Podcast Episode 9: The Jon Brown Interview and Vulnerabilities, The Dark Web, Scams, Oh My!
We cover quite a few news stories this week, including two plugins requiring immediate updating due to disclosed vulnerabilities, what we can expect from WordPress version 5.2 and a dark web marketplace that appears to have exit scammed users. We follow up on Google Sensorvault, a great interview with Richard Stallman about Facebook and JetBlue’s use of facial recognition technology. We take a look at GoDaddy’s removal of 15,000 spam subdomains, the Docker breach and Slack’s upcoming IPO and their dire warning to investors.
This week, I chat with Jon Brown, CEO of 9seeds, a digital agency. We chatted at Chris and Katie Bayer’s Black Mountain Coffee Roastery in Idyllwild, California. Jon and I talk about running an agency, remote work, being a digital nomad and of course, WordPress. We had a great conversation, and I think you’ll enjoy it.
Here are approximate timestamps in case you want to jump around:
1:15 WordPress plugin WooCommerce Checkout Manager vulnerabilities
3:40 Buddy Press vulnerabilities disclosed
4:42 WordPress 5.2 expected release
9:27 Dark web marketplace exit scammed
12:20 Congress asking questions about Google Sensorvault
14:39 Richard Stallman on Facebook
21:10 JetBlue facial recognition
26:17 GoDaddy spammy subdomain
29:25 IoT devices with P2P component flaws vulnerable
32:12 Docker breach
37:33 The Slack pre-IPO SEC disclosure
41:39 The Jon Brown Interview
Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.
Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.
This week in the news we cover:
- Vulnerabilities found and patched in the WooCommerce Checkout Manager plugin that provides customization of fields on checkout pages.
- BuddyPress release version 4.3.0 contains a number of security patches.
- WordPress version 5.2 will contain a number of improvements to Gutenberg, Site Health dashboard, and accessibility for wp-admin dashboard. A new fatal error recovery mode will create fewer problems for site owners if a plugin or theme update if there is a problem.
- The dark web marketplace Wall Street Market (WSM) has exit scammed with over $14.2M in user funds.
- Congress is asking for details about the Google Sensorvault program we previously discussed on the podcast.
- Richard Stallman, founder of the Free Software Foundation and author of the GPL, was interviewed about Facebook the surveillance monster feeding on our personal data.
- JetBlue is leveraging use of facial recognition software and a Homeland Security database which is concerning to those who were unaware of its use.
- GoDaddy has taken down over 15,000 subdomains that have been used for online scams after a Palo Alto Network two-year research project.
- Over two million IoT devices are vulnerable because of P2P component flaws.
- Hackers have breached Docker Hub, a programming tool used by developers, compromising keys and tokens for over 190,000 accounts.
- In preparation for their IPO, Slack warns investors that they’re a target for nation-state hacking as well as other hackers.
You can find me on Twitter as @mmaunder and Kathy as @kathyzant, and Jon Brown at @jb510 or at 9seeds.com. Please don’t hesitate to post your feedback in the comments below.
Comments
4:02 pm
Mark this came out GREAT! Thank you so much and look forward to chatting with you again someday, if not next time your in Idyllwild, then maybe somewhere else we can cross paths!
4:58 pm
I, love your protection, I am retired and if I start making money my plans for years have been to update. I have been listening to you on youtube. It must have felt the true "vibes" coming from the you all that work on wordfence. Never watch stuff like this and never over ten minutes. I watch the whole program now. This brings me back to the trust for I am a vet and very private. I found it awesome that You guys have the same out-look and feelings about things that I have. I found that so refreshing in this world. Thank you for all you guys do.
10:46 am
I just want you to know that I'm enjoying this podcast! I don't ever seem to have the time to listen to anything anymore - so much noise out there. But I'm finding this refreshingly interesting. I like how you guys are pretty high-level knowledge experts but also real folks who keep it down to earth while delivering a lot of useful information. I think it's an antidote to all of this Knowledge Business online marketing that's both too shiny and full of too many promises.
I also like what Jon Brown said about the difficulties of WordPress for the average civilian user - I'm pulling my hair out right now with a WooChimp plugin problem that all the usual solutions haven't solved. Just another day in the life of a VA! Cheers,
12:28 am
As a developer who helps clients that are less technical, can I just scream, "YES!" to this brilliant interview. The updates from plugins that promote sales and create new and more complex nag messages are driving me crazy. I'm having to spend more and more time removing plugins from client sites because "well...WordPress told me that I HAD to install this" or "I had to buy the upgrade...." The needless frustration for clients and the headaches are something I don't have time to advocate for, but I do hope that someone hears this and understands. Really wonderful interview. Love you folks. First plugin I install on every client site.
11:54 am
Ironic, I found this podcast through Facebook.