Podcasts about Voatz

This Week in Startups is brought to you by… Squarespace. Turn your idea into a new website! Go to https://www.Squarespace.com/TWIST for a free trial. When you're ready to launch, use offer code TWIST to save 10% off your first purchase of a website or domain. Beehiiv. Power your newsletters with AI tools, referral programs, and ad network features—all in one platform. Get 30 days free and 20% off your first 3 months at ⁠https://www.beehiiv.com/twist Cloud Devs. Building the best remote team is tough, but you don't have to do it alone. Visit https://www.clouddevs.com/twist for an unbeatable offer on hiring elite Latam talent today. * Todays show: Alex Wilhelm joins Jason to dive into Tesla's Robotaxi event, highlighting Tesla's bold plans for a self-driving, bus-style vehicle (4:33). Next, Lightship RV co-founders Toby Kraus and Ben Parker share their vision for the future of electric RVs and off-grid travel (25:04). Finally, Voatz CEO Nimit Sawhney wraps up the show, discussing how startups are working to secure elections, and how Voatz is leveraging blockchain technology to strengthen election security (51:35). * Timestamps: (0:00) Jason and Alex kick off the show (4:33) The Tesla Robotaxi event (6:46) The potential impact of Tesla's bus platform (11:59) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWIST (13:29) ChatGPT 4 with Canvas demonstration (18:23) Predictions on the future of self-driving cars (23:36) Beehiiv - Get 30 days free and 20% off your first 3 months at ⁠https://www.beehiiv.com/twist (25:04) Lightship RV co-founders Toby Kraus and Ben Parker join the show (27:55) Description and features of Lightship RV (33:58) Cloud Devs - Visit https://www.clouddevs.com/twist for an unbeatable offer on hiring elite Latam talent today. (35:05) Financing strategy and market potential for Lightship RV (39:00) Impact of market trends on Lightship RV (41:19) Lightship RV's unique selling points and efficiency (46:26) Lightship RV's competition and market strategy (51:35) Voatz CEO Nimit Sawhney joins the show (54:48) Voatz's progress, voting process, and blockchain integration (1:02:25) Election fraud concerns and attack vectors (1:06:02) Voatz's business model, sales cycle, and state-level urgency (1:08:11) Discussion on Dominion Voting Systems and election security (1:10:15) The debate over voter ID requirements and voting transparency (1:13:38) Upcoming topics: Solar energy advancements (1:14:28) Twist 500 nominations and submission guidelines * Subscribe to the TWiST500 newsletter: https://ticker.thisweekinstartups.com Check out the TWIST500: https://www.twist500.com * Subscribe to This Week in Startups on Apple: https://rb.gy/v19fcp * Check out: https://lightshiprv.com https://voatz.com * Follow Toby: X: https://x.com/kraus_toby LinkedIn: https://www.linkedin.com/in/tobykraus * Follow Ben: LinkedIn: https://www.linkedin.com/in/benjaminparker1203/ * Follow Nimit: X: https://x.com/yenhwas * Follow Alex: X: https://x.com/alex LinkedIn: ⁠https://www.linkedin.com/in/alexwilhelm * Follow Jason: X: https://twitter.com/Jason LinkedIn: https://www.linkedin.com/in/jasoncalacanis * Thank you to our partners: (11:59) Squarespace - Use offer code TWIST to save 10% off your first purchase of a website or domain at https://www.Squarespace.com/TWIST (23:36) Beehiiv - Get 30 days free and 20% off your first 3 months at ⁠https://www.beehiiv.com/twist (33:58) Cloud Devs - Visit https://www.clouddevs.com/twist for an unbeatable offer on hiring elite Latam talent today. * Great TWIST interviews: Will Guidara, Eoghan McCabe, Steve Huffman, Brian Chesky, Bob Moesta, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland * Check out Jason's suite of newsletters: https://substack.com/@calacanis * Follow TWiST: Twitter: https://twitter.com/TWiStartups YouTube: https://www.youtube.com/thisweekin Instagram: https://www.instagram.com/thisweekinstartups TikTok: https://www.tiktok.com/@thisweekinstartups Substack: https://twistartups.substack.com * Subscribe to the Founder University Podcast: https://www.youtube.com/@founderuniversity1916

Watch the video of today's podcast here: https://www.thetayf.com/pages/multimedia?wchannelid=c4ogwxwvtw&wmediaid=y4jq4jgywz Making voting safe and accurate! Nimit Sawhney from Voatz joins me on today's show to reveal how blockchain technology will revolutionize voting, ensuring that elections are indisputably fair and accessible. Plus, bitcoin and AI combine to terminate deepfakes - could this end the spread of AI-generated misinformation? Subscribe to podcast updates: https://form.jotform.com/223614751580152 Ask Ric: https://www.thetayf.com/pages/ask-ric ----- Links from today's show: An Important Crypto Message (4/11/23 Episode): https://www.thetayf.com/blogs/this-weeks-stories/an-important-crypto-message?_pos=11&_sid=f44de60fd&_ss=r Wealth Management Convergence (discount code = WMC2024): https://www.thetayf.com/pages/convergence Voatz: https://voatz.com/ Digital Democracy Project: https://www.digital-democracy.org/ ----- Follow Ric on social media: Facebook: https://www.facebook.com/RicEdelman Instagram: https://www.instagram.com/ric_edelman/ LinkedIn: https://www.linkedin.com/in/ricedelman/ X: https://twitter.com/ricedelman YouTube: https://www.youtube.com/@RicEdelman ----- Brought to you by: Invesco QQQ: https://www.invesco.com/qqq-etf/en/home.html Schwab: https://www.schwab.com/ Disclosure page: https://www.thetayf.com/pages/sponsorship-disclosure-fee -----

Join our resident Business Ninja Andrew, together with the Founder and Executive Director of Digital Democracy Project, Ramon Perez, as they talk about the importance of getting involved in local government and how that scales into the grander scheme of things.Digital Democracy Project is a nonpartisan public service provided to all registered voters, representatives, and the public by Voting Rights Brigade. It's a voter-driven system of government for the 21st Century, currently in the State of Florida.Voting Rights Brigade, a 501(c)(3) non-profit, has partnered with Voatz, a Boston-based mobile voting software company, to launch the Digital Democracy Project. Voting Rights Brigade has developed the Digital Democracy Project website and reporting capabilities, under the direction of our Founder/Director, Ramon Perez, an AI technology leader. Learn more about Digital Democracy Project by visiting their website at https://digitaldemocracyproject.org/. Do you want to be interviewed for your business? Schedule time with us, and we'll create a podcast like this for your business:  https://www.WriteForMe.io/-----https://www.facebook.com/writeforme.iohttps://www.instagram.com/writeforme.io/https://twitter.com/writeformeiohttps://www.linkedin.com/company/writ...https://www.pinterest.com/andysteuer/Want to be interviewed on our Business Ninjas podcast? Schedule time with us now, and we'll make it happen right away! Check out WriteForMe, more than just a Content Agency! See the Faces Behind The Voices on our YouTube Channel!

This week on Breaking Battlegrounds, we are joined by Chris Buskirk, author of the new book America and the Art of the Possible: Restoring National Vitality in an Age of Decay. Later in the show, Jonathan Johnson, CEO of Overstock, returns to the show to talk about challenges and opportunities facing business leaders in 2023. -Chris is publisher of American Greatness. A contributing opinion writer for the New York Times, he has also written for the Washington Post, SpectatorWorld, USA Today, The Hill, The New Criterion, and other publications. He is a frequent contributor to Fox News, NPR's “Morning Edition,” PBS Newshour, and “Hardball” and regularly appears on CNN. He is the author of the book, Trump vs. The Leviathan and, along with Seth Leibsohn,  American Greatness: How Conservatism, Inc. Missed the 2016 Election & What the Establishment Needs to Learn. He was a Publius Fellow at the Claremont Institute and received a fellowship from the Earhart Foundation. Chris is a serial entrepreneur who has built and sold businesses in financial services and digital marketing. He received his B.A. from Claremont-McKenna College.-Jonathan Johnson is the CEO of Overstock, a leading online home furnishings retailer. Since assuming this role in 2019, Johnson has positioned Overstock as more than just an e-commerce website - streamlining its widespread merchandising interests into a concentrated, focused strategy dedicated to providing dream homes for all. Johnson is a member of Overstock's board of directors and has been an integral part of the company's growth - from a start-up to publicly traded with over $3 billion in sales and nearly 2,000 employees. Overstock was recognized as one of the nation's top employers in 2021.Since joining Overstock in 2002, Johnson has held various positions within the company, including chairman of the board, executive vice chairman, president, and general counsel. He is also a member of the board of directors of The J.M. Smucker Co, a Fortune 500 and leading consumer packaged goods company. He was chosen for this position due, in part, to his innovative FORWARD plan, (Overstock's remote work structure following the COVID pandemic), and his vast supply chain, marketing, operations, general management, technology, finance, and corporate governance experience.From 2016-2021, Johnson served as president of Medici Ventures, a former Overstock subsidiary which invested in blockchain technology and fintech businesses including tZERO, Bitt, Medici Land Governance, GrainChain, PeerNova, and Voatz. While leading this portfolio of companies, Johnson spent countless hours educating the public and policy makers around the world about the potential of blockchain. In early 2021, Medici's assets were transferred to a venture fund overseen by Pelion Venture Partners.Prior to Overstock, Johnson worked for TenFold Corporation, practiced corporate law in Los Angeles with two international law firms and served as a judicial clerk at the Utah Supreme Court. Johnson received a bachelor's degree in Japanese from Brigham Young University, studied at Osaka University of Foreign Studies in Japan as a Ministry of Education Scholar, and received a law degree from the J. Reuben Clark Law School at BYU.Johnson is based in Salt Lake City, UT, where he resides with his wife of 34 years. He has 5 sons, two granddaughters, and enjoys cycling, crossword puzzles, and reading poetry. He is active in many facets of the community.-Connect with us:www.breakingbattlegrounds.voteTwitter: www.twitter.com/Breaking_BattleFacebook: www.facebook.com/breakingbattlegroundsInstagram: www.instagram.com/breakingbattlegroundsLinkedIn: www.linkedin.com/company/breakingbattlegrounds This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit breakingbattlegrounds.substack.com

Crypto just experienced the largest crash in history, with an estimated $200 Billion wiped from the market just this week. It's all because of one company - FTX.  The former billionaire and CEO of FTX, Sam Bankman-Fried, has been hailed as the Hero of WEB3 throughout the bear market, but this week he became Crypto's biggest villain. Tracy Wang of Coindesk joins the show to tell us how her colleague, Ian Allison, triggered this chain of events with leaked information received earlier this week, and all the seedy details that have come out since then.  Plus, Meta lays off 11,000 of it's workforce after another quarter in the red. Year over Year losses have reached over 22 Billion dollars as their conquest towards the Metaverse fails to gain traction.  While Crypto Crashes and Meta Burns - Blockchain Tech is still making its way into the mainstream. This midterm election, some voters were able to submit their ballot remotely from their smart phone, thanks to the company Voatz. We meet with CEO Nimit Sawhney to find out how soon this will be available to all voters - and is it safe?  

The wild rollercoaster ride of Bitcoin over the course of the year was peanuts compared to the 2020 presidential election. Voter fraud was and is still the hot topic of debate – how do we make voting accessible to as many eligible voters as possible while guaranteeing the accuracy and credibility of the votes? Could blockchain provide the solution? Join the debate on Episode 32 of the Crypto for Newborns podcast and cast your vote for a blockchain solution after hearing the pros and cons! Resources: Article: https://www.csail.mit.edu/news/mit-experts-no-dont-use-blockchain-vote (MIT experts: no, don't use blockchain to vote) https://voatz.com (Voatz website) https://en.wikipedia.org/wiki/Voatz (Voatz Wikipedia entry) https://horizonstate.com (Horizon State website) Article: https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2021/02/17/despite-security-concerns-online-voting-advances (Despite Security Concerns, Online Voting Advances) Article: https://www.investopedia.com/news/how-blockchain-technology-can-prevent-voter-fraud/ (How Blockchain Technology Can Prevent Voter Fraud) If you would like to donate a bit of cryptocurrency to the Crypto for Newborns podcast, feel free to send as much as you'd like – far be it from me to inhibit your generosity! I'm accepting Ethereum right now but if you're compelled to send me some other kind, email me at your earliest convenience! $ETH 0x0789f67C8F889f58130959F4E1F5E9C8F99d49F1 Thanks for tuning in!

Jonathan Johnson joins Chuck and Sam on this week's episode of Broken Potholes. Jonathan serves as the CEO of Overstock. Since assuming this role in 2019, Johnson has focused the e-commerce home furnishings retailer on sustainable, profitable market-share growth. With a brand vision of 'Dream Homes for All,' Overstock is one of the top four U.S. online retailers specializing in home furnishings. Overstock was recognized as one of the top employers of 2021.From 2016-2021, Johnson also served as president of former Overstock subsidiary, Medici Ventures. Medici focuses on using blockchain technology to democratize capital, eliminate frictional middlemen and re-humanize commerce. Under Johnson's leadership, Medici made investments in and grew many cutting-edge blockchain technology and fintech businesses including, tZERO, Bitt, Medici Land Governance, GrainChain, PeerNova, and Voatz. This innovative portfolio is using disruptive technology in projects that range from bringing vast populations out of poverty to overhauling securities markets. As a vocal supporter, Johnson spent countless hours educating the public and policy makers around the world about the potential of blockchain. In early 2021, Johnson brokered a deal with Pelion Venture Partners where Medici's assets were converted into a Fund overseen by Pelion. Pelion is helping the portfolio companies reach their full potential.Johnson is currently a member of Overstock's board of directors. He served as the chairman of the board from 2014 to 2017, transitioning to the position after five years as the company's president, and later as the executive vice chairman. Johnson joined Overstock in 2002 as the company's general counsel and has held various business and legal positions within the company. He has been an integral part of Overstock's growth from a small start-up to a publicly traded company with over $3 billion in sales and nearly 2,000 employees.Prior to joining Overstock, Johnson worked for TenFold Corporation in various positions, including CFO and general counsel. Before that, he practiced corporate law in Los Angeles with two international law firms and served as a judicial clerk at the Utah Supreme Court. Johnson received a bachelor's degree in Japanese from Brigham Young University, studied at Osaka University of Foreign Studies in Japan as a Ministry of Education Scholar, and received his Juris Doctor degree from the J. Reuben Clark Law School at Brigham Young University.CONNECT WITH USTwitter: https://twitter.com/BrokenPotholesFacebook: https://www.facebook.com/brokenpotholesInstagram: https://www.instagram.com/brokenpotholes/LinkedIn: https://www.linkedin.com/company/broken-potholesShow notes: www.brokenpotholes.vote This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit breakingbattlegrounds.substack.com

