"Is eSIM safer than a physical SIM?" has a more interesting answer than most articles give. Each SIM type, physical, eSIM, and iSIM, has a different architecture and a different attack surface ...

AI agents are useful, but they become risky when they can take action in real systems. In this episode, Tom Eston discusses recent reporting about attackers tricking Meta’s AI support chatbot into ...

Most engineers think about data storage and data processing as one technical problem. Regulators treat them as two very different things, and the gap between those views is where compliance violations quietly ...

Mobile apps are now deeply connected platforms for identities, payments, sessions, APIs, healthcare, retail, gaming, and cloud services. In this special episode, Tom Eston talks with Joel Destefano, Senior Product Manager at ...

As smart glasses become more capable, concerns about face recognition, covert recording, and biometric surveillance are growing ...

Flock and similar systems have demonstrated undeniable value in solving crimes. They have also demonstrated an unprecedented capacity to document the movements of ordinary citizens ...

Microsoft’s response to a researcher publicly disclosing proof-of-concept exploit code has reignited an old debate in security: where does responsible disclosure end and reckless disclosure begin? Tom and Scott discuss the Nightmare ...

Hackers convinced an AI support bot to hand over Instagram accounts by changing recovery email addresses ...

What began with stolen passwords ended with the exposure of nearly seven million users' DNA-related data, according to California's lawsuit ...

Kochava tells companies what regulators expect: Affirmative express consent, consumer-requested use, supplier assessment, sensitive-location suppression, downstream accountability, withdrawal rights and deletion. Meta tells plaintiffs what courts may demand: Specific allegations showing unauthorized ...