Open post
NosillaCast Logo

NC #657 Making Holiday Labels, Pocket Casts vs Downcast, Patreon Changes, Security Bits

Tom Merritt was on Chit Chat Across the Pond to talk net neutrality. I confess that after all my “I have made fire” talk about writing a script for chapter marks, it didn’t actually work. Learn how to make Holiday Card Address Labels using plain old Apple Contacts. Rush Sherman asks our first ever video Dumb Question – why do I use Downcast when I clearly said I used Pocket Casts before? Patreon did a major shift in how they charge patrons and pay creators, and I wanted to tell you how I feel about it and what hopefully will be changing. In a rare moment of music enjoyment, I suggest you buy If Every Day Were Christmas from Slau Halatyn. Bart Busschots brings us Security Bits about the macOS Root Bug, a HomeKit Bug, and changes to iOS Backup Encryption.

mp3 download

Continue reading “NC #657 Making Holiday Labels, Pocket Casts vs Downcast, Patreon Changes, Security Bits”

Open post
Security Bits Logo

Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption

Security Medium 1 — macOS High Sierra Root Bug

A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password.

To trigger this bug all you had to do was go into the control panel, click the padlock to un-lock the sensitive settings, change the username to root, enter no password, then hit enter. At this point the authentication would fail, but, the root account would have been made active. Hit enter again, and root with a blank password will be accepted as valid. At this point you can do anything in the control panel, no matter how restricted your account is in theory, and, anything you can get full terminal access as root.

Continue reading “Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption”

Open post
NosillaCast Logo

NC #655 Follow Up on Chapters, Reader View and Adding Workouts, Show Hidden Files, Mind Map iOS 11 Settings, Security Bits

I’m still working on how to get chapters in the podcast (this show might have them!) Follow up tips from Mike Price and Kaylee Dayo on Reader View. How Sandy and Allister saved Thanksgiving with their tip on saving a workout from last week. Bart brings us a Tiny Tip on a trivially easy way to show and hide hidden files in macOS Sierra and High Sierra. I mind mapped all of the settings in iOS 11, and it was utter madness. In Security Bits Bart and I talk about how Face ID isn’t broken, we learn about USB bugs in the Linux Kernel and how there’s a vulnerability in Intel chips you might need to know about.

mp3 download

Continue reading “NC #655 Follow Up on Chapters, Reader View and Adding Workouts, Show Hidden Files, Mind Map iOS 11 Settings, Security Bits”

Open post
Security Bits Logo

Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips

Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits

A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.

What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.

Continue reading “Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips”

Open post
NosillaCast Logo

NC #653 iOS Clean Install, iPhone X Second Look, Animoji Karaoke, Hue Motion Sensor, Security Bits

Possible replacement for Clarify (but maybe we don’t need it), a clean install tip for iOS from Joop Bruggink, a second look at iPhone X after a bit more time, my attempt at Animoji Karaoke, Denise Crown brings us her review of the Hue Motion Sensor. Then we have an installment of Security Bits with Bart Busschots.

mp3 download

Continue reading “NC #653 iOS Clean Install, iPhone X Second Look, Animoji Karaoke, Hue Motion Sensor, Security Bits”

Open post
Security Bits Logo

Security Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit

Security Medium 1 — Canvas Fingerprinting

Before we look at canvas finger printing, I just want to set the scene with a reminder of one of the most fundamental truths about how the web was designed – each web page load is an independent event. Because that meant websites had no memory of anything that went before, i.e. no concept of state the original web could not cope with concepts like logging in, or shopping baskets. Something had to be bolted on to allow web servers connect individual requests into related groups of requests.

The official mechanism added to the HTTP protocol for retaining state between requests is the humble cookie. Cookies gave us the ability to log in, and basically, the modern web. But, they came with a dark side — as well as enabling all the cool things we like about the modern web, they also enabled tracking.

Continue reading “Security Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit”

Open post
Security Bits Logo

Security Bits – Child Smart Watches, IRS Not Worried about Equifax, Microsoft Office DDE, Eltima Hacked

Notable News

Continue reading “Security Bits – Child Smart Watches, IRS Not Worried about Equifax, Microsoft Office DDE, Eltima Hacked”

Open post
NosillaCast Logo

NC #650 Resetting People Album in Photos, Grammarly, KRACK and ROCA in Security Bits

Bart was on the Phileas Club this week to talk about Ireland, and I was on Daily Tech News Show with Sarah Lane. Rick from Baltimore joins us with his first audio submission, where he tells us about how he discovered how to reset the People album in Apple Photos. I’ve found a tool called Grammarly to help me minimize typos that makes me happy. Bart brings us an out-of-band Security Bits session because of the big vulnerability discovered this week in WiFi. It’s oddly a reassuring session!

mp3 download

Continue reading “NC #650 Resetting People Album in Photos, Grammarly, KRACK and ROCA in Security Bits”

Open post
Security Bits Logo

Security Bits – 22 October 2017

Security Medium 1 – WPA WiFi Encryption Develops KRACKs

This week started with a big security news announcement (responsibly disclosed, which is nice). Security researchers at the Belgian university KU Leuven revealed a collection of related attacks against the WPA2 protocol (WiFi Protected Access version 2). The problem at the root of these attacks was not related to any specific implementation of the spec, but with the spec itself, so every manufacturer who implemented the spec correctly would have introduced these vulnerabilities into their WiFi drivers. Because you have to give a bug a fancy name to get any media attention these days, it was given the somewhat strained pseudo-acronym KRACKs, from key reinstallation attacks.

We’re not going to go into the technical minutia here, but I have included links to some good explanations below. I do want to give a high-level overview of the problem though.

Continue reading “Security Bits – 22 October 2017”

Open post
NosillaCast Logo

NC #649 Cloud Outliner, Apple TV Remote Case, Selling Apple Gear, Security Bits

Barry Porter tells us about another way to address Bluetooth problems by resetting the Bluetooth hardware module. I’ll tell you why I like Setapp and how it helped me find Cloud Outliner Pro from xwavesoft.com/…. In a Tiny Tip I tell you how to solve the problem of your Apple TV remote always being upside down. Then I’ll tell you the process of how I sell my Apple products so I can afford new toys. We’ve got Bart Busschots with Security Bits.

mp3 download

Continue reading “NC #649 Cloud Outliner, Apple TV Remote Case, Selling Apple Gear, Security Bits”

Posts navigation

1 2 3 4 5
Scroll to top