Ravencoin's Tron Black joins Tatiana & Josh for a fascinating discussion about the project. From its origins and goals to the technology specifics, you'll learn tons about the currency and its blockchain, from the challenges of keeping fairness in the mining community to regulatory issues that the entire blockchain space are dealing with. Plus, Tron's thoughts on Dogecoin's rise, Elon Musk's involvement, and what sets Ravencoin apart from it.About the Guest:Tron Black is a freedom advocate, crypto developer, entrepreneur, and founder of two startups which were sold to publicly traded companies. Since early 2013, Tron has been working in the crypto-currency space as a miner, developer, investor, and trader. He was one of the first five employees of t0 (tzero), and helped issue the first publicly traded SEC acknowledged parallel crypto-equity for Overstock.com and the world's first crypto bond offering. Tron was a Principal Developer for Medici Ventures which invests in a portfolio of companies including TZero, Bankorus, Bitt, Voatz, Minds, Chainstone Labs, Ripio, SettleMint, Vinsent, and Spera. Tron is currently the President of the Ravencoin Foundation. Tron has given away crypto-currencies to hundreds of people to help increase awareness of how value now moves as easily as e-mail. He's written articles about Bitcoin, Monero, Dash, STOs and Ravencoin, and been featured on many crypto-currency podcasts. He regularly gives talks on crypto-currency topics worldwide. Tron is currently an advisor to TZero, TUSC, Realio.fund, EquaStart, and the lead developer for Ravencoin (RVN) which is both a top crypto-currency and a leading crypto-asset platform.If you like this content, please send a tip with BTC to1Q2QHoNowg8D2QzWhBQU1YrraG771aCpgSMore Info:Tatiana Moroz '“https://www.tatianamoroz.comRavencoin Project -https://ravencoin.orgRavencoin Foundation -https://ravencoin.foundationRavencoin Campus -https://download.ravencoincampus.orgFriends and Sponsors of the Show:Proof of Love '“http://proofoflovecast.com/Crypto Media Hub '“https://www.cryptomediahub.com/Global Crypto Advisors '“http://globalcryptoadvisors.comYou have been listening to the Tatiana Show. This show may contain adult content, language, and humor and is intended for mature audiences. If that's not you, please stop listening. Nothing you hear on The Tatiana Show is intended as financial advice, legal advice, or really, anything other than entertainment. Take everything you hear with a grain of salt. Oh, and if you're hearing us on an affiliate network, the ideas and views expressed on this show, are not necessarily those of the network you are listening on, or of any sponsors or any affiliate products you may hear about on the show.

Ravencoin's Tron Black joins Tatiana & Josh for a fascinating discussion about the project. From its origins and goals to the technology specifics, you'll learn tons about the currency and its blockchain, from the challenges of keeping fairness in the mining community to regulatory issues that the entire blockchain space are dealing with. Plus, Tron's thoughts on Dogecoin's rise, Elon Musk's involvement, and what sets Ravencoin apart from it. About the Guest: Tron Black is a freedom advocate, crypto developer, entrepreneur, and founder of two startups which were sold to publicly traded companies. Since early 2013, Tron has been working in the crypto-currency space as a miner, developer, investor, and trader. He was one of the first five employees of t0 (tzero), and helped issue the first publicly traded SEC acknowledged parallel crypto-equity for Overstock.com and the world's first crypto bond offering. Tron was a Principal Developer for Medici Ventures which invests in a portfolio of companies including TZero, Bankorus, Bitt, Voatz, Minds, Chainstone Labs, Ripio, SettleMint, Vinsent, and Spera. Tron is currently the President of the Ravencoin Foundation. Tron has given away crypto-currencies to hundreds of people to help increase awareness of how value now moves as easily as e-mail. He's written articles about Bitcoin, Monero, Dash, STOs and Ravencoin, and been featured on many crypto-currency podcasts. He regularly gives talks on crypto-currency topics worldwide. Tron is currently an advisor to TZero, TUSC, Realio.fund, EquaStart, and the lead developer for Ravencoin (RVN) which is both a top crypto-currency and a leading crypto-asset platform. If you like this content, please send a tip with BTC to 1Q2QHoNowg8D2QzWhBQU1YrraG771aCpgS More Info: Tatiana Moroz – https://www.tatianamoroz.com Ravencoin Project - https://ravencoin.org Ravencoin Foundation - https://ravencoin.foundation Ravencoin Campus - https://download.ravencoincampus.org Friends and Sponsors of the Show:Proof of Love – http://proofoflovecast.com/Crypto Media Hub – https://www.cryptomediahub.com/ Global Crypto Advisors – http://globalcryptoadvisors.com You have been listening to the Tatiana Show. This show may contain adult content, language, and humor and is intended for mature audiences.  If that’s not you, please stop listening. Nothing you hear on The Tatiana Show is intended as financial advice, legal advice, or really, anything other than entertainment. Take everything you hear with a grain of salt. Oh, and if you’re hearing us on an affiliate network, the ideas and views expressed on this show, are not necessarily those of the network you are listening on, or of any sponsors or any affiliate products you may hear about on the show.

Ravencoin's Tron Black joins Tatiana & Josh for a fascinating discussion about the project. From its origins and goals to the technology specifics, you'll learn tons about the currency and its blockchain, from the challenges of keeping fairness in the mining community to regulatory issues that the entire blockchain space are dealing with. Plus, Tron's thoughts on Dogecoin's rise, Elon Musk's involvement, and what sets Ravencoin apart from it. About the Guest: Tron Black is a freedom advocate, crypto developer, entrepreneur, and founder of two startups which were sold to publicly traded companies. Since early 2013, Tron has been working in the crypto-currency space as a miner, developer, investor, and trader. He was one of the first five employees of t0 (tzero), and helped issue the first publicly traded SEC acknowledged parallel crypto-equity for Overstock.com and the world's first crypto bond offering. Tron was a Principal Developer for Medici Ventures which invests in a portfolio of companies including TZero, Bankorus, Bitt, Voatz, Minds, Chainstone Labs, Ripio, SettleMint, Vinsent, and Spera. Tron is currently the President of the Ravencoin Foundation. Tron has given away crypto-currencies to hundreds of people to help increase awareness of how value now moves as easily as e-mail. He's written articles about Bitcoin, Monero, Dash, STOs and Ravencoin, and been featured on many crypto-currency podcasts. He regularly gives talks on crypto-currency topics worldwide. Tron is currently an advisor to TZero, TUSC, Realio.fund, EquaStart, and the lead developer for Ravencoin (RVN) which is both a top crypto-currency and a leading crypto-asset platform. If you like this content, please send a tip with BTC to 1Q2QHoNowg8D2QzWhBQU1YrraG771aCpgS More Info: Tatiana Moroz – https://www.tatianamoroz.com Ravencoin Project - https://ravencoin.org Ravencoin Foundation - https://ravencoin.foundation Ravencoin Campus - https://download.ravencoincampus.org Friends and Sponsors of the Show: Proof of Love – http://proofoflovecast.com/ Crypto Media Hub – https://www.cryptomediahub.com/ Global Crypto Advisors – http://globalcryptoadvisors.com You have been listening to the Tatiana Show. This show may contain adult content, language, and humor and is intended for mature audiences.  If that’s not you, please stop listening. Nothing you hear on The Tatiana Show is intended as financial advice, legal advice, or really, anything other than entertainment. Take everything you hear with a grain of salt. Oh, and if you’re hearing us on an affiliate network, the ideas and views expressed on this show, are not necessarily those of the network you are listening on, or of any sponsors or any affiliate products you may hear about on the show.

Ravencoin's Tron Black joins Tatiana & Josh for a fascinating discussion about the project. From its origins and goals to the technology specifics, you'll learn tons about the currency and its blockchain, from the challenges of keeping fairness in the mining community to regulatory issues that the entire blockchain space are dealing with. Plus, Tron's thoughts on Dogecoin's rise, Elon Musk's involvement, and what sets Ravencoin apart from it.About the Guest:Tron Black is a freedom advocate, crypto developer, entrepreneur, and founder of two startups which were sold to publicly traded companies. Since early 2013, Tron has been working in the crypto-currency space as a miner, developer, investor, and trader. He was one of the first five employees of t0 (tzero), and helped issue the first publicly traded SEC acknowledged parallel crypto-equity forOverstock.comand the world's first crypto bond offering. Tron was a Principal Developer for Medici Ventures which invests in a portfolio of companies including TZero, Bankorus, Bitt, Voatz, Minds, Chainstone Labs, Ripio, SettleMint, Vinsent, and Spera. Tron is currently the President of the Ravencoin Foundation. Tron has given away crypto-currencies to hundreds of people to help increase awareness of how value now moves as easily as e-mail. He's written articles about Bitcoin, Monero, Dash, STOs and Ravencoin, and been featured on many crypto-currency podcasts. He regularly gives talks on crypto-currency topics worldwide. Tron is currently an advisor to TZero, TUSC, Realio.fund, EquaStart, and the lead developer for Ravencoin (RVN) which is both a top crypto-currency and a leading crypto-asset platform.If you like this content, please send a tip with BTC to1Q2QHoNowg8D2QzWhBQU1YrraG771aCpgSMore Info:Tatiana Moroz '“https://www.tatianamoroz.comRavencoin Project -https://ravencoin.orgRavencoin Foundation -https://ravencoin.foundationRavencoin Campus -https://download.ravencoincampus.orgFriends and Sponsors of the Show:Proof of Love '“http://proofoflovecast.com/Crypto Media Hub '“https://www.cryptomediahub.com/Global Crypto Advisors '“http://globalcryptoadvisors.comYou have been listening to the Tatiana Show. This show may contain adult content, language, and humor and is intended for mature audiences. If that's not you, please stop listening. Nothing you hear on The Tatiana Show is intended as financial advice, legal advice, or really, anything other than entertainment. Take everything you hear with a grain of salt. Oh, and if you're hearing us on an affiliate network, the ideas and views expressed on this show, are not necessarily those of the network you are listening on, or of any sponsors or any affiliate products you may hear about on the show.

Nimit Sawhney, Co-Founder and CEO of Voatz, discusses the company’s mission to make mobile voting a reality and the role that blockchain technology plays in this movement.

Rich talks with Kahlil Byrd about making voting more accessible through smart phone apps, kiosks, online and in-person voting with Kahlil Byrd who is on the advisory board of Voatz, one of the leading developers of voting apps for the smart phone.Support the show (https://RichardHelppie.com)

Desde el martes 7 de diciembre y hasta este próximo 12 de diciembre, los venezolanos podrán dejar constancia de su respuesta a las tres interrogantes de la Consulta Popular activada por el gobierno interino de Juan Guaidó con su voto digital, a través de la aplicación Voatz, disponible en Google Store y Apple Store. Para el 12 de diciembre, se espera tener puestos presenciales de votación en 78 países y en todos los 335 municipios de Venezuela. De esta forma se recogerán los votos de la diáspora venezolana que puede alcanza La consulta se plantea claramente como un mecanismo articulador del descontento popular y una manera de lograr la activación política de ese descontento, también como una forma de prevenir una posible normalización de varios países aliados con el régimen chavista. ¿Cómo se ha organizado el proceso? ¿Qué se espera de la consulta? ¿Saldrán los venezolanos a participar? Cesar Miguel Rondón profundiza el tema junto a Horacio Mediana, @hormed2012, Miembro del comité organizador de la consulta popular, Juan Pablo Guanipa, @JuanPGuanipa, diputado y primer VP de la Asamblea Nacional y la periodista Valentina Quintero @valendeviaje #ConsultaPopular #12D #Oposición #Libertad #Régimen #OpsicionVsOposicion #Unidad --- Send in a voice message: https://anchor.fm/sincodigo/message

Esta vez Naky y Luis Carlos se juntan para hablar sobre el análisis de las elecciones del 6D, también tocan el tema de la Consulta popular organizada por la Asamblea Nacional en Venezuela y varias organizaciones políticas y civiles. Hacen una comparación de la consulta del año 2017 y lo que se propone para este año 2020 a través de Voatz, Telegram y una página web.

Some interesting tips and tricks as we look at multiple privileges escalations from XNU to Ubuntu, Bitdefender, and Dropbox (HelloSign). [00:01:31] Apple allegedly not crediting researchers [00:10:26] Response to Voatz's Supreme Court Amicus Brief [00:23:45] Standing up for developers: youtube-dl is back [00:30:05] HelloSign SSRF leads to AWS private key disclosure [00:38:02] Silver Peak Unity Orchestrator RCE [00:42:51] Get root by pretending nobody's /home [00:48:20] Project Zero: Oops, I missed it again! [00:55:12] Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions [01:01:07] Sleep Attack: Intel Bootguard vulnerability waking from S3 [01:05:56] SAD DNS Explained [01:12:02] Cache-in-the-Middle (CITM) Attacks: Manipulating Sensitive Data in Isolated Execution Envrionments [01:23:33] A Systematic Study of Elastic Objects in Kernel Exploitation Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])

Today's blockchain and cryptocurrency news Brought to you by ungrocery.com Bitcoin is up 4% at $13,911 Ethereum is up 3% at $390 and XRP is up 2% at 24 cents Top gainers in the last 24 hours: Ampleforth up 21% Stacks up 15% Bitcoin turns 12 today. The Bitcoin white paper was published October 31, 2008. Ripple paid 9.3 million in XRP incentives to MoneyGram in Q3. Verizon unveils "Full Transparency" blockchain backed effort. Overstock(.)com touts possibility of VOATZ MakerDao members vote today on a safeguard against flash-loan voting attacks.

Making voting more accessible through technology could allow more people to take part in elections. But it also poses critical downsides, if the product fails or there are security failures. Harvard Business School professor Mitchell Weiss debates the risks, rewards, and business models for mobile voting in his case study on “Voatz.”

The U.S. is holding the general election during a pandemic. Many voters are eager to vote by mail, while others remain wary of mail-in ballots. Just about everyone longs for a faster, more secure method to cast their vote without exposing themselves to SARS CoV 2, the virus that causes Covid-19. Many wonder why, if we do everything else on our phones, including banking, we can't vote with them. Some communities already tried blockchain assisted mobile voting but with mixed results. Many academics are stridently opposed to mobile voting. This episode will consider whether new technologies can help us find a more secure way to vote. We report on some options to in-person voting and review the security threats inherent in mobile or blockchain assisted voting. In a previous version of this podcast released on October 2nd, we said that Bradley Tusk was funding mobile voting apps, including the Voatz app. Tusk Philanthropies has given funding to voting precincts to launch mobile voting pilot programs - not to the apps themselves.

Today on Boston Public Radio: NBC “Meet the Press” moderator Chuck Todd weighed in on the latest headlines around November’s elections, and President Trump’s handling of the coronavirus pandemic.  GBH News’ Adam Reilly discussed new GBH/MassINC polling on voter attitudes around the 2021 Boston mayoral race.  We opened lines to ask listeners: is it time for leaders in the science and medical communities to call out President Trump’s reckless statements on coronavirus and climate change?  Former Suffolk County Sheriff and Secretary of Public Safety Andrea Cabral discussed the recent settlement reached between the city of Louisville, Ky. and the family of Breonna Taylor, as well as last week’s study from Harvard Law School on stark racial disparities in the Mass. justice system.  Harvard Business School behavioral economist Michael Norton discussed research on leisure, and what we know about those of us who have a hard time letting loose. We also opened lines to hear your thoughts on active and inactive leisure time.  Shannon O’Brien, former Mass. Treasurer and advisory board member of the Brookline-based voting app Voatz, discussed growing interest in online voting, and the pros and cons of current online voting systems.  Travel guru Rick Steves called in to reflect on a series journals he wrote as a teenage traveling “urchin,” and discuss how traveling has shaped his worldview. We opened lines to talk with listeners about what Rick Steves describes as the “traveler’s mindset,” and ask: have you been able to use the coronavirus pandemic to discover new things about the places around you?

New bluetooth flaws have been found, the USPS used vulnerable systems for years, and voatz wants to  make it harder for you to do your job! All that coming up now on ThreatWire. #threatwire #hak5 Links:Wifi Pineapple Mk VII Unboxing and GIVEAWAY!: https://www.youtube.com/watch?v=Tt1rh45g1rM&t Support me on alternative platforms! https://snubsie.com/support Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://teespring.com/stores/shannons-store-24 http://www.youtube.com/ShannonMorse?sub_confirmation=1  --  subscribe to my tech channel! ThreatWire is only possible because of our Patreon patrons! Sign up now for ACTION ALERTS! Help me reach our next ThreatWire goal to unlock merch tiers and an audio podcast! https://www.patreon.com/threatwire  Links:New Bluetooth Vulnerability:https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/blurtooth/https://thehackernews.com/2020/09/new-bluetooth-vulnerability.htmlhttps://threatpost.com/bluetooth-bug-mitm-attacks/159124/ USPS using outdated vulnerable systems:https://www.uspsoig.gov/sites/default/files/document-library-files/2020/20-251-R20.pdfhttps://www.vice.com/en_us/article/akzpd5/postal-service-used-apps-that-had-catastrophic-vulnerabilities-for-yearshttps://www.businessinsider.com/us-postal-service-used-outdated-systems-2020-9 Voatz voting company wants to make security research harder:https://www.supremecourt.gov/DocketPDF/19/19-783/153062/20200903122434600_Voatz%20Amicus%20Brief.pdfhttps://www.cnet.com/news/online-voting-company-pushes-to-make-it-harder-for-researchers-to-find-security-flaws/https://www.cnet.com/news/security-flaws-mar-mobile-voting-app-researchers-say/https://www.cyberscoop.com/voatz-cfaa-supreme-court-mobile-security-voting/ Photo credit:https://upload.wikimedia.org/wikipedia/commons/6/6d/USPS_mailboxes.jpg   -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.orgShop →  https://www.hakshop.comSubscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1Support → https://www.patreon.com/threatwireContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Host: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Nimit Sawhney remembers the obstacles to voting in his native India, the world’s largest democracy. He channeled that frustration — and considerable tech skills — into creating Voatz, a platform allowing secure voting anywhere from a smartphone. Nimit shares the challenges and thrills of introducing new technology to a polarized country.

Nimit Sawhney joins The Great Battlefield podcast to talk about his career as a technologist and how Voatz has created the technology seeking to provide safe and secure voting via mobile phones.

Could electronic voting help the US hold an election? Ed Butler speaks to Nimit Sawhney founder and CEO of Voatz - a US startup that provides voting through a smartphone app, and to Priit Vinkel, the former head of the state electoral office of Estonia where 50% of citizens now cast their votes online. J. Alex Halderman, professor of computer science at the University of Michigan explains why e-voting systems are so risky when it comes to election security. Lori Steele Contorer, former founder and CEO of e-voting company Everyone Counts, argues the case for electronic voting amid the coronavirus pandemic. Producer: Edwin Lane (Photo: Voters line up at polling stations in the US state of Wisconsin earlier this year; Credit: Getty Images)

Nimit Sawhney, CEO and Co-Founder of Voatz, shares how his company is leveraging biometrics, the blockchain and smartphone technology to enable voting from a mobile device. Since June 2016, Voatz has run more than 66 elections, including 11 targeted, well-designed governmental election pilots across five states for deployed military personnel, overseas voters and voters with disabilities.

CLR Show 1460.  Air Date June 10, 2020.  Why can't all Americans vote conveniently and securely using their cellphones?  In an era of American change, what change could be more fundamental and unifying?  CLR interviews the Founder and CEO of Voatz software. 

Nimit Sawhney is the CEO of Voatz, one of the leading blockchain-based voting platforms in the United States -- with more than 80,000 votes cast on the Voatz platform across more than 50 elections since 2016. In this episode, Nimit and Derek talk about the current problems that exist with electoral voting – including friction and inefficiency, lack of voter participation, human error – and why the time might be arriving for state and federal elections powered by mobile cameras, biometrics, and blockchain technology. We also discuss how COVID-19 has accelerated the demand to fix a number of fragile systems across the U.S. – including voting, supply chains, and financial infrastructure like the trading of securities.

各位链团财经的读者朋友们，大家早上好。欢迎收听链团财经早间资讯。今天是2020年5月3日星期日，农历庚子年四月十一。首先让我们聚焦今日财经：诈骗者为东京奥运会延期索要比特币捐款美国犹他州共和党全国代表大会使用Voatz区块链手机应用进行投票济南将持续推进落户流程再造，强化区块链技术应用主流平台搜索热度：新浪微博“区块链”指数热度日环比大涨116.55%杰富瑞全球股票策略主管建议投资者在减半之前购买比特币安全研究员发现加密货币投资组合跟踪应用程序Blockfolio旧版本存在安全漏洞特斯拉创始人马斯克推特两次回复比特币内容，引起加密社区反响2020年第一季度，欧美女性加密用户数激增R3报告：全球中央银行正推行的所有CBDC项目都旨在创建批发CBDC系统康奈尔大学副教授：绝大多数加密货币并不代表任何技术进步今日财经就到这里，下面我们来聊一聊关于区块链的那些事儿： 据新浪专栏，中国互联网金融协会区块链研究工作组组长、中国银行原行长李礼辉发文《Libra到底具有哪些颠覆性的潜力？》，文章表示，从现有进展看，Libra有可能获得批准。我们应该关注的是，Libra可能具有足够的潜力，从根本上重构全球的货币体系：超越国家主权，僭越中央银行，跨越商业银行。一是可能冲击主权货币地位。二是可能重塑货币霸权地位。三是可能形成跨越商业银行的金融体系。四是可能影响人民币国际化的进程。 以上就是今天链团财经早间资讯的全部内容，感谢您的关注与支持，祝您生活愉快，我们明天再见。

各位链团财经的读者朋友们，大家早上好。欢迎收听链团财经早间资讯。今天是2020年5月3日星期日，农历庚子年四月十一。首先让我们聚焦今日财经：诈骗者为东京奥运会延期索要比特币捐款美国犹他州共和党全国代表大会使用Voatz区块链手机应用进行投票济南将持续推进落户流程再造，强化区块链技术应用主流平台搜索热度：新浪微博“区块链”指数热度日环比大涨116.55%杰富瑞全球股票策略主管建议投资者在减半之前购买比特币安全研究员发现加密货币投资组合跟踪应用程序Blockfolio旧版本存在安全漏洞特斯拉创始人马斯克推特两次回复比特币内容，引起加密社区反响2020年第一季度，欧美女性加密用户数激增R3报告：全球中央银行正推行的所有CBDC项目都旨在创建批发CBDC系统康奈尔大学副教授：绝大多数加密货币并不代表任何技术进步今日财经就到这里，下面我们来聊一聊关于区块链的那些事儿： 据新浪专栏，中国互联网金融协会区块链研究工作组组长、中国银行原行长李礼辉发文《Libra到底具有哪些颠覆性的潜力？》，文章表示，从现有进展看，Libra有可能获得批准。我们应该关注的是，Libra可能具有足够的潜力，从根本上重构全球的货币体系：超越国家主权，僭越中央银行，跨越商业银行。一是可能冲击主权货币地位。二是可能重塑货币霸权地位。三是可能形成跨越商业银行的金融体系。四是可能影响人民币国际化的进程。 以上就是今天链团财经早间资讯的全部内容，感谢您的关注与支持，祝您生活愉快，我们明天再见。

LOJI IS BACK! Stefan joins Seth and Ken to talk about his work on Trail of Bits assessment of the Voatz mobile application, share thoughts on Zoom, and discuss the assessment process. Discussions on report writing, risk assessments, threat modeling, and other appsec goodness.

LOJI IS BACK! Stefan joins Seth and Ken to talk about his work on Trail of Bits assessment of the Voatz mobile application, share thoughts on Zoom, and discuss the assessment process. Discussions on report writing, risk assessments, threat modeling, and other appsec goodness.

On this week’s show Patrick and Adam discuss the week’s security news, including: KSA uses SS7 to track its citizens in USA Governments begin virus tracking through personal devices FBI warns of Iran-linked crew in yer supply chains Voatz gets booted from HackerOne All the cloud and Zoom drama (PLEASE NOTE: This is a re-post. Looks like our CDN mangled the initial mp3 for some regions. Should work ok now. - Pat) This week’s show is brought to you by Signal Sciences. Instead of interviewing one of their people, they suggested we interview Andrew Becherer in this week’s sponsor interview. Andrew runs security for Iterable, but before that he ran the security program at DataDog. He’ll be along after this week’s news to talk about how much easier it is to stand up a security program in 2020 as opposed to the last time he did it five or so years ago You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Revealed: Saudis suspected of phone spying campaign in US | World news | The Guardian SS7map: SS7 Networks Exposure Government Tracking How People Move Around in Coronavirus Pandemic FBI re-sends alert about supply chain attacks for the third time in three months | ZDNet HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers Houseparty app offers $1m reward to unmask entity behind hacking smear campaign | ZDNet Marriott discloses new data breach impacting 5.2 million hotel guests | ZDNet FCC tells US telcos to implement caller ID authentication by June 30, 2021 | ZDNet Memento Labs, the Reborn Hacking Team, Is Struggling - VICE RDP and VPN use skyrocketed since coronavirus onset | ZDNet Update #2 on Microsoft cloud services continuity | Azure blog and updates | Microsoft Azure Zoom hit with class-action lawsuit for sharing user data with Facebook FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic — FBI A Norwegian school quit using video calls after a naked man ‘guessed’ the meeting link | TechCrunch FBI warns Zoom, teleconference meetings vulnerable to hijacking - CyberScoop Zoom Removes Code That Sends Data to Facebook - VICE FBI turns to insurers to grasp the full reach of ransomware - CyberScoop Cyber insurer Chubb had data stolen in Maze ransomware attack | TechCrunch Medical and military contractor Kimchuk hit by data-stealing ransomware | TechCrunch Microsoft announces new 'Hardware-enforced Stack Protection' feature | ZDNet Android lets advertisers get a list of all your apps -- and this API feature is broadly used | ZDNet Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics | ZDNet Risky Business Live, March 31, 2020 - YouTube Risky Business Live #3 -- Booz Allen Hamilton's Russia report, Azure getting creaky and more - Risky Business Network of fake QR code generators will steal your Bitcoin | ZDNet A mysterious hacker group is eavesdropping on corporate email and FTP traffic | ZDNet Malware from notorious FIN7 group is being delivered by snail mail Rare BadUSB attack detected in the wild against US hospitality provider | ZDNet Google to resume Chrome updates it paused last week due to COVID-19 | ZDNet Google says no APP users have been phished to date | ZDNet Russians Shut Down Huge Card Fraud Ring — Krebs on Security U.S. cybersecurity experts see recent spike in Chinese digital espionage - Reuters Dark web hosting provider hacked again -- 7,600 sites down | ZDNet OpenWRT code-execution bug puts millions of devices at risk | Ars Technica Seriously Risky Business

Seth and Ken provide their take on the Voatz mobile app dismissal from HackerOne. Additional discussion of network trends during social distancing and COVID-19 as reported by Shodan. Finally some thoughts on the new OWASP Firmware Testing Guide and InQL, a GraphQL Burp Suite Pro plugin.

Seth and Ken provide their take on the Voatz mobile app dismissal from HackerOne. Additional discussion of network trends during social distancing and COVID-19 as reported by Shodan. Finally some thoughts on the new OWASP Firmware Testing Guide and InQL, a GraphQL Burp Suite Pro plugin.

More discussion about election hacking with Voatz undergoing a more complete security assessment, we also discuss a few interesting web attacks and end with a good discussion about a new code-reuse mitigation: Hurdle. [00:00:20] Learn Exploit Development While Not Dying [00:02:10] Exploit Education [00:07:32] Pwn2Own Results https://www.zerodayinitiative.com/blog/2020/3/19/pwn2own-2020-day-one-results [00:16:19] DEF CON CTF 2020 QUALS COVID-19 DELAY [00:22:30] Software Engineer - Jobs at Apple [00:30:56] Tesla Model 3 Denial of Service Vulnerability [CVE-2020-10558] [00:36:26] Trail of Bits - Voatz Security Review [01:01:49] XXE-scape through the front door: circumventing the firewall with HTTP request smuggling [01:08:12] Don't Clone That Repo: Visual Studio Code^2 Execution https://github.com/doyensec/VSCode_PoC_Oct2019/https://github.com/doyensec/VSCode_PoC_Oct2019/blob/master/.vscode/settings.jsonhttps://github.com/doyensec/VSCode_PoC_Oct2019/commit/19b4687259bd5d1821525a3ebbe6aa76618359c3#diff-62b00de1d62bb867ef03dec7057712f1R50 [01:14:22] [Hacker101] Race Condition leads to undeletable group member [01:19:58] JavaScript without parentheses using DOMMatrix https://portswigger.net/web-security/cross-site-scripting/contexts/lab-javascript-url-some-characters-blocked [01:24:21] Hurdle: Securing Jump Instructions Against Code Reuse Attacks https://www.youtube.com/watch?v=qFWTZ2zZ1XQhttp://se.ri0.us/2020-03-23-110829182-9e1b1.png Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])

In this Current Forkast, we bring you top headlines around the world, including how coronavirus batters crypto markets, Covid-19 infiltrating Ethereum events in Europe, Robinhood's latest woes, Blockchain voting after the stain of Voatz, IOTA limping back after cyber attack, and smart cities and blockchain regulations in China

In this Current Forkast, we bring you top headlines around the world, including how coronavirus batters crypto markets, Covid-19 infiltrating Ethereum events in Europe, Robinhood’s latest woes, Blockchain voting after the stain of Voatz, IOTA limping back after cyber attack, and smart cities and blockchain regulations in China.

