Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X

Graham Cluley

Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X

Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X

Equifax’s shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple’s iPhone X comes with Face ID.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik.

Smashing Security #042: 'Equifax, BlueBorne, and the iPhone X'

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Javvad Malik – @j4vv4d

Show notes:

Thanks to our sponsor:

This episode of Smashing Security is made possible by the generous support of Rapid7.

Identifying, prioritizing and managing vulnerabilities all the way through to remediation is not only possible, it can be simple. Right now.

Build a vulnerability management program that works for you with Insight VM, by Rapid7. Get started with your free 30 day trial at www.rapid7.com

Follow the show:

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on iTunes or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

2 Replies to “Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X”

  1. You mentioned the bluetootth on your phone/headset etc being patched, but what about on your actual car – is that possible to be infected and then as you're driving around town, it's spreading the lurgee?

  2. iPhoneX FaceID

    Question: What FAR means when it does not come with the corresponding FRR?

    Answer: It means nothing.

    According to some tech media¸the FAR (false acceptance rate) of iPhone X Face ID is said to be one millionth, which might be viewed as considerably better than the reported one 50,000th of Touch ID.

    It is not the case, however. The fact is that which is better or worse can by no means be decided when the corresponding FRR (false rejection rates) of Face ID and Touch ID, which are in the trade-off relation with FAR, are not known. This crucial observation is seldom reported by major tech media. It is really sad to see the misguided tech media spreading the misguiding information in a huge scale.

    The only meaningful fact that we can logically get confirmed by the trade-off between FAR and FRR is that the biometrics deployed with a password as a fallback means against false rejection would only provide the level of security lower than that of a password-only authentication.

    Face ID, which brings down security as such, could be recommended only for those who want better convenience, as in the case of Touch ID. If recommended for better security, it would only get criminals and tyrants delighted.

    Security professionals are expected to speak up

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES