BROADCASTS.com

b'

We discuss a new macOS Keychain vulnerability, which raises the question of why Apple still doesn\'t have a Mac bug bounty program. We also discuss shortcomings of two-factor authentication, the removal of the Do Not Track feature from Safari, whether or not Google Chrome\'s lookalike URL warnings are actually a good thing, and more (including why Apple still hadn\'t fixed the Group FaceTime spying bug; they\\xa0finally did after we recorded the episode).

\\n
• Apple Patches Group FaceTime, Shortcuts Vulnerabilities
\\n
• Apple\'s bug bounty program, launched in 2016
\\n
• Apple might pay teenager who found Group FaceTime surveillance bug
\\n
• Apple to Remove \\u201cDo Not Track\\u201d Feature from Safari
\\n
• Google Chrome to get warnings for \'lookalike URLs\'
\\n
• Typosquatting (Wikipedia)
\\n
• Josh\'s tweet from 2012 about AdBlock Plus
\\n
• Chrome Canary
\\n
• Security researcher demos macOS exploit to access Keychain passwords, but won\\u2019t share details with Apple out of protest
\\n
• Mr. Steal Yo Keychain (Patrick Wardle\'s keychain discovery of 2017)
\\n
• Market for zero-day exploits (Wikipedia)
\\n
• Two-Factor Authentication Might Not Keep You Safe
\\n
• Two-Factor Authorization Apps for iOS
\\n
• Kevin Mitnick (Wikipedia)
\\n

Get 50% off Mac Premium Bundle X9, fully compatible with macOS Mojave, with the code PODCAST19. Download Intego Mac Premium Bundle X9 now at intego.com.