On this week’s show Patrick and Adam discuss the week’s security news, including: Coronavirus phishing lures are everywhere Czech hospital ransomwared during crisis Voatz mobile voting app destroyed by Trail of Bits audit We recap yesterday’s livestream Windows SMBv3 bug probably not such a big deal ALL the week’s news This week’s sponsor interview is with Sam Crowther, founder of Kasada. They do bot detection and mitigation and apparently they’re quite good at it. Sam joins the show to talk through the new greyhatter of anti-anti-bot. It’s actually a really fun conversation, that one, so stick around for it. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes State-sponsored hackers are now using coronavirus lures to infect their targets | ZDNet The Internet is drowning in COVID-19-related malware and phishing scams | Ars Technica undefined TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years | Proofpoint US Live Coronavirus Map Used to Spread Malware — Krebs on Security Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak | ZDNet High-Stakes Security Setups Are Making Remote Work Impossible | WIRED A Mobile Voting App That's Already in Use Is Filled With Critical Flaws - VICE Microsoft delivers emergency patch to fix wormable Windows 10 flaw | Ars Technica undefined undefined undefined undefined Medical Device Regulation: EU to give €100bn MedTech industry a security health check | The Daily Swig WordPress to add auto-update feature for themes and plugins | ZDNet undefined Tor team warns of Tor Browser bug that runs JavaScript on sites it shouldn't | ZDNet Avast disables JavaScript engine in its antivirus following major bug | ZDNet US is preparing to ban foreign-made drones from government use | TechCrunch Card data from the Volusion web skimmer incident surfaces on the dark web | ZDNet Intel CPUs vulnerable to new 'Snoop' attack | ZDNet Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks | ZDNet We Built a Database of Over 500 iPhones Cops Have Tried to Unlock - VICE The Web’s Bot Containment Unit Needs Your Help — Krebs on Security undefined Cyberattack Hits HHS During Coronavirus Response - Bloomberg Microsoft discontinues RDCMan app following security bug | ZDNet Google awards $100k to Dutch bug hunter for cutting-edge cloud security research | The Daily Swig #737140 Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies oracle chat on prem - Google Search Risky Business - Risky Business publications/voatz-securityreview.pdf at master · trailofbits/publications · GitHub publications/voatz-threatmodel.pdf at master · trailofbits/publications · GitHub Our Full Report on the Voatz Mobile Voting Platform | Trail of Bits Blog Securing a work from home workforce - YouTube

Cloud Snooper is infesting cloud infrastructure servers. A China-skeptical advocacy group draws attention to US states’ contracts with Chinese vendors that aren’t named “Huawei.” Senator Wyden would like the security company that audited the Voatz to explain the clean bill of health it gave the voting app. Facebook’s campaign troll hunt comes up empty, so far, this time. And what we’re seeing and hearing at RSAC 2020. Our Chief Analyst Rick Howard on SASE and what he’s looking for at RSA, guest is Dr. Chenxi Wang from Rain Capital previewing her panel at RSA and discussing innovations in the industry.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_25.html Support our show

In breaking news from 1995, the Washington Post takes advantage of a leaked CIA history paper to retell the remarkable tale of Crypto AG, a purveyor of encryption products to dozens of governments – and allegedly a wholly controlled subsidiary of US and German intelligence. Nick Weaver, Paul Rosenzweig, and I are astonished at the derring-do and unapologetic enthusiasm for intelligence collection. I mean, really: The Pope? This week's interview is with Jonathan Reiber, a writer and strategist in Oakland, California, and former Chief Strategy Officer for Cyber Policy and Speechwriter at the Department of Defense, currently senior advisor at Technology for Global Security and visiting scholar at the UC Berkeley Center for Long-Term Cybersecurity. His recent report offers a candid view of strained relations between Silicon Valley and the Pentagon. The interview explores the reasons for that strain, the importance of bridging the gap and how that can best be done. Nick reports that four PLA members have been indicted over the Equifax breach. He speculates that the US government is sending a message by disclosing a photo of one soldier that appears to have been taken by his own webcam. Paul and I note that China's motivation for the hack was very likely the assembly of records on Americans not dissimilar to the records we know the Chinese keep on Uighurs – which are extraordinarily detailed and surprisingly artisanal.  The arrest of a Bitcoin mixer allows Nick to explain how Bitcoin mixing services work and why they're illegal. Paul lays out the potentially serious impact of Amazon's lawsuit to stop a $10 billion Microsoft-DOD cloud contract. We note that Amazon wants to take testimony from President Trump. Thanks to his Twitter habit, we conclude, that's not out of the question. I preview my remarks at a February 19 Justice Department workshops on Section 230. I will reprise my article in Lawfare and the encryption debate with Nick Weaver that inspired it. And I hope to dig as well into the question whether Section 230 provides too much protection for Silicon Valley's censors. Speaking of which, Jeff Bezos's company has joined the censors but won't tell us which books it's suppressing. Nick and I give a favorable review to CISA's new #Protect2020 election strategy. We search for deeper meaning in the Internet Assigned Numbers Authority's (IANA's) failure to complete its Domain Name System Security Extensions (DNSSEC) root key signing ceremony because of… a physical safe. And we all take a moment to mock the latest vote-by-phone snake-oil app seller, Voatz. Download the 300th Episode (mp3). You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed! As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.

