Silent Mode Cafe
Welcome to Silent Mode Cafe, the podcast where we translate the digital realm into plain English. From data privacy and basic internet security to smart home gadgets and the latest AI developments, we serve up tech insights with a side of caffeine.
Silent Mode Cafe
Weekly Roundup - Security Nightmares That'll Make Your Phone Cry
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Digital security has reached a critical point with multiple major breaches threatening user data worldwide. We break down the most pressing threats and provide practical steps to protect yourself without needing technical expertise.
• Google Salesforce breach exposing customer data, leading to sophisticated phishing attempts
• Apple and WhatsApp pushing critical updates to patch vulnerabilities where even photos can hack your phone
• 77 Android apps caught stealing banking details from nearly 20 million installations
• TransUnion credit bureau breach exposing 4.4 million identities and complete credit reports
• AT&T settlement offering up to $7,500 for eligible customers with November 18 deadline
• The rise of "vibe coding" with AI assistance creating apps with serious security vulnerabilities
• Simple solutions like enabling passkeys, freezing credit, and regular app auditing
Keep your devices updated, remove unnecessary apps, freeze your credit, and check if you qualify for the AT&T settlement before the deadline.
Welcome to Silent Mode Cafe
Speaker 1one right on . Welcome to silent mode cafe .
Speaker 2I'm uh salah what's happening uh , and I'm vivek , this is your weekly privacy pit stop . So in less than 30 minutes , you'll know what's risky , what's hype and , uh , what you should do , what you should actually do so , vivek , listen , I'm uh , I'm jet lagged .
Speaker 1We'll talk about this at the end . I've come back from um you can almost say three back-to-back trips , two of them international . Um , I'm I'm drinking a I'm gonna call it like cocaine in a can , like this stuff , this like an energy drink . It's absolutely amazing . So I'm a little hyped up right now . It's very early in the morning for me , but there's a lot going on . Look , google Salesforce breach really interesting this is I don't know how to put this , but this is going to mean a lot more than fake emails in your inbox . This , but this is going to mean a lot more than fake emails in your inbox .
Speaker 1Apple and WhatsApp pushing must-do updates , and it's always interesting to me when Apple says , hey , you absolutely need to update this right now . You know there's something bad behind it . 77 Android apps caught stealing your info . Don't be too surprised . Don't be too surprised . Wow , I know you're just shocked right now . And the last one a credit bureau spilling millions of identities . And then , lastly , you know this has been going on for a while now but the AT&T settlement . And another one not the one we talked about before , but another 18 settlement that could literally put money back in your pocket .
Speaker 2Yeah , well , so think of this show , I guess , like a security checkup based on everything that's happened . So you don't need a tech degree . What we'll do in this show is we'll quickly go through like 10 minutes of headlines , 15 minutes of deeper dives and then three minutes of quick fixes that anyone can do , and we don't need a tech degree for it . So that's what we'll do .
Speaker 1So , yeah , yeah , and look , please reach out to us . We are definitely here , we're definitely listening to you and we recently did get a pretty nice email from one of our listeners and I really appreciate it . Should I call the guest out by name or just keep it anonymous ?
Speaker 2Keep it anonymous .
Speaker 1Keep it anonymous , but I'll just say the initials CR . We got your email . You're absolutely welcome . This is our passion . We love doing what we're doing , so really appreciate the feedback . Okay , with that out of the way , let me let hey folks look . You can email us or you can just DM us on any of the apps that we're on . We're on all the social media platforms , so at Silent Mode Cafe . All right , vivek . So first up , let's run through some rapid
Headline Roundup: Google, Apple, Android
Speaker 1fire here . First up , google Some of their Salesforce data , which is a customer record management system , folks . So the takeaway for you guys is just expect a lot more fake emails pretending to be invoices or Google support .
Speaker 2Exactly so your action in 10 seconds it's pretty simple is you turn on passkeys for the Google account and remove any apps you don't use that have access ?
Speaker 1any apps you don't uh , use that have access . Okay , that's well pretty simple , that that's an easy fix . And then , um , look , let's jump to apple . One bad photo could hack your phone . No joking .
Speaker 2Update your iphone or mac immediately so go to settings , then go to general , then go to software update and done . Do that on your , you know . Do that on your phone , you know , even on your Mac , but it typically remains has the same flow settings , general , software update and you're done . The update protects you way more than scrolling through warning tweets .
Speaker 1That's crazy , and it looks like WhatsApp too . Spyware can now get in without you tapping a single thing and just again update your WhatsApp now .
