You would think big tech would have another name.

@vladii82 4 ай бұрын

@sumduma55 The DNS story was the AI scripted. Watch the next episode. Furthermore, the AI story is real, just the script is generated by AI. Also, unintentional sharing of geolocation is as bad for the user as intentional sharing. The second is just immoral.

@sumduma55 4 ай бұрын

@@vladii82 i had forgotten about watches and just about every other accessory that take full network access, want access to your accounts contacts and so on. I evrn hsve a blood pressure machine that wants all thst to use the Bluetooth connection for logging. They could be transmitting the data to apple. Years ago, I watched a guy gain access to a computer someone was using to remote into a honeypot network. He showed us the wifi names detected surrounding that system and how to use wiggle to locate the general area it was in. Presumably from there you could pinpoint the house or exact location the computer was in by looking for the right IDs and MAC addresses. So I agree it is easily accomplished and I was short sighted in my initial post. On a plus side, phones usually make up and rotate MAC addresses regularly to narrow down stalking and real time real life threats.

@skyscraperfan 4 ай бұрын

People should rename their access points just for Google and Apple? Seriously? So in future Google and Apple might track your face unless you wear a shirt with the text "notrack"?

@Emancipatriot 4 ай бұрын

As long as “notrack” on the shirt can be read by a satellite 😂

@benhetland576 4 ай бұрын

They might have been doing that for a long time already

@spookycode 4 ай бұрын

I wonder why recursive dns services don’t have alarms that go off when a large volume of traffic hits a single ip. In no way is it realistic to have 8 Gb/s dns Traffic to a single ip

@xion637 4 ай бұрын

i said the same for managed services where ISPs are concerned. Had an instance where a company was breached and TBs of data was off-loaded over a period of 4 months to foriegn IPs and zero flags were raised by them. If you're running a managed infrastructure for a conglomerate, I'd like to assume they have specialized monitoring for these situations. It's actually sad.

@monad_tcp 4 ай бұрын

There should be automatic circuit breakers. Sometimes I wonder how the internet stays working, its a miracle of the people working 24/7 that keeps the thing barely working.

@ogzsxftw 4 ай бұрын

Always a good day when Hak5 uploads

@mytechnotalent 4 ай бұрын

The DNS bomb is wild. It is crazy that it can target something as simple as a timeout. Great one again Ali!

@willstikken5619 4 ай бұрын

"The year of the Linux desktop" can only be said with the appropriate amount of irony.

@spookycode 4 ай бұрын

We don‘t have enough vulnerabilities I guess

@c-LAW 4 ай бұрын

WPS is the most awkward method for network authentication. One would think the gov't created it. I alwasy disable it.

@Lnorm883 4 ай бұрын

But if WPS is present the whole device is up for zero day grabs. Nothing is secure anymore.

@benhetland576 4 ай бұрын

This is not the same "WPS" as the one for Wireless Protection System used for registering a devive on wifi.

@gr33nDestiny 4 ай бұрын

Good news summary, thanks

@christopherhartline1863 4 ай бұрын

Yeah. I wouldn't call it an accident. Apple has been ...

@zhollamychalis4252 4 ай бұрын

My grandma used to call such things accidentally on purpose. They all have the same smell.

@sparquisdesade 4 ай бұрын

Well it was an accident they got caught

@greyfots 4 ай бұрын

YoooooOOOO DOESN’T Amazons sidewalk option do the saaaammmeee thing as apples’s !?!?!?!?

@S.C.D. 4 ай бұрын

Loved the live read through. 😎

@benhetland576 4 ай бұрын

The Google SSID positioning augmentation is nothing new. On Android devices it even states clearly in the settings what the feature is (officially) used for. I'm more surprised that this is presented as "accidental stalkerware" on Apple devices as I believe it has been known for a long time already that Apple does something similar to Google. Nothing "accidental" here...

@user-qy2wf2lt6v 4 ай бұрын

The accedental part is how easy it wqs for third party to abuse it. This is something that I've heard people talking about 15 years ago and I know those whi've been abusing it for at least 6-7 years now.

@jaredgarlock1594 4 ай бұрын

Heads up, the sensitivity on your microphone combined with the material of your shirt causes a scrunching plastic bag effect when you move your arms.

@wwShadow7 4 ай бұрын

That wps map. All that white space over communist countries. Not that we need that for military targeting systems, but if you're on a budget? Budget? When your cheapest missile starts at an easy mill.

@mikehensley78 4 ай бұрын

Trust your technolust.

@JoeJoeTater 4 ай бұрын

You're missing the point of why AI journalism is bad. By manually verifying that the stories aren't hallucinations, all you're really showing is that LLMs can use English grammar... which isn't impressive. You can do that with hand-coded programs too. Using LLMs to replace journalists is bad because: - There is no human in the loop to understand and make judgements about whether the writing is ethical or not. - The story could be a complete hallucination. (Worse, it could be a story that was maliciously injected.) - It takes negotiating power away from journalists, lowering their wages and working conditions. - It's just a really obfuscated way of stealing stories from journalists. (Someone has to write down the information for the LLM to consume!)

@tech1238 4 ай бұрын

Thanks!

@mmlvx 4 ай бұрын

Do I remember rightly that Apple maps API is free because Google started chargingan arm and a leg to use the Google Maps API?

@cxa24 4 ай бұрын

Intentional; likely escapes through you (funding or employment)

@DirtyPlumbus 4 ай бұрын

Apple's "accidental" stalkerware.

@LeonEdwinsHeart 4 ай бұрын

Thank you

@alienboy689 4 ай бұрын

I always try and turn off my wifi when I go out because of that crap

@JohnAmatulli 4 ай бұрын

Does it cost the US government anything to access Google's API to build a similar map or is do they have a special deal? I think we know the answer.

@user-qy2wf2lt6v 4 ай бұрын

FCC needed to aprove this, so ...

@muddkipp_1 4 ай бұрын

10 was movie in the seventies oh my

@pixelgoat_ 4 ай бұрын

what kind of sweater is that?

@user-qy2wf2lt6v 4 ай бұрын

Ooooh they finally fixed that :(

@sargismartirosyan9946 4 ай бұрын

👋Nice👌

@antdad24 4 ай бұрын

New attack? Thanks, i hate it!

@C.J... 4 ай бұрын

❤Dimples!❤

@zeus1141 4 ай бұрын

"Accidental"

@JeremyFrench-o4b 27 күн бұрын

I love you ali diamond ❤

@8________________D- 4 ай бұрын

Not accidental

@herauthon 4 ай бұрын

o))) is it BGP related ?

@herauthon 4 ай бұрын

that WiFi hunting is old.. i did that mac hunt 24y ago.. and found green, grey, and red players.. where the red where open access devices like routers, printers, fax, i traveled by train - and within a range of 50m could i find 1000 devices with various security levels. I should do this again and scan the current status of devices.

@elyt 4 ай бұрын

If Steve Jobs were still alive, Apple wouldn't even be like this. We all know that Steve Jobs prioritizes Software more than Hardware. And he's very strict about user experience.