Welcome!   We are going to hit a number of topics today from the world of Technology. Primaries and Caucuses are underway and with that always comes the topic of technology and security and it is no different this year.  Apps are being developed and brought to market without being fully tested.  Extensions are being created that have ulterior purposes and are being downloaded by thousands and even more, on Tech Talk With Craig Peterson today on WGAN.  It is a busy show -- so stay tuned. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Four States Use A Flaw Filled Mobile Voting App  Iranian Hackers Exploit VPNs Worldwide IT Disaster Recovery/Business Continuity Exacerbated by Coronavirus  Be Careful of Extensions on Chrome - Many found to Upload Your Private Data.  Sharp Increase in Exposed Records by Third-Party Applications Automotive Apps originally designed for Personal Owners cause headaches for rental agencies. 1.77 Billion  - That is how much Businesses lost last year to Business Email Compromises  Encrypted Communications for the Masses --- Automated Machine Generated Transcript: Hey, welcome, everybody. Craig Peterson here on WGAN. And we're live on Facebook. And we, of course, can be found over my website as well Craig Peterson, calm. We got a lot of topics for today's show. But we're going to start with the one that is really on everybody's minds right now is we see more of these primary elections beginning to come up, and we see problems. Well, I don't know, or are they problems or features? I guess they are problems with some of the election technology that has been used over in Iowa. New Hampshire's technology was rather straightforward as the Secretary of State in New Hampshire says, and it's hard to hack a pencil, although they're not using pencils. In New Hampshire. They are using felt pens, which are hard to hack as well. And these cards can like the cardboard that you would have in the back of a shirt when you purchase it. It's that type of cardboard that is not shiny or glossy, and then it goes through an optical reader that scans the ballot and places it in the bottom of that machine. An election official stands there to make sure that the balance legitimate. That you are not trying to stuff the ballot box, and that machine counts your vote. Now the unfortunate thing is those machines are kind of old in most states, some of them, I think maybe all of them are still running Windows XP, but there's no easy way to get it the operating system. It's never connected to a network. Even though some of these machines that have been examined and have patch levels zero or in other words, no patches of Windows XP, which is quite surprising when you get down to it. That is a big problem in many many cases. In New Hampshire, the primary went pretty well. Of course this weekend, the next one coming up, which is in Nevada. The Nevada caucuses. I don't know what to believe anymore because I've heard both sides of this. One that voting in Nevada is using the same technology that was used over in Iowa, which to me would be just a shocker and a whole big dismayed because it was just so terrible. As I've said on the radio before, in fact, this week when I was on with Ken and Matt, I think it was, might have been with Jim, I'm trying to remember who it was, which show. I pointed out how in when we're looking at some of this technology, we all well, not all of us, but some of us love the latest greatest technology. I'm one of those guys that like to stick with something that I know works and explore current technologies and newer things. But so many times we get just bamboozled as taxpayers because the people that are in control of the purse strings, they like the latest coolest stuff. They buy equipment from people they know hence the app and iOS. Former Hillary Clinton staffers ran the company chosen for use in Iowa, and I don't know how much vetting they did. We do know that the code wasn't checked. Homeland Security had offered. We also had offers coming in from Federal Investigation Bureaus and from several security companies saying, Hey, listen, we'd be glad to have a look at this. It was all closed source. It wasn't open-source where you can have a look at that software and say, yes, indeed, everything's legit. That is excellent software. People can find bugs in it. If they find a bug, they can report it, and it can get fixed, right? There are so many different things that they could have done when we're talking about trying to make this secure. I see Mary just joined us here on the Facebook Live and which is cool. She and I have worked several elections in the pas,t and we've been monitoring them. I have a son that's been one of these election officials. You know, part-time people that get pulled in to watch the voter checklist and things in New Hampshire, you have to have an ID to vote, which is weird, you know. I liked the way we did it here, Maine's doing the same thing. Most New England states are in fact as northern New England are doing the same thing where we have a felt pen, we have a piece of paper, we mark it down on that piece of paper, and we can then count it later on. If there's a problem, right? You can just go to that paper that sits in the closet, pull out the stack, bring it with you. And once you've done that, you can have a bunch of people sit around and think about Florida 20 years ago and what happened there with the hanging chads. They at least had a physical card they could look at although you know pregnant chats, hanging chads got to be quite the mess. So now we're getting concerned because of this new voting app that's out there. It's called Votz. V-O-T-Z is how they spell it. It's not the same one that was used the caucuses in Iowa. The app that the Democratic Party was using was trying to take the tabulations that were made by the people who were at all of these different precincts and figure out what the vote tallies were and then supposedly put it into the app and it gets sent up. This vote app that we're talking about right now goes a few steps beyond that. They want military personnel, and people are overseas to use it when they can't necessarily vote when they want to vote. It's, you know, panacea, maybe it's something we can get to in someday, but four states are going to use it this year. It has not undergone the trials that really should have gone down. And it's using a buzzword that I think got people's attention. And they're saying, Oh yeah, this is going to be safe because it's using this buzzword called blockchain technology. Blockchain technology is what used behind various cryptocurrencies, like Bitcoin and some of the others, to help secure the transaction. So the whole log is it signed each record inside the register is signed. Just because it has blockchain doesn't mean it's secure and doesn't make it properly designed. I've got a quote here in this article from MIT, is computer science artificial intelligence lab saying the whole thing is sloppy. It looks sloppy. It's in Georgetown Law. It's awe-inspiring. They were able to find such a pervasive set of vulnerabilities, said Matt Blaze and election security expert and computer science professor at Georgetown Law School. But we should also remember it's ultimately unsurprising that they would be able to do so because of every expert has warned against Internet voting as being vulnerable to flaws exactly like this goes on. The University of Michigan here Alex Halderman, saying that it makes vote seemed like a sham. So it is a sham. I think I think it's a real problem. But we're going to do it anyways and four states, including West Virginia, this year is going to be a mass. We've already seen what happened in Iowa. We saw excellent voting happen in New Hampshire. We're not sure what's happening this weekend in Nevada, then Super Tuesday is right on the heels. Some of these states are using these voting apps. Some of them are using the apps used in caucuses. I think thank goodness there aren't very many caucuses in the country. And we'll see, but one thing is guaranteed, and that is it will be quite the debacle. It is going to end up being a problem for everybody involved because they didn't vet this technology. Now, I reported on this a couple of weeks ago, this $10 million grant set aside by the Department of Defense grant, ultimately, and it was to design a voting machine that would be secure. A voting machine that we could trust. I think that's just wonderful. It hasn't really been tested yet. They brought it last year to one of these conferences like Black Hat and Defcon. They brought it out there. Every year there is a voting machine village where they have all kinds of voting machines there. They are asking people to go ahead and try and hack into the voting machines. We had a 15-year old that was able to hack a voting machine right there, and they compromised every voting machine except for the device under development on this $10 million contract. Now, that might seem impressive, and that might be kind of encouraging to some of us. I think it kind of is in some ways. However, the reason they did not hack it was it didn't work. They were not able to get it online and did not get it online until Sunday, which was the last day of the conference. And so no one got to test it out. But that was last year. Let's get them a little real a little bit under their belt, a little water under that bridge sometime, and they will be able to do it. And you know, I think they'll be able to do it ultimately, but I still will be the biggest proponent of a pencil and a piece of paper or a felt tip pen. The software, By the way, those votes VOATz software is being used in Denver, parts of Oregon, Utah and Washington State, we'll see what happens. West Virginia, as I said, is going to use it. But for disabled voters, the federal government requires all states to have electronic voting machines that can be used by disabled voters. I know here where I live in New Hampshire, we have a thing I don't know they might have passed. Now they're kind of getting old. Twins, twin women, and one of them was pretty much deaf, and the other one was pretty much blind. So they were able to help each other out in a massive way, which is kind of cool and get right down to it. But what they did is they kind of both helped each other to vote, but we all have in every precinct people who are there who can help people with disabilities. I don't like this requirement to have electronic voting machines. But the MIT researchers, these other researchers all agree with me. I'm very concerned about the Android phone and Android as a platform for people to use. I don't know if you are if you're using Android, you know, I'm always saying use iPhones much, much more secure. But I also am not looking at an iOS as being the problem. Cure-all for some of the voting machines. Anyhow, we are live on Facebook, as I'm putting the show together and shout out to everybody who is on there and asking questions. I appreciate it. And I will go back in and answer questions for anybody a little bit later on who has them, and I want you to stick around. I will be back here after the commercial break. We're going to be talking more about the latest in technology. We're going to be getting into these Iranian hackers that have been hacking VPN. If you think your VPN is safe. We've got another thing coming. So we're going to shut this one down. And we will be right back. Thanks for joining us, of course, Craig Peterson dot com. Hello, everybody. Welcome back. Craig Peterson here on WGAN and affiliates. You'll find me online at Craig peterson.com. And, of course, online at Facebook. I'm doing this Live on Facebook, and also out at YouTube. And we're going to talk right now about VPN. So hopefully, you have some understanding of them. But some exciting statistics came up this week from our friends in government. The FBI has been warning us a lot lately about what's been happening over in Iran what they've been doing, and we don't have kinetic war. In other words, we're not shooting at each other, which is a good thing, right? But Iranian hackers have been right at the forefront of trying to hack into our systems, and they've been relatively successful. I have a few clients that are in the defense industry, because we do, of course, the higher security stuff, right. And they have been under constant attack from Iran for about six, eight weeks now ever since the last little tussle with Iran might have been longer than that. And we're seeing sustained efforts to hack into them. Well, now we're getting a report from our friends over at ZD net here about Iranian hackers targeting these VPN services. So I thought I'd start by kind of explaining to everybody a little bit more about VPN services, what they are, what they offer. And because I'm hearing ads about this all the time, and frankly, it's driving me crazy, because the ads are telling me that Yeah, Craig you need a VPN because it's the only way you're going to be safe. It's the only way you're going to be secure in your day. You've got companies out there that used to be known for anti-virus, which of course nowadays we know antivirus software is zero percent effective against the latest hacks that are out there. So antivirus software companies are trying to figure out what's another way that we can make some money because people are starting to realize that this is a scam. And it's been a scam for a lot of years. You know, antivirus worked pretty well 15 years ago. It doesn't work at all today, as I just mentioned for the latest now malware nastiness that's out there. So some of these companies one that comes to mind. It was purchased not too long ago by another anti-malware company is running a lot of ads. They're saying this we need our VPN you need our credit watch. They've tied in, with one of these companies that watch your credit looking for transactions, it might be a bad guy, and I'm a little concerned because here's what usually is going on in the VPN industry. Running a good VPN is expensive. When you are using a VPN, all of your data, depending on what type of a VPN, how it's employed is encrypted from point to point. We're talking about the right ones and not those that you hear the ads for when you're using those types of VPNs. Your data is transmitted up to the VPN service provider. Then once it gets there, it is sent out to the internet. So let's say you're trying to go to my site, Craig Peterson, dot com. If you're using a VPN, your web browser is going to ask the VPN server Hey, can I get the Craig Peterson dot com? What's the best way to do it? How can I get there, and the VPN server will say Hold on a second. I'll get that page for you. Then the VPN server goes out to Craig Peterson dot com gets the page and sends it back to you. Now, that would be a caching or proxy VPN server. And some of them will just pass packets through. But the big concern I have is twofold. One of them is this whole Iran thing, and we'll get into that in just a minute. Because it isn't only Iran. But the other one remembers if something is free, or if it's inexpensive, who's the product? You the product! And since you're the product, what do you think they're making money off of selling your personal information, that's how they make their money. And that is a big problem as far as I'm concerned. So what some of these VPN services are doing is they are tracking you online. Some of them go the next step, and they're actually acting as full proxies, and they are sometimes acting as a man in the middle attacks. They're injecting things into your data stream that you weren't expecting. So where you think you're getting the VPN to have some security, and to have some privacy. Some of these VPN services are the exact opposite. They are reducing your privacy because what they're doing now is taking your data and selling it to the highest bidder that's out there, right. So I think that's a problem. And if you think it's a problem, maybe you shouldn't use some of these cheap VPN services. And I haven't gotten any I actually like, okay, I've heard advertisements on these radio stations, my shows airing on and I've checked them out, and I'm not comfortable with any of them. And the only VPNs I use or VPNs that I run, but remember, your data still has to hit the internet at some point. Remember, you're using one of these VPN services. versus your data is going to the VPN service provider. And at that point, it hits the internet. So it's now out on the internet. Well, if you're trying to make sure your data doesn't get on the internet, and people aren't hacking you, you've lost because your information does have to get to the internet. How are Internet Service Providers supposed to get to your bank? How are they supposed to get to my website? How did they suppose to get to Facebook or Google or YouTube? They have to go over the whole internet as well. If you're using one of these services, and they're going out to the internet. What do you think is a bigger target you at home, using the internet via your cable company or your telco or maybe your smart device. Is that one device a big target, or do you think that perhaps its the VPN service providers that are the bigger target, right? I'm not sure I need an answer because it's kind of a rhetorical question. The most significant marks out there when it comes to VPNs are these VPN service providers. And we're seeing warnings out there right now that Iranian hackers have targeted pulse secure, which has VPN software that they sell to businesses, shown to be insecure. Pulse Secure for the net. Another example of one of these security companies, right that has a VPN service, Palo Alto Networks, a company I have never used and never recommended either. I haven't recommended any of these companies to anybody ever. We've gone up against Palo Alto Networks in some proposals and contracts and, and they won them because of all the whiz-bang, not because they were the best of the safest, and so So there you go, Paul secure Fortinet, Palo Alto, and Citrix VPN are now being used to provide a back door into larger companies. So if you're a business person, I'm going to put these right now into this channel so that you can look it up for you or business and seeing and write this in as a comment over here in the Facebook Live that you can find online. Yes, go to Craig Peterson, calm slash Facebook. It'll take you to my Facebook channel. But there's the list of them. It is from an article that's out there on ZDnet. I think they have been publishing some great information lately. I've been using them in a number of my alerts that I send out as part of my Saturday morning emails. But some of these attacks have happened according to this firm called clear sky that Iranian hackers have targeted companies. From the IT telecommunications, oil, gas, aviation government and security sectors, why because that's where all the real money is. The particular report is dispelling frankly, the notion that it's their Russian and Chinese hackers or maybe North Korean because the Iranian hackers don't know what they're doing right. I've heard that before all Iran, don't worry about it. They know what they're doing. When in fact, yes, within hours of being disclosed, the Iranian hackers were right in there. It's terrifying. So keep an eye out. I look. Again, online at Craig Peterson, calm you'll find this article, and a whole lot more. Make sure you ask your IT department if you're using any of these VPN services or software. And by the way, in most of these cases, you can get patches to fix it. When we come back. We're going to be talking about Coronavirus and the new challenges right here on WGAN. Hey, welcome back Craig Peterson here WGAN and online at Craig Peterson dot com, of course, on Facebook as well. I am live on Facebook, and you can ask questions there you can watch this whole show as it unfurls, and you will find me there. You can ask questions almost anytime. We try and keep you up to date on what is happening out there in the world of technology. Well, you might not have thought of coronavirus as anything more than just a piece of nastiness, right. The virus I know some people are saying well you know we haven't had as many deaths from the Coronavirus, also known as covin-19. I was trying to remember the name little earlier. We haven't had as many deaths from that as we have from our regular flu virus every year. Right now is the peak of flu season in the northeast and Anyways, and in many parts of the country, and what is there to worry about, right? Is it going to hit us? It seems to be slowing down. We don't have a whole lot of information from our socialist friends in China. Like most socialist governments, they play things very close to the chest. They don't want people to know what's happening, including their citizens. But we have some new fears now, and this is a great little article that I have found over on dark reading. It's pointing out some of the security challenges that we're facing, because of the whole Coronavirus thing. Everybody's heard about it, everybody's scared of it. And when you get right down to it, you're watching me right now listening to me talking about the Coronavirus because it is an exciting thing to understand. The CDC has not only maps of where the Coronaviruses hitting right now, but the CDC also has information about general flu viruses this time of year. There are outbreaks of different diseases, what's happening where CDC.gov now I've seen some fake stuff like CDC, dash gov.org, just all kinds of fake sites. With phishing, we've got to make sure that all of our employees, family, friends, know not to click on any of those links. Don't click on them. However, people do and when you click on them, who knows what's going to happen, you might be downloading malware, you might just be confirming this is a valid email address for more and future spamming, right there might be a lot of different things that it can do to you. Don't do that. The next one I think that that's very interesting is something most businesses have not addressed. What would happen if maybe covid-19, or something else, actually becomes a pandemic? What if it is not even a pandemic. What if you have an office with five or ten people in it and everybody comes down with the flu or cold? At the same time? Have you prepared for a business continuity challenge? And it isn't just what might happen if you're sick. It might also be a little bit further than that. What might happen if the business burns down? Or there's flooding, or no one can get into the office for a day or two because of some natural disaster? Maybe, it's just a really nasty ice storm like we had here? What a decade ago, where there were portions of New England that had no power for six weeks, in the middle of winter. That's a very, very big deal. What would your business do? Most people will haven't had a good hard look at business continuity, just in general, although we really should. And when we've got the cyber attackers coming after us, it also brings to mind what would happen if they got through, and let's say it was a version of ransomware that encrypted all of your data or deleted all of your data and demanded a ransom. Are you going to be able to handle that? Right? It's a big question. Will you be able to continue with your IT people, whether they're outsourced or in-house? How about your security operations people? It could be a huge problem. Let's move it up-scale because I know we've got a lot of people listening, who have more substantial companies. Maybe a 200 person company, perhaps something more prominent and it would be interesting to know you can just drop it in the channel like to know a little bit. But if you've got to hundred people working in one building and it's a contagious virus that's getting spread, the odds are pretty darn good, that 10 to 15% of your workforce is going to get nailed with that bug. Okay. Here's an example from the article. If it's by the way, if it's something that might be pandemic, there's an excellent chance the government's going to quarantine everybody anyways, whether the people get sick or not. Okay, and what's that going to do to your business? It is a consultant over Accenture working in Mexico City during the h1 in one virus spread ten years ago. They were saying that the current quarantine protocols are 14 days. So think about that. What happens if your business if your employees are out for 14 days if you've got a large outsource facility. Your security management, any facility, with a large number of people and you probably don't want to bring 100 people together and put them in a small room unless you-yourself have evidence that none of them have been affected. The second part of the challenges they may not be able to get there even want to get there. Now, this is the business continuity side. Can your business continue if there is a spread of these types of diseases, this could be huge? Some Indian companies have reported, according to dark reading, they've reported disruptions because of stoppages and shipments from China. They've got 45,000 Plus Now I don't know what the number is confirmed infections over 1000 deaths. So if you part of your supply chain now is affected, in this case with the Covid-19. Of course, most businesses are worried about the supply chain from China. There's supply chain manufacturing the low-cost components from China to Indonesia and all kinds of places in Southeast Asia what happens if that goes away too? If you have parts being made anywhere in the world, keep in mind that businesses are starting to move if they haven't already. Then with all of the phishing that's going on, It can get to be a very big problem. Proof point and Cisco Talos have reported messages purporting to provide tips for virus protection. They appeared to be sent not only by official government organizations but by the own businesses itself, upper management. So there's an example of spearfishing going after a specific company, and the messages get used to stealing credentials drop malware like mo tap, and in lures specifically targeting manufacturing and shipping industries. The nano core remote access software, these are back doors, like the kind I've talked about on the show that we have found in business and that is before backdoors get put in there by China or that Iran now has become a big player in all of this. So very, very big problems. Hey, if you have joined me on Facebook for the Facebook Live Welcome, welcome. I appreciate the comments, like seeing the thumbs up, so please do give that to me. Otherwise, you can find me online at Craig Peterson dot com. I post all of everything we talked about every week, right there Craig Peterson dot com and I started sharing videos and, and other things as well on YouTube and a little bit more on Facebook. When we come back after the break, we've got more to discuss. Next up. We're going to talk about these 500 Chrome extensions that have been secretly uploading people's information. How's that for a scary thing? So stick around because we'll be right back. If you are on Facebook Live. We're going to end this Facebook Live and start another one with our new topic in about five minutes on the radio. We'll be back even quicker than that. So stick around. Hold on one sec. Here we go, everybody. Welcome. Welcome Craig Peterson here on WGAN and elsewhere. Of course, also on Facebook, Facebook live is where you'll find me there. Just go to Craig Peterson dot com slash Facebook. You can sign up for my weekly newsletter, where I make sure you have all of the latest news, everything that you need to know. And right now we're going to talk about everybody's favorite browser while except for mine. One of the companies that we use goes by the name of Duo and what they have recently found out about our friends over at Google and Chrome. If you are a big follower of mine, and you've attended some of my pop-up training, I do quite a few of them. Those are always free and, and I have some tutorials as well. I talk a lot about extensions because there are quite several extensions that can be fantastic. And I use them all of the time. If I were to bring up my browser here, you would see a whole bunch of extensions that I use continually. I use them to block certain advertising types, and I use them to prevent various kinds of malware. I have some extensions that use artificial intelligence to figure out what is this page trying to do? Because we've got things like pop-unders, where it opened something up, and it has little timer was saved for an hour, and then it pops up to this big scary message that you need to update windows or update something now Because it's out of date, and there are hackers out there that are trying to get you. And that's called, by the way, scareware. But it comes through your browser, and you have no idea. So some of these extensions that I use are specifically designed to look at the source code on the page, look at not just the HTML, obviously, but look at the JavaScript or so much stuff is hidden. So it pulls in all these pieces of JavaScript. Usually, they're removed in from multiple sites and assembles them has a look at them, and will even change them based on what it finds. Now, those are beneficial extensions. Then on the other side, there are these toolbar extensions. I don't know if you've used these before, man, these used to be all of the rages, and I still see them installed in people's computers. And these toolbar extensions give you a little bit of extra something sooner, just a call right in These extensions going to track you when you're online and shopping and tell you where the best deal is? Well, yeah, it's following you, right? It knows that you're on a shopping site because you give that extension access to all of your browsing history. Then it knows what you're looking at up the site and knows what you are searching. Because so many of these extensions come with their little search bar up top right. Yahoo was one of the big guys out there in this browser bar extension business. And every last one of them at the very least, despite you. Now, that's bad, right that it's bad enough. But now we're looking at this same mo wait a minute here. We have now uncovered 500 Chrome extensions that have been secretly uploading the private data from millions of users. Huge deal. An article in Ars Technica, if you are over on the Facebook Live, you'll see the article, right there has a direct link to it. But this is very bad. It was just discovered on Thursday here. It's been just about just over a week. And we found out from these guys, that what had happened is that these website extensions had more than 1.7 million installations. It was an independent researcher who worked with Cisco's own Duo Security. And they found all of these things. They then reported it privately to Google and the researchers and found 71. Google looked at what the researchers had seen, and how those extensions were coded up and how they we're behaving. Then Google found an additional 430 extensions. And Google has removed all known extensions that were doing this. So that's the right side of it. But that's the known extensions. Those are the extensions that we're doing something that looks suspicious that Google and the security researchers could identify. In this case, reported here, the Chrome extension creators and specifically made extensions that obfuscated the underlying advertising functionality from users. Now it did say advertising in this quote because here's another thing that they do. If you visit a website, and you have an extension installed, that has access to the websites that you're visiting, here's what they've been doing. They look for ads from their customers, so you've got a bad guy, Inc. Okay. And then what better guy he does is he goes out and says, Hey, listen, I can get you 1000 collects of thousand new views of your page, just pay me up. Then what they'll do is they will play some ads for you. These are pay-per-click ads. Every time someone clicks on an ad, they have to pay, right, and some of these ads are cheap at five cents. You don't see that too much anymore. Some of them are $500 for a single click. That money then goes to Google, who then shares it with whoever had the website where the click originated. Okay, so it's a pretty lucrative business if you as a bad guy that could