Go offline with the Player FM app!
Why Doesn't Apple Have a Mac Bug Bounty Program?
Manage episode 226937850 series 1750648
We discuss a new macOS Keychain vulnerability, which raises the question of why Apple still doesn't have a Mac bug bounty program. We also discuss shortcomings of two-factor authentication, the removal of the Do Not Track feature from Safari, whether or not Google Chrome's lookalike URL warnings are actually a good thing, and more (including why Apple still hadn't fixed the Group FaceTime spying bug; they finally did after we recorded the episode).
- Apple Patches Group FaceTime, Shortcuts Vulnerabilities
- Apple's bug bounty program, launched in 2016
- Apple might pay teenager who found Group FaceTime surveillance bug
- Apple to Remove “Do Not Track” Feature from Safari
- Google Chrome to get warnings for 'lookalike URLs'
- Typosquatting (Wikipedia)
- Josh's tweet from 2012 about AdBlock Plus
- Chrome Canary
- Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest
- Mr. Steal Yo Keychain (Patrick Wardle's keychain discovery of 2017)
- Market for zero-day exploits (Wikipedia)
- Two-Factor Authentication Might Not Keep You Safe
- Two-Factor Authorization Apps for iOS
- Kevin Mitnick (Wikipedia)
Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.
362 episodes
Manage episode 226937850 series 1750648
We discuss a new macOS Keychain vulnerability, which raises the question of why Apple still doesn't have a Mac bug bounty program. We also discuss shortcomings of two-factor authentication, the removal of the Do Not Track feature from Safari, whether or not Google Chrome's lookalike URL warnings are actually a good thing, and more (including why Apple still hadn't fixed the Group FaceTime spying bug; they finally did after we recorded the episode).
- Apple Patches Group FaceTime, Shortcuts Vulnerabilities
- Apple's bug bounty program, launched in 2016
- Apple might pay teenager who found Group FaceTime surveillance bug
- Apple to Remove “Do Not Track” Feature from Safari
- Google Chrome to get warnings for 'lookalike URLs'
- Typosquatting (Wikipedia)
- Josh's tweet from 2012 about AdBlock Plus
- Chrome Canary
- Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest
- Mr. Steal Yo Keychain (Patrick Wardle's keychain discovery of 2017)
- Market for zero-day exploits (Wikipedia)
- Two-Factor Authentication Might Not Keep You Safe
- Two-Factor Authorization Apps for iOS
- Kevin Mitnick (Wikipedia)
Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.
362 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.