Full Dark, Max Bleak · Security

Despite the prevalence of deepfake audio tech, banks and ISPs rush ahead with “voice print” authentication

Bad news folks. Corporate America is rushing ahead with voice-based authentication. I know because I recently called my ISP, Spectrum, which tried to enroll me in Voice ID. I declined. (“With Voice ID, you don’t have to worry about remembering security codes or passwords.” Ok, sure 🤪) And I also called my bank, Chase, which… Continue reading Despite the prevalence of deepfake audio tech, banks and ISPs rush ahead with “voice print” authentication

Apple · Privacy · Security

Apple’s plan for iOS 15 CSAM scanning to somehow constitute “safe” surveillance is impossible without bulletproof security and an explicit moral framework to guide policy decisions. It has neither.

With its CSAM scanning tool (soon to be pushed to iPhones with iOS 15 and maybe Macs with Monterey), Apple has created what it promises is a “safe” surveillance experience. It will catch the absolute worst scumbags on the planet. It is launching in just the US. Turn it off by simply discontinuing your usage… Continue reading Apple’s plan for iOS 15 CSAM scanning to somehow constitute “safe” surveillance is impossible without bulletproof security and an explicit moral framework to guide policy decisions. It has neither.

Browsers · Security

When Chrome extension developers sell out, users get pwned. Why is there not the option to disable automatic updates for specific extensions, as with Firefox?

From a Stack Overflow question: “a hacked version of a Google Chrome extension I use was distributed via Chrome’s automatic extension updates. Is it possible to stop Google Chrome from automatically updating extensions?” The answer is there’s not an easy way to disable them in Chrome. But there should be, and this post explains why.… Continue reading When Chrome extension developers sell out, users get pwned. Why is there not the option to disable automatic updates for specific extensions, as with Firefox?