guarantee clicks on these expensive websites That is what they're doing with some of these extensions. They are watching the pages you're visiting to look for an ad from one of these sites that they get some money fro, but now they can have your browser click on the ad unbeknownst to you. Your browser now clicks on that ad. They make some money because they have the fake ads that are up so all kinds of nastiness. The other side of this is let's say the bad guys want their competitors to stop advertising online. Let's say they make cups, and I make this glass. Other companies out there that make a blue glass kind of like this. They find out what are the ads this other blue glass company is running. They have their little extensions out there. They hire these people that only extension to then clicks on the competitor's ads automatically for them. The competitor might have a five hundred dollar a day limit with Facebook ads, and all of a sudden now that five hundred whatever it is they're spending where they've put a cap on it, right? So whatever it is they're spending is being 100% wasted, because you don't even see the ad. There are so many ways that the bad guys are using these extensions. It is a maze of redirects, malware, and more. Some of these plugins will do Bitcoin mining or other types of blockchain cryptocurrency mining out there. Man, there's just all kinds of them hardcoded control servers, which by the way, I've got another tutorial coming out telling you how to stop your computer from going on to some of these command and control servers. And that's going to be phenomenal for you. So keep an eye out for that coming up in a couple of weeks. Many the redirections because they're using redirections, as well as part of this, go to ads for products or Macy's, Dell, Best Buy large volume of ad content, as many as 30 redirects, the deliberate concealment of most ads from end-users and the use of the ad redirect streams to send infected browsers to malware and phishing sites. It goes on the bottom line, beware of extensions, but I also want you to be aware of apps, right? What are the apps that you are using? What are those apps providing you with? Now I'm talking about apps that are on your smartphone or on your tablet, maybe some programs that are on your computers. Okay, they're out there? What are those apps Are those apps something that you need? Many of them spy on you, which is another dangerous thing. They're stealing your data. They're taking the information they're sending to the bad guys. Right? It just goes on and on. So make sure you don't do that it is dangerous stuff. All right, I am doing this radio show on Facebook Live. If you want to follow me on Facebook, it's easy enough to do Craig Peterson comm slash Facebook. And if you are not a Facebook fan, and there are a lot of reasons not to be a Facebook fan, then you can also see a lot of these videos up on YouTube. I do YouTube lives, as well. You'll find that at Craig Peterson comm slash YouTube. And of course, you're listening on the radio, and you're going to find me on pretty much every streaming service that's out there. So I want to quickly ask a question - which browser do you use? If I say create a poll? What's going to happen here? Oh, there it is. I'm going to publish it right now. I see. Okay. All right. So far it's showing up. I should have clicked this a little bit earlier. So Facebook Live, you have a poll. Do you prefer Google Chrome, Firefox, Microsoft Edge, or Opera? And I personally use Firefox and Opera, Google Chrome and edge I don't trust particular Google Chrome, however, There are times when you have to use one of those two browsers, because your company might be using a website that's specifically programmed to only work with that particular browser. There. There might be other reasons, but let me know. Click on it there. If you are not watching me on facebook right now Facebook Live, go ahead and answer that poll. I'd really like to know or just drop me an email me at Craig Peterson calm. Let me know what your favorite browser is and why. And make sure that you delete every extension you don't need. Every app you don't use and don't need. We've got to cut back because it just presents such a broad attack surface to the bad guys. All right. Okay, so let's see end of this segment. When we come back, we of course, have a whole lot more to talk about. We're going to talk about third party breaches, what's been happening. It's increased sharply in 2019. If you are a business person, this is for you. Your listening to Craig Peterson WGAN and online at Craig Peterson dot com hello everybody welcome back Craig Peterson here on WGAN or also on Facebook Live if you have any questions, by all means drop them right here into the channel can always ask me a question to online anytime. Just email me and he had Craig Peterson calm more than happy to respond. You might have to have a little bit of patients I do try and get back ASAP. But if someone or my staff is not noticing or final notice Don't feel bad. It's not as though we hate you. But we do try and answer every question that comes our way just me at Craig peterson.com. We're going to talk right now about third party risks whether you are a small business or a little large business, this is a huge deal. very huge deal. And it's also a huge deal if you are an individual, because you are dealing with everything from Cloud services through a milk delivery company. All of these are third party services provided by third party companies. And many of them have information about us. And I've heard from so many businesses lately, that are now required under the new federal standards, the CMC standards, that they don't think that they really apply to them because they're not a primary government contractor. It's they don't have a whole lot or any personally identifiable information. You know, why? Why would you come after me? I just don't matter in the whole big scheme of things. So it's not something that I should have to worry about. When the law is clear, they do have to worry about it, but they're still not worried about it. And I think the biggest reason is because people just don't understand the risks involved. You're using Google spreadsheets, for instance, Google docs for me, you know, Microsoft Word replacement. And, and Google also has kind of a PowerPoint thing called Google Sheets, I think it is, or slides, Google Slides that you can use in order to put the presentation together. And even to show a presentation. It's, it's really rather cool stuff all the way around. But this is an example of a third party vendor. We already know that Google is looking at all of those documents and trying to figure out what a can use from that and in order to sell us stuff, right or do seller information to third parties. And in that's obviously a bit of an issue. But when we're talking about these smaller businesses that might be selling to Another government contractor that might be selling to Raytheon who's selling to the Department of Defense, just as an example. They wonder, why does it matter? That I'm really secure, because I'm making something that's completely passive. It's not as though I'm making the software that controls a missile in flight. Right? It is not doing any of those sort of things. So why should it matter? And I think that it's a good question, but here's why it matters. There were some huge hacks of the Department of Defense last year, and those hacks a good 50% of them came from their vendors. We're talking about a third party risk. That third party that vendor you're using, whether it's Google Docs and Dr. Mike, you might be using a version of Dropbox as Just a regular end user version might be using an unsecured or improperly secured as your instance or Amazon Web Services instance. You could be using any of those types of things. And guess what's going to happen if you're using those. All of those people who have your data could be used as a way into your computer's think for a minute. We spoke earlier today about these 500 plus Google Chrome extensions that were leaking your data there, the data is actually being stolen by third parties because of those. If you have software installed that's being used to manage your supply chain, and that supply chain software is tied into this third party vendor. Your network is is is exposed Now you may have tried to tighten it down, I might be as tight as could possibly be. And there's no problem here. But if you're like an average business, none of that is true. None of that is true at all. All of your data is potentially accessible by the third party. So some interesting stats that came out. And I again, I have this up on my website. I will post let me post this right now here in the Facebook Live channel. Okay. It's in there now to you can see that right at the end of my comment. They're showing that there were about 43% of businesses this last year 44% were, in fact, attacked and hacked via third party breaches. So in other words, the bad guys did not come in directly This wasn't a phishing attack attack necessarily directly against them. This wasn't a ransomware attack directly against them. It was against a third party. So it was a vendor who might have had all of their customer information they might have had to how to manufacture certain things. It could be all kinds of different types of information. And that information was then used against them. That's a very big deal. Think about billing. Think about your, your employees and their paychecks, their w 210 99. Since you send out all of these things to target so we talked earlier about these VPN services that are right now huge, they're huge attack vector. Now this number is up by the way 35% over the last two years. The number of records exposed in the breaches skyrocketed. Almost 300% last year, the cost of the breaches have gone up substantially as well. And you're going to find all of this up on my website, Craig peterson.com. But that's huge. So 44% of all firms that were surveyed had experienced a significant data breach caused by third party vendor. And remember, these are firms that know that they were breached. So let's look at an IBM study. This IBM study says it takes an average of 197 days for a company to identify that they have had a data breach almost 200 days to even identify even know that they had a breach and another 69 days to contain it. Fat is inexcusable. In excuse inexcusable, it really is. You know, so many people have fallen through victim to vendors that say, hey, we've got the solution for you Don't worry about it. This is this is going to be so easy, not a big deal. We'll take care of it for you and they don't that's the only explanation I can come up with here. For what 265 ish days, from the time a breach occurs to the time that they've contained it. 265 days, that's two thirds of a year. Now I believe me I'm this is not I'm not trying to sell you our services here. Okay. If you want to buy him great. I just want to let you guys know 250 days on average to contain it with what we do on average. It is this from this. From the time it happens to the time is discovered to the time it's contain. So from the very beginning of a breach to the time it's contained. With us, it's typically six hours. That's why I say this is in excusable, if you're a company with 200 employees with 1000 employees, and you're not using the right stuff. Whose fault is it? And I gotta tell you another number that I've seen before when when I was one of the FBI infragard programs that I ran, I had an expert on, and he was talking about breaches, and you know how many months it takes to discover and then to try and close the hole. If you take less than 30 days to stop the breach, on average, you save $1 million, a million dollars. So think about that when you're thinking about the cost of security. If you are slightly bigger company, you have a few hundred employees up into thousands of employees. And you can shave that whole massive number of 250 days, down to 30 days or less, you've saved yourselves a million bucks. So the million dollars that you might spend on security and by the way, it takes you quite a bit to spend a million dollars to even to get the kind of security I was just talking about, with the six hour to recovery stuff. A million bucks goes a long way now and that's plus, by the way, you know, all of your other costs, the loss of reputation that you get, so you're going to lose clients, you're not going to pick them up, you're not gonna be able to charge as much as you could before. People aren't going to trust you. All this is happening because of these third party breaches. So keep that in mind next time. You are auditing your business, right? You've got auditors and think about all of the people downstream from you who maybe you should be paying some attention to, because they have data that you might find to be sensitive. They might be used as a conduit to break into your systems as well as have their systems breached. Okay. So I know many companies now that are, are auditing their providers, their upstream downstream partners, for very, very good reason. So if you want to find out more, let me know just email me at Craig peterson.com. Be glad to punch in the right direction. You can find this particular order article over and dark reading and it's written by Jay v. JOHN, and you can find it as well at Craig Peterson calm Of course I post all of that stuff online. And if you have my newsletter, you get that Every Saturday morning, links to it there too. So stick around. We'll be right back. We got a lot more to talk about here. In this last hour of the show. We're going to talk about a rental car risk you might not be aware of. So stick around. Hey, welcome back. Craig Peterson here WGAN and and elsewhere. We are live on Facebook Live as well. out on YouTube. You can find me and Craig Peterson calm. And of course, listen to my podcasts on pretty much any platform out there. podcast platforms from one platform. I just been doing this for too long. I guess this is the problem. They've all found me. Oh no. So this is a great little article from our friends over at Ars Technica. I don't know if you're familiar with it. It's one of those websites that I follow fairly closely because they have so many great things out there. But this one is talking about the rental cars and I want you to think about cars for a moment because well, I like cars. Hopefully you do too. But what are the problems that we're seeing today that are actually caused by this latest, newest, most wonderful technology? And there are a lot of them frankly. And some of them have to do shoes me with our phones, right? We plug our phones into the cars, the cars will automatically say, Okay, I want the contacts, people will just blindly say okay, go ahead and upload the contacts. And all of your contacts are uploaded, and now the car has them and the next driver comes in I love doing this comes into the car and scrolls through all of the phones and sees all of the contacts people have their home addresses in their status home. So you just look up home on the on the cars GPS and and just some poor fool who uploaded all of his contacts into the car, right use seen that before a music downloads, just all kinds of stuff. So I'm always careful, I never let the car upload my contacts you were probably kind of conscious about that as well. If you're not making sure that that doesn't happen right to the car doesn't have your contacts. You You might also do what I do, which is after I'm done with the car, I go into the Bluetooth settings and disconnect my phone or with Apple Car Play. I make sure my phone is disconnected. Excuse me. So those are all things I think that most people would know about and think about. Well, here's the problem that we're starting to see today. These cars are getting smarter and smarter and have more and more features on them, don't they? So there there's been some research here. Ars Technica did a little dive into it as well. And this Dan Goodin ended up writing an article about This where he found that the previous driver to his car could start and stop the engine lock and unlock the doors and track the location of the vehicle because you remember again these cars are designed by my guys right and gals obviously but by guys who are not thinking about all of the use cases for the car you know man I had such a fight of one of my my eldest sons who works with me he's he's one of the employees and works with a company that is fire jumpers certified for not fire jumper as in the fire department, although he does have a firefighting certificate including tight spaces on ships, but he's a fire jumper for security when something bad happens. Or please, please have us design the network before something bad happens. He gets some old us all of those. Well. We have all of Our clients emails run through a set of high end filters provided by Cisco. So all of the emails coming in our filters, look at it, and they are phenomenal. They have cut my email, I was 5000 emails a day. And now I'm down to about 100 hundred and 50 emails a day just by the Cisco filters. So and by the way, I have, I think, in the last year had maybe one false positive, maybe one it's just these things are so smart the way they work, right? They're not just looking for keywords or other things are really looking at behavior. Because Cisco sees so much of the internet, right? Cisco runs the internet backbone, but then they see so much of that traffic plus they see so much of the email traffic they can, they can just be phenomenal. So we have all of our customers emails running through our data center and it's properly secure. Of course, and running through these special Cisco email filters. And then we take those emails and we forward them on to our customers mail servers. Well, one of the services that is used by quite a few of our customers, because it's inexpensive, relatively speaking, is the Microsoft Office 365. Now, there's a lot of levels of old 3065. It's their cloud services, right? But that's cloud is in the cloud, right? And we're not going to get into that right now. But they have a whole bunch of services. And Microsoft had an internal grey list against our Cisco email host that was doing all of the filtering. And Microsoft, you know, they said, Well, you know, we can figure it out. It took us 24 hours to escalate it to people who knew what they were even talking about. We showed them their own tech article on this problem. them inside Microsoft with Office 365. And said, Here's your problem. You guys know about it, you have defined it, here it is. And yet, you know, they they start you with the people that say is a computer powered on type, right? Just so, so, so frustrating to me. Well, the problem here is that the Microsoft software did not consider all their software designers did not consider all of the uses usage cases. In this case, the Microsoft software people thought, Well, people using Office 365 they're just going to be real small businesses and they are going to have you know, dozen through 1000 email accounts maybe. And so the usage patterns are going to be consistent, etc, etc. That's not true in a case like us, where all of the emails coming in from all over the internet. To to us for all of our customers, including their deal D contractor customers, right? The people, the customers that have it are compliant, have PCI that have legal compliance issues, accounting compliance issues, right. So they all come to us where they are heavily heavily filtered. And then therefore it on to Microsoft. Well, that's not a usage case they thought of when they design the software. So we were fighting with them. We had thousands of messages queued up So the good news is, we didn't lose any of the email. We kept it our systems noticed right away that Microsoft was misbehaving, which they do frequently. And and then we got on the horn with Microsoft, we went the level two right away and then level three No, I'm air quoting levels two and three, because they're not real levels two and three, not by our standards. By the time you get to level three or somebody like me that or Steve, the fire jumper, somebody that really knows What's going on? Right? That's not the case of Microsoft. Anyhow, the problem in Ars Technica is found here is that these cars are designed with the idea that there is a single owner. Now there might be multiple drivers to the vehicle, but there's a single owner, right? She owns the Mustang. She drives it, but you know, the old man drives every once in a while the kids might drive it once in a while as well. Well, in this case, they looked at a Ford Explorer. And October last year, they put an article in about a guy that was able to remotely start, stop, lock, unlock and track a Ford Explorer that he had rented and returned five months earlier. And they're saying now something almost identical has happened again to the same enterprise rental car customers. customer. Four days after returning a Ford Mustang, the Ford pass app installed on the phone continues to give them control of the car. So here we have a usage case where the car is being rented, it was not part of the original design considerations. And the rental car company, in this case enterprise, and maybe it's just one unit of enterprise, I don't know. But enterprise is not properly clearing or resetting, whatever they have to do to that car after somebody has rented it. So it's a real problem. And it's something we need to be cautious of. Because it's, it's not even something we can necessarily do anything about. But personally, I would go into the menu on the console on the control system, you know, the entertainment system, and I wipe out every phone that's in there, just so that something like this can happen to me, right? But that's what I would do and that's what I advise you to do as well. Okay, stick around. When we get back. We're going to talk about a new FBI report that's talking about what happened to this $1.7 billion right here. Stick around. Craig Peterson and WGAN and live on Facebook. Hey, welcome back everybody, Craig Peterson here WGAN and and elsewhere. Hopefully you're able to join me on facebook live this week and we spend some time talking about the articles and answering questions for everybody. And of course you'll find that online right now kind of all over the place, make sure you get my weekly newsletter. It'll keep you up to date on all the latest security topics and some of the cooler new technology out there that I think is or maybe isn't ready for prime time. Going to have a cool guests next week too. I I used to do a lot of guests. I had like a dozen a show back when I had a three hour show. But next week we're gonna talk with a buddy of mine Mine, who is actually fairly well known, he's written a book about sugar. And you probably know if you've been listening to me for a while, not all that long. But a while you know that I have been very conscious about my health and doing the intermittent fasting thing and stuff. And so we'll talk to him about what he has found. You might remember I did the Atkins thing some years ago, but we'll be talking with him a little bit about that, too. I'm sure next week, so Barry Friedman will be my guest. And I will probably be next week. We've got to figure out the calendars first. No, I hate it when that happens. Sorry about that little bit of a coughing fit. Okay, so let's get into the article right now. And this has to do with email compromise. Now we all have email accounts, right? You got them. I got them, whether they're on Google Shame on you, or if they are Microsoft Office 365. Okay, depends on which level you have. Or if you host them yourself, which is what we've been doing for decades now for ourselves and our clients. I like that because they have more control. I don't have the problems like we had with Microsoft this week with Office 365 for some of our clients. But when you have email, there's a certain type of exposure that you have. We talked earlier about this whole problem with the coven 19 with the corona virus, and how they're using it right now to get you to click on links and phishing attacks. click on links in SMS. Those are called smishing. To get you to do something that ultimately you shouldn't do because they're using it to download nastiness. And it can be nastiness in the form of ransomware he'd be nastiness in the form of software that being installed on your computer to use your computer's resources, maybe as part of a denial of service attack, maybe to attack other people and other computers that are out there, right? It's all pretty darn evil. Well, the FBI put together some numbers because there's this thing called a business email compromise. That's only part of the problem. Because it isn't just business email, that can be a problem here. It's also our personal emails. So we're finding on the personal side that people are getting emails that are again from bad guys, but what they're trying to do is get you to go a little bit further. So a lot of them for instance, are based around dating sites. So people looking for companionship, they might be out on one of these websites and and they meet somebody.g more coughing meet somebody and as they've met that person, they kind of go back and forth and how are you? Oh my we have so much in common and they're trying to scam you. That is a very, very big and prevalent thing right now. Because so many people are just trying to find somebody that they can love someone they can spend some time with. And enjoy company and you know how I get that pardon my French but this is a real tough time in the world. There's so many people that are so ostracize that are blocked off from other people that are just looking for something anything right? Doesn't have to be love. As I said it can just be companionship. So the FBI has been warning about that. And then we've got these business email attacks, that what's happening here is oftentimes it's spearfishing. They're going After the owner of a company, and and frankly some of these dating things are spearfishing, too, because they know that somebody who's a little bit older might have some money that they can get out. Yeah. And they'll ask you Hey listen, I my uncle cousin has this medical bill and and we really need the money can I get $10,000 from you and people, people are sending it in the business email account account. It's a little bit different. So here's another article from our friends over dark reading this up on my website as well. But it's same back in 2013 scams often started with the spoofing of a CEO or CFO his email account, fraudsters send emails appearing to come from these execs to convince employees to send wire transfers to fake accounts. Now we know that within the last six months, this has gone to the next level. We're there we are using computers to imitate the bosses voice and they've been able to take millions anyhow the article goes on. Since then business email compromise has evolved to include the compromise a personal and vendor emails, spoofed lawyer email account and request for W two data. Of course, taxis and everybody. This is a big one w two right now the IRS is warning about that. Attackers often target the real estate sector and or make requests for expensive gift cards. In 2019. The Internet crime center saw an increase in business email compromised complaints related to the diversion of payroll money. So the attackers send a fake email to human resources or payroll department requesting an update to a specific employees direct deposit information. This is really really big and you look at these numbers. We're talking about 1.7 billion in losses. That's absolutely huge amounts of money. The in 2019, they had a half a million complaints come in costing organizations three and a half billion dollars overall. That's up almost $3 billion from 2018. absolutely huge. So we have to be very, very careful. There are some reports out there email fraud and entity deception trends that are out there about the attackers what they're doing rise in hybrid attacks, which a victim receives an email making a request, and simultaneously receives a text message from a spoof number designed to seem to seem like the same person saying they just sent an email. It is highly targeted and also highly effective. So you got to be careful of all of this. We have to be careful of all of this and for business people, we have to be particularly careful about all of this government, government agencies. Did you see what happened with in Atlanta in the last year, how they got nailed multiple times. And it was ransomware. Getting in some of it was some business email compromises. We've had cities all over the country who have fallen victim to the business email compromise, and they have wire money to vendors that just don't exist, etc, etc. We have to be very careful. So how do you avoid this? First of all, don't send money to people that you really don't know. You know, you I'm thinking about those of us that are looking for companionship, friendship, maybe for a new lover, somebody that we can spend the rest of our lives with. Don't send them money really don't no matter how bad that sob story is. And then if we're business people be doubly careful. Verify everything via the phone. So the boss tells you that they need to move some money into another account. Call the boss you have their number, don't call the number in the email. If you are getting contact in HR from an employee's saying, hey, I want you to start direct deposited into my new account, here's the account number. Call back and verify it. Right That's always the case. You know, a police officer pulls you over the side of the road. You have a good chance that it's really police officer because they're an unmarked car. They have the blue lights going. They have a police officers uniform on. You just don't know even in that case. So be extra-extra cautious out there. Man. When we come back, we've got one more article for the day again, believe that it's gone so fast. We're going to talk about the most secure messaging app out there. Hi You can get it how you can use it. So stick around. You're listening to Craig Peterson and wg AN. And of course, Facebook Live in YouTube Live. Man, we're going overboard this week. Stick around because we'll be right back. Hey, welcome back, Craig Peters, Melanie or w g. N. and online Of course, we're doing a Facebook Live even as we speak, having a little fun there as the chuckles we're all about. Hey, I appreciate you guys joining me and I know that your time is valuable, and I don't want to waste one minute of it. So I'd love to get your feedback. What do you think of this show? What are the good parts, the bad parts? What do you want to see more of? What do you want to see less of let me know just email me and eat at Craig Peters. on.com. I'd really appreciate it and make sure that you are on my email list so that you get every week the latest in technology news. With a course in emphasis, as always from me on security, and what you can and should be doing for security in your home, and in your business, you know, I really focusing on business, because that's what I've been doing for so many years. You know, most businesses aren't in the cyber security business. And so they're trying to make their widgets provide their service, etc. And they're just left hanging when it comes to the security side cyber security. And I know that's true of you guys, too, who are in smaller businesses, even larger businesses and home users. But the answers the solutions are always the same, although you don't have as much money to spend so you're not going to be as well protected. Right? Do you also, hopefully don't have as many assets at risk. I know a lot of people who are high net worth individuals who come to me in order to get things secured, but as as a whole Most of the time is business Zilla. So I kind of aim at that. And then every month is well, we have a list of the top security vulnerabilities that there are patches out for telling you, hey, you need to update this software or that software. There's various vulnerabilities that you have to take care of immediately. Another coughing fit, man, hope this isn't assigned to something coming down with something. Here's the vulnerabilities you have to t