Speaker 2That's literally , it Just update before they update you .
Speaker 1So Android users listen up . Right 77 apps , vivek , nearly 20 million installs , and many of them were stealing banking details Wow .
Speaker 2I wonder what scrutiny did they have before publishing them ? So this is what you do you check your phone for random keyboard photo apps or PDF readers . If you don't recognize it , delete it , especially if it asks for special permissions . So I'll say it again Check your phone for random keyboard photo apps or PDF readers . If you don't recognize it , delete it , remove it . That's interesting .
Speaker 1I think we talked about this in the last podcast . Folks just take time Whenever you're on a flight , whenever you're sitting there bored . I know jumping through social media is also fun , trust me , I know but run through your phone and just do house cleaning . Clean up your phone , all right . The next topic Vivek . Really interesting . This is a shock . The Credit Bureau TransUnion 4.4 million identities spilled . That is your credit report in the wild . That is literally all your personal data , your credit report in the wild . So how do we fix it ?
Speaker 2So quick fix freeze your credit , it's free , takes five minutes online and blocks thieves from opening new accounts in your name . We've already talked about a product . We're not sponsored by them . We just love the product LifeLock . That's one of the products that we've said since the beginning of our podcast series , but it's a quick fix you freeze your credit , takes five minutes online and that's it .
Speaker 1You know , on this topic . So I'm currently in LA , right now with it , and my son has a soccer tournament and one of the parents of the his soccer teammates is actively dealing with their accounts being hacked right now . Right , and , and thankfully they're also using LifeLock , but heock , but they're telling me about the nightmare that they're going through and all the constant hits that they're receiving of their credit and their information being attacked , like attempted credit opens and et cetera , and truly , lifelock is saving them right now . So , look , there are other products , but I just highly recommend it . Okay , finally , finally .
Speaker 2AT&T . If you're a customer a few years back , you may be owed money . Some folks can claim up to $7,500 from AT&T claims up to $7,500 for some of the older AT&T customers and I'm one of them . So the deadline is November 18th . So Google AT&T settlement claim that's what you should search for . So Google AT&T settlement claim bookmark it . That's one link that's worth clicking .
Speaker 1You know that was an interesting rapid fire . Let's dive in a little deeper into some of these topics . Right
Deeper Dive: Current Security Threats
Speaker 1, and here's the thing about the Google breach that leaked data and the information that was leaked email , job titles , et cetera . Right , but scammers love boring . That's exactly what they need to trick you with fake invoices or fake customer support .
Speaker 2Right . So the best move is please don't stress the leak , just make sure your Google account uses passkeys , not old school text codes . I think the best way is to do passkeys or authenticators Okay and cut off some of the old apps that you don't use , similar to what we were discussing on the Android side of the house .
Speaker 1Interesting , yeah , so let's dive into this WhatsApp thing , the Apple update , right , right . So Apple and WhatsApp , they're facing the fancy stuff spyware . I'm telling you , I don't know who's naming these spywares , but I'm starting to think that it's us and these marketing organizations that are behind all of these hacks , because they all have such killer names . So this one is called fancy stuff spyware . That , um , and this is interesting because you and this is really scary , because you really don't need to tap anything uh , for you to be a victim are you saying that ?
Speaker 2uh , spyware groups are now hiring marketing people to brand their hacks .
Speaker 1Dude , you know the reality is is that you know I , you know , you know me right , I was on the technical side and then I got onto the product development side and when I started moving towards onto like how do I get my product out there , and focusing on the marketing aspect of the industry , I realized marketing is truly the biggest data collector in the industry . That is true . It is kind of mind-blowing .
Speaker 2The original spyware data collector .
Speaker 1Dude , I'll tell you , Google is in business for a reason . Let's just put it that way A hundred percent .
Speaker 2I think that , yeah , that , yeah , that seals that conversation .
Speaker 1So when I tell you folks , all these applications are collecting data , there's a reason I'm telling you this Just protect yourself , yeah .
Speaker 2So your only defense when you have spyware stuff is make sure your applications are updated . So turn on automatic updates and you don't have to think about it again . So that's the solution to all this fancy stuff in spyware Just make sure your applications are up to date with the latest release .
Speaker 1Okay , and just a quick bonus . You know , on the iPhone not that I'm knocking Android , but on the iPhone you can turn off lock screen message previews and limit third-party keyboard access right .
Speaker 2Oh , that's cool .
Speaker 1Yeah , less data leaking , less stress .
Speaker 2Nice .
Speaker 1All right , man . Next topic Android malware . Man , those 77 Android apps . You know they start innocent and then flip later and start stealing .
