We felt it was a good idea to bring everyone up to speed on what we know a week later about Spectre and Meltdown instead of waiting for our regularly scheduled Security Bits.
Continue readingAuthor: Bart Busschots
Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre
Security Bits – 5 Jan 2018 Security Medium 1 — Password Managers as Trackers Security researchers have found that less-reputable tracking firms have deployed JavaScript which uses invisible forms to trick password managers into entering information which can then be used as a kind of super-cookie that users cannot delete, and hence, track them around […]
Continue readingSecurity Bits – HP Keylogger, Mailsploit
Security Medium 1 — HP’s Accidental Keylogger Some HP laptops shipped with a keyboard driver from Synaptics in which a developer debugging feature was accidentally left enabled. The effect of this mistake is that the driver has built-in support for logging all keystrokes via WPP (a debugging tool that’s built into Windows). This sounds bad, […]
Continue readingSecurity Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption
Security Medium 1 — macOS High Sierra Root Bug A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password. To trigger this bug all you had to do was go into the control panel, click […]
Continue readingSecurity Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips
Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail. What the hackers really […]
Continue readingSecurity Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit
Security Medium 1 — Canvas Fingerprinting Before we look at canvas finger printing, I just want to set the scene with a reminder of one of the most fundamental truths about how the web was designed – each web page load is an independent event. Because that meant websites had no memory of anything that […]
Continue readingSecurity Bits – 22 October 2017
Security Medium 1 – WPA WiFi Encryption Develops KRACKs This week started with a big security news announcement (responsibly disclosed, which is nice). Security researchers at the Belgian university KU Leuven revealed a collection of related attacks against the WPA2 protocol (WiFi Protected Access version 2). The problem at the root of these attacks was […]
Continue readingSecurity Bits – 15 October 2017
Correction – Apple’s Better Cookies are iOS 11 & macOS High Sierra Only A few weeks ago we looked at Apple’s new and improved cookie handling algorithm in detail, and we at the very least implied it was a Safari 11 feature, but it’s not, it’s an iOS 11 & macOS High Sierra feature. Even […]
Continue readingSecurity Bits – 30 September 2017
From Allison: I’ve just decided that it might be a nice enhancement to the podcast and blog if you could see Security Bits as a stand-alone blog post. Makes it easier to find and more importantly easier to reference when sharing with others. Bart will be shown as the author (since he IS the author) […]
Continue reading
Anker USB Charger Solves a Lot of Problems
The problem to be solved is that I regularly need to charge multiple things at the same time in my kitchen, and I don’t want to waste too many wall outlets, or, be constantly plugging things in and out. I need the ability to charge Apple devices like my iPhone and my iPad, and, to […]
Continue reading