West Virginia and Oregon have both recently deployed mobile a voting app called Voatz to facilitate absentee voting. But Voatz now turns out to have major security flaws, according to researchers from the Massachusetts Institute of Technology—including vulnerabilities that could let a hacker manipulate results. The newly unearthed bugs could allow an attacker to reveal someone's votes, block votes from being submitted, or even manipulate them.

Weber County Clerk/Auditor Ricky hatch joins Josh Daniels and Heather Andrews to talk about the Super Tuesday presidential primary in Utah and how voters can request the ballot of their choice.   Overstock.com CEO Jonathan Johnson also joins to talk about Utah County's use of a new blockchain-powered mobile app, Voatz, to serve overseas and disabled voters. Josh and Jonathan set the record straight on a recent flawed study critical of the mobile app.

On this week’s show Patrick and Adam discuss the week’s security news, including: Ransomware shutters US natural gas plants Huawei hit with huge indictment Voatz mobile voting app shredded by MIT, dust-up ensues The latest from the Vault7 trial Reality Winner seeking clemency Ring to force all users on to 2FA Israeli court rules Facebook must reinstate NSO staff profiles USG drops more North Korean samples OpenSSH gets Fido/U2F support This week’s sponsor interview is with Dave Cottingham from Airlock Digital. They make whitelisting software that’s actually useable. And until I did this interview I didn’t know that their agent actually does host hardening as well, which is pretty cool. Since we last spoke they’ve also popped up in CrowdStrike’s app store thingy, which means a bunch of you Crowdstrike customers will be able to dabble in some whitelisting if you want to. Dave joins the show to talk about a bunch of stuff, including their experience having Silvio Cesare do a code audit on their agent. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes DHS says ransomware hit US gas pipeline operator | ZDNet Ransomware Impacting Pipeline Operations | CISA U.S. charges Huawei with conspiracy to steal trade secrets, racketeering Voting App Flaws Could Have Let Hackers Manipulate Results | WIRED 'Sloppy' Mobile Voting App Used in Four States Has 'Elementary' Security Flaws - VICE Voatz Response to Researchers’ Flawed Report - Blog @ Voatz Microsoft to deploy ElectionGuard voting software in first real-world test | ZDNet Joshua Schulte's attorneys are trying to call Mike Pompeo in the Vault 7 trial Joshua Schulte's defense asks for a mistrial in the Vault 7 case Reality Winner seeks clemency for leaking NSA report on Russian hacking attempts Ring to enable 2FA for all user accounts after recent hacks | ZDNet Facebook must unblock NSO Group employee’s account, Israeli court rules US government goes all in to expose new malware used by North Korean hackers | Ars Technica Israeli soldiers tricked into installing malware by Hamas agents posing as women | ZDNet Hamas-linked hackers exploit current events to spy on rival Palestinian officials, researchers say Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world | ZDNet Leaked report describes Federal Parliament's cyber security as having 'low level of maturity' - ABC News (Australian Broadcasting Corporation) Data Protection Authority Investigates Avast for Selling Users’ Browsing History - VICE Pay Up, Or We’ll Make Google Ban Your Ads — Krebs on Security Ohio man arrested over darknet bitcoin laundering operation | The Daily Swig IOTA cryptocurrency shuts down entire network after wallet hack | ZDNet A Light at the End of Liberty Reserve’s Demise? — Krebs on Security Signal Is Finally Bringing Its Secure Messaging to the Masses | WIRED Hundreds of Millions of PC Components Still Have Hackable Firmware | WIRED OpenSSH adds support for FIDO/U2F security keys | ZDNet Second Windows 10 update is now causing problems by hiding user profiles | ZDNet Nasty Android malware reinfects its targets, and no one knows how | Ars Technica Google removes 500+ malicious Chrome extensions from the Web Store | ZDNet FBI: BEC scams accounted for half of the cyber-crime losses in 2019 | ZDNet foone on Twitter: "So I learned of an amusing bug today: Docker for Windows won't run if you have the Razer Synapse driver management tool running. But the reason is the funny part... https://t.co/s42SeQ949z" / Twitter

David Lindner (@golfhackerdave) joins Seth and Ken discuss the voting applications, including the Iowa debacle and the Voatz application. Ranting on bug bounties and response times for researcher findings. An explanation of IAST, RASP, and WAFs.

David Lindner (@golfhackerdave) joins Seth and Ken discuss the voting applications, including the Iowa debacle and the Voatz application. Ranting on bug bounties and response times for researcher findings. An explanation of IAST, RASP, and WAFs.

Utah County launched a mobile voting application called Voatz last year to allow members of the military and disabled citizens to join in the democratic progress. But  a team of MIT researchers said that “Voatz is vulnerable to a number of attacks that could violate election integrity.”  

Jonathan Johnson, CEO of Overstock and president of Medici Ventures, joins Lee to defend the voting app, Voatz, in use in Utah County against MIT researchers who said the app was vulnerable to security flaws. Johnson also says the debacle in the Iowa caucuses shouldn't stop progress in allowing more citizens to vote.

We sit down with Nimit Sawhney, Founder & CEO of Voatz, and Hilary Braseth, Director of Product, to discuss innovation within the election industry, the SxSW hackathon origin story of Voatz, mindsets learned from previous jobs, and advice to young entrepreneurs.

A conversational, full-length interview with Hilary Braseth, director of product at Voatz. We discuss how Voatz is transforming the way we engage in and with elections, challenging powerful systems and actors, and why it’s important to engage in dialogue with those who have different opinions. Visit: Voatz.com.

Sandra Ro, the CEO of the Global Blockchain Business Council and former head of digitization at CME, explains what the GBBC does, how it chooses partners, and what level of involvement they have with projects under the GBBC umbrella. We discuss some of the more controversial projects, such as the Voatz pilot that conducted election voting using blockchain technology, as well as how she responds to people saying many "blockchain" projects could instead use a database. She also reveals why she believes that the US will eventually lead the world on crypto regulation, why she thinks that there's strength in the fragmentation in US regulations and what she thinks is the best way forward on the BitLicense. Plus, she gives us the inside scoop on what it took for her to get CME to launch Bitcoin futures.  Thank you to our sponsors! Crypto.com: https://www.crypto.com/ Kraken: https://www.kraken.com CipherTrace: http://ciphertrace.com/unchained Episode links: Sandra Ro: https://twitter.com/srolondon GBBC: https://gbbcouncil.org/ Previous Unchained interview with Sandra: https://unchainedpodcast.com/what-is-one-of-the-worlds-largest-derivatives-exchanges-doing-with-bitcoin/  Controversy over Voatz: https://slate.com/technology/2019/07/west-virginia-blockchain-voting-voatz.html Episode with Jake Chervinsky: https://unchainedpodcast.com/all-things-crypto-regulation-with-jake-chervinsky/ Jeremy Allaire on Unconfirmed on why the US needs a new category for digital assets: https://unchainedpodcast.com/jeremy-allaire-on-why-the-us-government-needs-a-new-category-for-digital-assets/ Fred Wilson on crypto regulation in the US: https://avc.com/2019/05/defendcrypto-org/ Ted Livingston on why Kik set up DefendCrypto.org: https://unchainedpodcast.com/kin-sets-up-5-million-defendcrypto-org-to-take-on-the-sec/ Unchained interview with Juthica Chou: https://unchainedpodcast.com/ledgerx-on-the-reasons-to-trade-bitcoin-options/ Patent for physically settled cryptocurrency derivatives contracts: https://www.coindesk.com/cme-explores-cryptocurrency-derivatives-contracts-in-patent-filing Ro named to New York State Digital Currency Task Force: https://www.coindesk.com/new-york-legislature-names-initial-members-to-crypto-task-force The Libra Association's Dante Disparte on Unconfirmed: https://unchainedpodcast.com/libras-dante-disparte-on-why-we-should-trust-a-financial-system-designed-by-facebook/

