Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇬🇧 (🏴 & 🏴) Both Apple & Google have stopped the NHS from publishing an update to their COVID app to insert location tracking. This is expressly forbidden in their COVID exposure notification API […]
Continue readingMore TagAuthor: Bart Busschots
Security Bits — 4 April 2021 Including Deep Dive on Firefox’s SmartBlock
Security Bits — 4 April 2021 Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. 🇺🇸 Following on from the excellent Motherboard reporting last time that showed how easy it was to hijack the SMS messages destined for a US cellphone number, the […]
Continue readingMore TagSecurity Bits — 21 March 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. An interesting timeline of the Microsoft Exchange mega-attack discussed last time (Editorial by Bart: it really begs the question ‘what took Microsoft so long?’) — krebsonsecurity.com/… Bloomberg Report that when Parler (the social media […]
Continue readingMore TagSecurity Bits — 7 March 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Silver Sparrow Mac Malware Update: Correction: in the previous Security Bits we made it sound like 30K M1 Macs were infected with this new strain of malware, and that it only affected M1 Macs. […]
Continue readingMore TagSecurity Bits — 21 February 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. In the previous instalment we joined in the mockery of a Chinese railroad company that relied on Flash for their operations. Listener Tom Merit got in touch with a follow-up article which casts some […]
Continue readingMore TagSecurity Bits — 28 January 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The SolarWinds attack Malwarebytes Reveals it Was Hacked by Nation-State Behind ‘SolarWinds’ — www.macobserver.com/… Did not use SolarWinds products Vector was their Office365 tenancy (Microsoft spotted suspicious activity on their account and contacted them) […]
Continue readingMore TagSecurity Bits — 17 January 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. COVID Update: Apple have released iOS 12.5.1, bug-fix for the un-expected iOS 12.5 recently released to add COVID exposure tracking to older iPhones — www.macobserver.com/… Yelp have added fields to allow reviewers to mark […]
Continue readingMore TagSecurity Bits — 3 Jan 2021
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. More Details Emerge on the Solar Winds Attack As expected, the private sector was targeted too: Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack — www.theverge.com/… Microsoft Says […]
Continue readingMore TagSecurity Bits — 27 December 2020 – Oblivious DNS over HTTPS or ODoH
Deep Dive — Cloudflare & Apple add Privacy to Secure DNS with ODoH Cloudflare, Apple, & hosting company Fastly have collaborated to create a new secure and private DNS specification that extends DNS over HTTPS (DoH). They’ve both released the spec, and released sample implementations of the various components in Ruby and Go. The Problem […]
Continue readingMore TagSecurity Bits — 20 December 2020 – SolarWinds, Apple’s Tracking Transparency
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Listener Thomas Cooper Question — Is TikTok a National Security Threat? TL;DR — nope We got some listener feedback asking about the US’s proposed ban on TikTok on national security grounds. This is very […]
Continue readingMore Tag