Security Bits Logo no alpha channel

Security Bits — 15 May 2022

Feedback & Followups

  • 🇪🇺 The enforcement of the EU’s Digital Markets Act (the first of the two big bills to be announced) has been delayed until 2023 —… (We did a deep-dive on it in early April)
  • 🇪🇸 The mystery of who may have targeted the Pegasus spyware at Catalan leaders deepened as the primary suspects, the Spanish government, revealed they were victims too —…
  • 🇺🇸 A bill has been introduced in Ohio State House to criminalise electronic tracking without consent, i.e., to explicitly outlaw AirTag/Tile stalking —…
  • Social Media Updates
    • Facebook are discontinuing their Nearby Friends and Local Weather features, but they’ll continue to use your location data for un-specified other reasons —…
    • TikTok have announced Pulse an ad offering that will sell highly exclusive ads on the most popular videos (top 4%) by the biggest creators (100K+ subscribers), and the creators will get an abnormally large 50% cut —…
    • Twitter have released a web-based 8-bit-style game to teach people about their privacy policies and settings —… (Editorial by Bart: I had a go and hated it, but it’s nice to see companies getting creative like this)

Deep Dive(s)

❗ Action Alerts

  • Microsoft’s May patch Tuesday updates have been released, including a fix for one zero-day bug in Active Directory that is being actively exploited already —…
  • The latest security patches for Android are out, patch if you can —… (no Zero-days)

Notable News

  • The FIDO Alliance, Apple, Google, Microsoft, and the W3C have partnered to develop new standards that aim to make secure and convenient password-less logins to apps and websites a reality —…
  • 🧯 Security researchers have found a hardware bug in Apple’s M1 & A14 chips, one of its optimisations features can leak information under certain conditions. Thankfully this bug is purely academic ATM, with no real-world risk for us to worry about. Apple are aware of the issue and will presumably address it in future chip designs —…

Top Tips

Interesting Insights

Palate Cleansers

  • 🎧 From Bart: both myself and Allison love Alan Alda’s excellent podcast series where he all sorts of interviews interesting people, often scientists, so it was fun to have the tables turned, and hear Alan interviewed by Jesse Thorn on his podcast: Bullseye: Alan Alda —…
  • 🎧 From Bart: a really fun two-part exploration of computer startup sounds in general, and the many many windows startup chimes there have been over the years in particular from the [Twenty Thousand Hertz podcast]. The deep thought that went into the Windows 11 sounds really impressed me, it explains why Windows 11 feels so Mac-like and polished, Microsoft sweated the details! Ta-da! It’s Windows —… & Windows_Logon.wav —…

  • From Bart: a fascinating explanation of the ingenious inner workings of a mechanical watch, complete with fantastic interactive diagrams that can be rotated in 3 dimensions to really see what’s going on —…

  • From Allister How bad coding practices becomes machine learning — Tweet from @_femb0t


When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.

Emoji Meaning
🎧 A link to audio content, probably a podcast.
A call to action.
flag The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country.
📊 A link to graphical content, probably a chart, graph, or diagram.
🧯 A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂
💵 A link to an article behind a paywall.
📌 A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future.
🎩 A tip of the hat to thank a member of the community for bringing the story to our attention.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top