Sandra Ro, the CEO of the Global Blockchain Business Council and former head of digitization at CME, explains what the GBBC does, how it chooses partners, and what level of involvement they have with projects under the GBBC umbrella. We discuss some of the more controversial projects, such as the Voatz pilot that conducted election voting using blockchain technology, as well as how she responds to people saying many "blockchain" projects could instead use a database. She also reveals why she believes that the US will eventually lead the world on crypto regulation, why she thinks that there's strength in the fragmentation in US regulations and what she thinks is the best way forward on the BitLicense. Plus, she gives us the inside scoop on what it took for her to get CME to launch Bitcoin futures.  Thank you to our sponsors! Crypto.com: https://www.crypto.com/ Kraken: https://www.kraken.com CipherTrace: http://ciphertrace.com/unchained Episode links: Sandra Ro: https://twitter.com/srolondon GBBC: https://gbbcouncil.org/ Previous Unchained interview with Sandra: https://unchainedpodcast.com/what-is-one-of-the-worlds-largest-derivatives-exchanges-doing-with-bitcoin/  Controversy over Voatz: https://slate.com/technology/2019/07/west-virginia-blockchain-voting-voatz.html Episode with Jake Chervinsky: https://unchainedpodcast.com/all-things-crypto-regulation-with-jake-chervinsky/ Jeremy Allaire on Unconfirmed on why the US needs a new category for digital assets: https://unchainedpodcast.com/jeremy-allaire-on-why-the-us-government-needs-a-new-category-for-digital-assets/ Fred Wilson on crypto regulation in the US: https://avc.com/2019/05/defendcrypto-org/ Ted Livingston on why Kik set up DefendCrypto.org: https://unchainedpodcast.com/kin-sets-up-5-million-defendcrypto-org-to-take-on-the-sec/ Unchained interview with Juthica Chou: https://unchainedpodcast.com/ledgerx-on-the-reasons-to-trade-bitcoin-options/ Patent for physically settled cryptocurrency derivatives contracts: https://www.coindesk.com/cme-explores-cryptocurrency-derivatives-contracts-in-patent-filing Ro named to New York State Digital Currency Task Force: https://www.coindesk.com/new-york-legislature-names-initial-members-to-crypto-task-force The Libra Association's Dante Disparte on Unconfirmed: https://unchainedpodcast.com/libras-dante-disparte-on-why-we-should-trust-a-financial-system-designed-by-facebook/

Today's blockchain and cryptocurrency news Bitcoin is down 4.8% at $10,019 XRP is down 3.6% at 31 cents and Ethereum is down 4.3% at $212 Top gainers in the last 24 hours: Zclassic up 17% Refereum up 16% The House of Commons’ Digital, Culture, Media and Sport committee has expressed concern that Facebook will have too much power after launching a cryptocurency. The VOATZ mobile voting app is launching another pilot program. Justin Sun is rescheduling his lunch with Warren Buffett. Iran has approved cryptocurrency mining as an industry within its borders.

Nimit Sawhney, CEO, Voatz, a Boston based start-up in the mobile voting space, talks about their innovative approach to secure mobile voting using blockchain and the camera in the mobile device to provide biometric data to verify identity of the voter.  With the ability to produce a printable marked ballot, this approach may be a way to satisfy election officials while including more voters in the process thanks to easy accessibility for all including those serving in the military overseas and the disabled. @voatz Voatz.com

Today's cryptocurrency and blockchain news. eToro Launches in Thirty-one States Kraken Hires Matt Mason as Chief Marketing Officer Six Bitcoin Mining Pools Control Seventy-five Percent of the Bitcoin Hashrate Denver Pilots Voting on Blockchain via App

From Bio Major to Lobbying for Blockchain Kristin Smith is the Director of External Affairs at The Blockchain Association, a trade association for the blockchain industry. Raised in California. Earned her B.A in Biology and an M.A. in Legislative Affairs from George Washington University. Earned her 2nd M.A. in Communications, Culture and Technology from Georgetown University, and her 3rd graduate degree from NYU where she earned an MBA Smith's first government job was interning for Sen. Conrad Burns. She worked as a legislative assistant in the U.S. Senate, before working as a Deputy Chief of Staff in the U.S. House of Representatives, where she worked on technology policy. Smith has worked at several lobbying firms, The Alpine Group, VogelHood Group and Thompson Coburn, LLC. “After looking at other jobs, you realize lobbying is amazing. It's a wonderful job where you get to interact with interesting people.” Voatz is a Boston based company that creates electronic voting systems for mobile devices using Blockchain technology, currently used in local elections and most recently in WV for military service members. With the potential to revolutionize elections in the United States, Voatz plans to roll out in more states on a larger scale.   Quick Links about Blockchain Technology How Does a Blockchain Work? - Simply Explained Video Blockchain Explained by Luke Fortney via Investopedia For Policy Wonks, check out Coincenter.org for issues facing Blockchain. Help us grow! Leave us a rating and review - it's the best way to bring new listeners to the show.  Have a suggestion, or want to chat with Jim? Email him at: Jim@theLobbyingShow.com Follow The Lobbying Show on Facebook, Instagram, and Twitter for weekly updates about the show, our guests, and more.

With everyone logging valuable family time this week and wondering if it's worth returning that sweater, we decided to do something a little different and run a special holiday episode, one that features just Connie Loizos in conversation with Bradley Tusk, a venture capitalist, philanthropist, book author and, earlier in his career, a trusted aid to billionaire Michael Bloomberg, whose successful third run for mayor of New York -- the first and only mayor to serve three consecutive terms -- was managed by Tusk. In fact, one of Tusk's first roles after moving on from politics was an early advisor to Uber, which sought out his know-how about both regulatory environments and upturning the status quo. Perhaps because all of these interests, Tusk has become among the country's most visible proponents of mobile voting, supporting -- though not investing in -- a app called Voatz that was first used in a small pilot project in West Virginia last spring that gave overseas citizens and members of the military the option of using it to cast ballots on their phones. Not a whole lot of attention was paid to the project at the time, though when the app was used again in 24 West Virginia counties in the mid-term elections, critics who worry about voter fraud were quick to call it an "horrifically bad idea." That isn't stopping Tusk from getting behind more mobile voting efforts, which we chatted about recently for "Equity," along with a bunch of other things, including the brow-raising valuation that Uber's bankers have bandied about in conversations about its upcoming IPO, how important it is for Uber to beat Lyft to the public market (assuming they move forward with plans to go out despite the suddenly rocky markets), and what it means for fintech startups that Democrats are taking over control of the House in another week. We always enjoy talking with Tusk; we hope you'll enjoy our chat, too. In the meantime, a quick reminder that after this, we're off for two weeks, then back in full force in the middle of January. Until then, all of us wish you very happy holidays and a terrific New Year. More soon!

With everyone logging valuable family time this week and wondering if it's worth returning that sweater, we decided to do something a little different and run a special holiday episode, one that features just Connie Loizos in conversation with Bradley Tusk, a venture capitalist, philanthropist, book author and, earlier in his career, a trusted aid to billionaire Michael Bloomberg, whose successful third run for mayor of New York -- the first and only mayor to serve three consecutive terms -- was managed by Tusk. In fact, one of Tusk's first roles after moving on from politics was an early advisor to Uber, which sought out his know-how about both regulatory environments and upturning the status quo. Perhaps because all of these interests, Tusk has become among the country's most visible proponents of mobile voting, supporting -- though not investing in -- a app called Voatz that was first used in a small pilot project in West Virginia last spring that gave overseas citizens and members of the military the option of using it to cast ballots on their phones. Not a whole lot of attention was paid to the project at the time, though when the app was used again in 24 West Virginia counties in the mid-term elections, critics who worry about voter fraud were quick to call it an "horrifically bad idea." That isn't stopping Tusk from getting behind more mobile voting efforts, which we chatted about recently for "Equity," along with a bunch of other things, including the brow-raising valuation that Uber's bankers have bandied about in conversations about its upcoming IPO, how important it is for Uber to beat Lyft to the public market (assuming they move forward with plans to go out despite the suddenly rocky markets), and what it means for fintech startups that Democrats are taking over control of the House in another week. We always enjoy talking with Tusk; we hope you'll enjoy our chat, too. In the meantime, a quick reminder that after this, we're off for two weeks, then back in full force in the middle of January. Until then, all of us wish you very happy holidays and a terrific New Year. More soon!

Let's get the fish in the barrel out of the way. Voatz are a tech startup whose bright idea was to disrupt democracy by having people vote on their phone, and store the votes on, you guessed it, a blockchain. Does this sound like a bad idea? Welp. It turned out that they seemed awfully casual about basic principles of software security, such as not hard-coding your AWS credentials. It turned out that their blockchain was an eight-node Hyperledger install, i.e.

We’re back on our regular schedule with a special guest, WIRED Senior Writer, Lauren Goode. We all endured a horrible week in which YouPorn finally decided to ban lunatic Alex Jones, and Lauren spun around on a 3D scanner like a cat on a Roomba. We also shut down the Green Party candidate from outer space, voting on the blockchain, Magic Leap, luxury chicken diapers and the Oscars’ desperate attempt to boost ratings. HEAR US ON ITUNES https://itunes.apple.com/us/podcast/this-week-in-nope/id1312654524?mt=2 STITCHER https://www.stitcher.com/podcast/this-week-in-nope SOUNDCLOUD https://soundcloud.com/user-518735966/tracks OVERCAST https://overcast.fm/itunes1312654524/this-week-in-nope In this week’s episode... Read Lauren Goode’s review of Naked Labs’ 3D body scanner in WIRED: https://www.wired.com/story/naked-labs-3d-body-scanner/?mbid=social_twitter_onsiteshare Check out this thoughtful op-ed by David French detailing a legitimate rationale as to why Alex Jones should be banned: https://www.nytimes.com/2018/08/07/opinion/alex-jones-infowars-facebook.html We are living amidst the Summer of Grifting, and no beverage has been spared. Here’s the story of the Las Vegas coffee grifter: https://munchies.vice.com/en_us/article/ne5d4g/mysterious-coffee-grifter-has-sent-the-same-weird-handwritten-letter-to-hundreds-of-roasters Check out Green Party space alien Joe Manchik’s bio here: https://www.facebook.com/manchikengineering/about?lst=570510487%3A701693075%3A1533779673§ion=bio Here’s where Democracy dies, on the blockchain, with a tiny startup called Voatz: https://www.vanityfair.com/news/2018/08/smartphone-voting-is-coming-just-in-time-for-midterms-voatz Lern more about Magic Leap, the startup that raised $2.3 billion and then released a product that was...meh. https://www.wired.com/story/magic-leap-one-creator-augmented-reality-inside-story/ Need diapers for your pet chicken? Look no further: https://theoutline.com/post/5608/bury-me-in-chicken-diapers?zd=1&zi=sygi2a2k Here’s why #OscarsSoNope https://www.npr.org/2018/08/08/636743517/changes-are-coming-to-the-oscars-heres-what-we-know Big #YUP to… Lauren and her cat Nougat, who is the proud owner of a $139 item called Modkat, described as “the iPhone of litter boxes” on the ultimate episode of the “Too Embarassed to Ask” podcast. Check it out here: https://www.recode.net/2018/8/3/17646320/lauren-goode-kara-swisher-final-episode-too-embarrassed-to-ask-podcast-finale And you can subscribe to Lauren’s current podcast, Gadget Lab, here: https://itunes.apple.com/us/podcast/gadget-lab/id266391367?mt=2 “The Song of Achilles,” which Brian says is a cross between “Call Me By Your Name” and “Love, Simon” but set in Ancient Greece and with more violence: https://www.amazon.com/dp/B006IE2IO8/ref=dp-kindle-redirect?_encoding=UTF8&btkr=1 Australian and Kiwi firefighters who flew all around the world to help put out the California wildfires: https://www.sacbee.com/latest-news/article216206915.html

Shortly after Overstock began accepting Bitcoin in January of 2014, the potential applications of blockchain technology became apparent. In response, Overstock established Medici Ventures, a division that's designated to advance companies that promote the development and implementation of blockchain technology. Jonathan Johnson, who is on the Overstock Board of Directors and serves as president of Medici Ventures, discusses a few of the new and exciting technologies he's helping to advance. T-0 is a company that's developing a security token platform on which secure tokens can be digitally traded with no time lapse between paying for a security and receiving it. Although the volume of equities and securities on the platform is still low, Johnson forecasts a growing need for a security token platform, especially after last year's ICO boom and related statements made by the SEC. Having just launched a demo of the new build-out of the system, T-0 is prepared for an influx of securities. Medici Ventures is also supporting the implementation of Voatz, a blockchain-based platform for digital and remote voting. The platform will allow people to vote securely and privately on their mobile devices, receive confirmation that their vote has been cast, and get results in real time. In addition, it will greatly reduce absentee voting by reaching members of the military who are serving in remote areas. This technology was recently and successfully used at the Michigan State Democratic Convention, and is being tested in two counties in West Virginia. If successful, West Virginia will roll out the technology to the entire state for the general election in November. Tune in to hear more about the companies in the Medici Ventures portfolio, and visit mediciventures.com to learn more.

This episode features Nimit Sawhney, Co-Founder and CEO of Voatz. This up-and-coming startup is changing how we vote, by using blockchain security technology on their mobile elections platform.

A podcast surveying Tech, Startup and Venture Capital News. A lot of #FinTech and #SaaS News! Featuring Alibaba, Baidu, Oracle, RBC, CIBC, Planswell, Wellington Financial, Aconex, Convercent, Peel-Works, Xage, Voatz, and Asia Mobility Industries This episode reads news from Forbes, BetaKit, CNBC, Bloomberg, VCcircle, TechCrunch, Livemint, and VentureBeat Background Music: Maple Syrup - Dedication (One for B.) Freddie Joachim - Let Me Know

Bradley Tusk talks with Nimit Sawhne, CEO of Voatz.

Welcome to episode #231. On the show: Viewswagen wants to sell ads in Uber and Lyft; Density brings local establishment crowd numbers to mobile; Twitter invests in Swirl; Gannett pours millions on Gravy; Track your luggage with BagJourney; Order your rickshaw in India with Chaloge Kya; MomCo helps mothers connect with each other and local businesses; Voatz hopes to bring the vote to the voters; Leap Transit makes taking the bus the destination; Air Orchard and Ant Man innovate on billboard advertising; LessThan100 adjusts prices based on gender. Full show notes can be found here.

Welcome to episode #231. On the show: Viewswagen wants to sell ads in Uber and Lyft; Density brings local establishment crowd numbers to mobile; Twitter invests in Swirl; Gannett pours millions on Gravy; Track your luggage with BagJourney; Order your rickshaw in India with Chaloge Kya; MomCo helps mothers connect with each other and local businesses; Voatz hopes to bring the vote to the voters; Leap Transit makes taking the bus the destination; Air Orchard and Ant Man innovate on billboard advertising; LessThan100 adjusts prices based on gender. Full show notes can be found here.