Speaker 2Yeah , so like downloading a free calculator app as an example , that suddenly turns into a pickpocket . So if an app asks for accessibility permissions huge red flag delete it .
Speaker 1So bottom line for Android users keep fewer apps right , audit monthly , less clutter , less risk .
Speaker 2Yeah , so we're coming down to the closing
Travel Insights: Vibe Coding Worldwide
Speaker 2section . So , salah , I know you were traveling for like three crazy weeks , so I'd love to get your thoughts on some of the travels you did , at least from a society perspective . What are you seeing ? I know you traveled to the Middle East for like two weeks . I did . So what are you seeing on that side of the world , as we colloquially say Middle Earth ?
Speaker 1So in the Shire ? No , seriously . So I went to Dubai and then I went to Lebanon and I visited some family and friends and check this out . Vibe coding is literally hitting every corner of this world . So I was chatting with this guy . He's created this incredible app where he's like you're only here for a couple of days . If you need anything , you just use my app and you can order everything on this app and what it does is it just collects everything from , like , your Burger King to a coffee to . You just need a bar of soap from your local store . Right , and my mind was blown . I mean , the app Vivek was incredibly well done . The UI UX was great . Well done , the UI UX was great .
Speaker 1And then I flipped the script and I started asking him hey , how many users do you have ? What's your key performance indicators Like , what are you tracking ? What's the usage look like ? And he doesn't know any of that . And it blew my mind because that Bill , you know , is him and a couple of engineers , right , using ai . So the barrier to entry as a result of ai means these guys can literally vibe code a new app . Yes , and he hired , like a bunch of you know , delivery dudes around the country . Um , and now he has this app and he's managing it and it's successful and it's great . And then the security question came up . You know is that's where it all goes . It all goes , yeah , you know . I'm like okay , so you have an app . How vulnerable is this app ? Are there any holes in it ? I'm thinking Swiss cheese , right , and then you're collecting people's data , like my data , and I'm paying you the good news is most people well , most people are paying , yes , data , and I'm paying you .
Speaker 1The good news is , most people well , most people are paying , uh , yes , you , can you apple pay ? Uh , credit card , right , it integrates , but most people pay cash , but regardless , yeah , regardless , dude , barrier to entry . I feel like we're in this new world where people are going to vibe code a boatload of applications , because now it's like from idea to execution , yeah , is weeks away .
Speaker 2Yeah , it is . Um , I think there's a lot of hype of saying weeks away , but it's become definitely much , much easier . A hundred percent , right , like that floor is gone off . Like , hey , my ip is the most important thing . Right , I completely get it . And on the security question , uh , that's an Achilles heel right for vibe-coded apps , which is kind of surprising . By the way , do you know that Claude Code has now got the ability to ? You can invoke an agent that does a security review off the code that it has written , vibe-coded .
Speaker 1Okay , so , so it's kind of fascinating . So , claude is what ?
Speaker 2So Claude Code is anthropic , Claude Code is how do I put it ?
Speaker 1It's like that it's a competitor to OpenAI .
Speaker 2It's a competitor to OpenAI .
Speaker 1So it's another AI agent , but this one is specialized in writing code .
Speaker 2Models are amazing when it comes to writing code and tech .
Speaker 1And I believe most people vibe code on something like Cloud right .
Speaker 2So it's either Cursor is the big one in the US and Cloud Code because it's just . The models are phenomenal .
Speaker 1So these AI agents are specialized in writing code , and that's where people are . Well , who knows ? Most people are probably using open AI , but those are other tools that they could use , and you're telling me that cloud code has the ability to do security checks on your code On its own code . Oh , that's amazing .
Speaker 2So they have , like , different agents that you can call and we can get into the technical details later on you should have a full podcast and invite someone to do it . Yeah , but essentially , you know , it's a big issue for what you saw in Dubai and that's a classic case right where people are recoding apps but are not looking at security , and that's what you're seeing . That's amazing and that's what you're seeing . It's fascinating , that's amazing and that's the Achilles heel right now .
Speaker 1I love hearing that , because you know it is a concern that people can just vibe code their way into a killer app and it could just be adopted overnight .
Speaker 2Overnight . Yeah , the value to entry now from a tech perspective is gone .
Speaker 1Amazing
The AI Security Paradox
Speaker 1. All right , folks . Well , that's the wrap . Thank you , Vivek .
Speaker 2Thank you Salam . Thank you all for attending . Thank you for joining Until next time .
Speaker 1Talk to you later .