Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Content provided by Cameron Ivey. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Cameron Ivey or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Privacy Please
Technical interviews about software topics.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Industry expert Mikah Sargent, brings you interviews from tech journalists who make or break the top stories of the week. Get the freshest perspective and in depth insight into the fast-paced world of technology from Tech News Weekly. Records every Thursday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
S6, E245 - Hard-coded Secrets and Unencrypted Data: A Digital Security Nightmare
Manage episode 489120794 series 2770333
Content provided by Cameron Ivey. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Cameron Ivey or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Several popular Chrome extensions, including privacy and security tools, have been found leaking sensitive data through unencrypted HTTP and hard-coded credentials in their code. Security is both hard and easy - hard because of existing unencrypted protocols and trust placed in developers, but easy because fundamental security practices should be common knowledge in 2025.
• Chrome extensions including DualSafe Password Manager and Avast Online Security are leaking sensitive user data
• HTTP vs HTTPS - the 'S' stands for security and encrypts data transmission over the internet
• HTTPS Only extension from EFF forces secure connections when browsing
• Hard-coded credentials in extensions create permanent security vulnerabilities
• Developers sometimes collect excessive data "just in case" rather than minimizing collection
• OWASP (Open Web Application Security Project) provides essential resources for developers
• Technology abstraction makes users less aware of security fundamentals
• The newly restarted OWASP Nomad chapter offers virtual community for application security
Check out our GitHub repository of privacy resources at "Awesome Privacy Engineering Tools" for more information on implementing better privacy practices in development.
Support the show
Chapters
1. S6, E245 - Hard-coded Secrets and Unencrypted Data: A Digital Security Nightmare (00:00:00)
2. Welcome & Chrome Extensions Security Issues (00:01:28)
3. HTTP vs HTTPS Explained (00:03:24)
4. Developer Challenges and Hard-Coded Keys (00:06:44)
5. OWASP Resources for Developers (00:09:57)
6. Technology Abstraction and Privacy Education (00:11:59)
7. More Data Isn't Always Better (00:14:47)
247 episodes
Share
Manage episode 489120794 series 2770333
Content provided by Cameron Ivey. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Cameron Ivey or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Several popular Chrome extensions, including privacy and security tools, have been found leaking sensitive data through unencrypted HTTP and hard-coded credentials in their code. Security is both hard and easy - hard because of existing unencrypted protocols and trust placed in developers, but easy because fundamental security practices should be common knowledge in 2025.
• Chrome extensions including DualSafe Password Manager and Avast Online Security are leaking sensitive user data
• HTTP vs HTTPS - the 'S' stands for security and encrypts data transmission over the internet
• HTTPS Only extension from EFF forces secure connections when browsing
• Hard-coded credentials in extensions create permanent security vulnerabilities
• Developers sometimes collect excessive data "just in case" rather than minimizing collection
• OWASP (Open Web Application Security Project) provides essential resources for developers
• Technology abstraction makes users less aware of security fundamentals
• The newly restarted OWASP Nomad chapter offers virtual community for application security
Check out our GitHub repository of privacy resources at "Awesome Privacy Engineering Tools" for more information on implementing better privacy practices in development.
Support the show
Chapters
1. S6, E245 - Hard-coded Secrets and Unencrypted Data: A Digital Security Nightmare (00:00:00)
2. Welcome & Chrome Extensions Security Issues (00:01:28)
3. HTTP vs HTTPS Explained (00:03:24)
4. Developer Challenges and Hard-Coded Keys (00:06:44)
5. OWASP Resources for Developers (00:09:57)
6. Technology Abstraction and Privacy Education (00:11:59)
7. More Data Isn't Always Better (00:14:47)
247 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Privacy Please
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Industry expert Mikah Sargent, brings you interviews from tech journalists who make or break the top stories of the week. Get the freshest perspective and in depth insight into the fast-paced world of technology from Tech News Weekly. Records every Thursday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Ever wondered how automation will change the world? Maybe you puzzle over what India could do to ease traffic congestion, or how China's aircraft carriers will transform Indian Ocean geopolitics? All Things Policy, a daily podcast brought to you by the Takshashila Institution, brings you all the answers. Every weekday, our researchers break down complex economic and geopolitical ideas through the lens of current events. For everyone from the busy executive to the curious student, All Things ...
…
continue reading
Every week Linus and Luke discuss the most current happenings in the technology universe.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
