Feedback & Followups
- πΊπΈ The leaked data from the Allianz Life breach discussed last time has been added to Have-I-Been-Pwned, so you can now check if you are affected β www.bleepingcomputer.com/β¦
- There have been confusing developments in the UK government’s secret attempt to force Apple to break iCloud encryption π¬π§ πΊπΈ
- πΊπΈ Initially, it looked like this crisis was all over when US Director of National Security Tulsi Gabbard posted on X to US citizens that data was now safe, but her statement was very short and devoid of details β appleinsider.com/β¦
> “β¦ the UK has agreed to drop its mandate for Apple to provide a “back door” that would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties.” β Gabbard - π¬π§ The Financial Times, who have been the ones leading the reporting on this story from the start with what appears to be excellent sources added a lot of confusion by sharing fresh reporting on a secret court filing they have seen β appleinsider.com/β¦
> β¦ new court filings seen by the Financial Times show that Apple’s appeal against the demand is continuing. It’s not clear whether the documentation reflects the original demand, or whether the UK has actually not rescinded the order β¦ The IPT filing is in preparation for a court case between Apple and the UK government, which is not scheduled to take place until early 2026. It’s possible that the reports of the UK backing down mean that Apple’s appeal is not necessary, and it may not go ahead β¦ there is a canary in the coal mine. If Apple does not turn back on Advanced Data Protection for UK users β and so far it has not β then the case is continuing. And so is the UK’s attempt to gain backdoor access.
- πΊπΈ Initially, it looked like this crisis was all over when US Director of National Security Tulsi Gabbard posted on X to US citizens that data was now safe, but her statement was very short and devoid of details β appleinsider.com/β¦
Deep Dive(s)
β Action Alerts
- Apple fixes new zero-day flaw exploited in targeted attacks β www.bleepingcomputer.com/β¦ (iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8 & macOS Ventura 13.7.8)
- WhatsApp patches vulnerability exploited in zero-day attacks β www.bleepingcomputer.com/β¦
- β οΈ Docker Desktop Users on Windows: Critical Docker Desktop flaw lets attackers hijack Windows hosts β www.bleepingcomputer.com/β¦
Worthy Warnings
- An example of why you need to be careful giving AI the power to do things (i.e., the risks of agentic AI): Perplexityβs Comet AI browser tricked into buying fake items online β www.bleepingcomputer.com/β¦
- An example that shows that attackers are now succeeding with ‘click-fix’ type scams against Mac users: Fake Mac fixes trick users into installing new Shamos infostealer β www.bleepingcomputer.com/β¦
- πΊπΈ TransUnion suffers data breach impacting over 4.4 million people β www.bleepingcomputer.com/β¦
- This is one of the so-called big three credit reporting agencies!
- We are lacking usable detail; apparently, the data was *’limited’ and did not include actual credit reports
- Note: there really is a spike in data breaches ATM, and the common cause is insecure back-end connections to Salesforce, a so-called supply chain attack.
- If you want to understand how these credit reporting agencies came to exist, listen to Planet Money Episode 798: Bad Credit Bureau
Notable News
- Meta accused of inflating ad results & dodging Apple privacy rules β appleinsider.com/β¦ π¬π§
A filing at the Central London Employment Tribunal, reported by The Financial Times, suggests Meta didn’t play by Apple’s rules. Former product manager Samujjal Purkayastha alleges the company used “deterministic matching” to link data across platforms β¦ That means identifiable details, not anonymous signals, were tied together to track behavior without consent. If true, Meta found a a back door through Apple’s privacy wall.
- πΊπΈ FTC draws hard line on foreign-driven censorship & data demands for Big Tech β appleinsider.com/β¦
On August 21, 2025, FTC Chairman Andrew N. Ferguson sent formal letters to over a dozen technology companies. The recipients included major firms like Apple, Microsoft, Meta, Alphabet, and Amazon β¦ The letters emphasized their responsibility to safeguard the privacy and data security of Americans. They also reminded the companies that this duty remains even when foreign governments request compliance.
- The primary thrust of the letter is that US companies can’t lie in their TOS β if they promise end-to-end encryption, they can’t add secret back doors, even if a foreign government demands it (based on Article 5 of the Federal Trade Act)
- There is also language about not impinging on Americans’ free speech, but it’s much less emphasised (Editorial by Bart: almost reads like an afterthought, perhaps directed more at the Oval Office than the corporate boardrooms).
- Google to verify all Android devs to protect users from malware β www.bleepingcomputer.com/β¦
- This covers all apps, including side-loaded apps
- Purely developer identity verification, not app notarisation like Apple does.
Palate Cleansers
- From Bart:
- A fun game to show rather than tell just how nuts the official email address specification really is β e-mail.wtf/β¦ (via fellow Cross-pond-chit-chatter Adam Engst)
- π¦ A spectacular video explaining the stunning tech inside Apple’s tiny ear buds, and why knockoffs are always worse: The Hidden Design of the Apple Airpod β nebula.tv/β¦
Legend
When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by Bart.
| Emoji | Meaning |
|---|---|
| π§ | A link to audio content, probably a podcast. |
| β | A call to action. |
| flag | The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country. |
| π | A link to graphical content, probably a chart, graph, or diagram. |
| π§― | A story that has been over-hyped in the media, or, “no need to light your hair on fire” π |
| π΅ | A link to an article behind a paywall. |
| π | A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future. |
| π© | A tip of the hat to thank a member of the community for bringing the story to our attention. |
| π¦ | A link to video content. |