{"id":15555,"date":"2018-06-19T11:16:13","date_gmt":"2018-06-19T18:16:13","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=15555"},"modified":"2018-06-19T11:19:07","modified_gmt":"2018-06-19T18:19:07","slug":"sb-usb-restricted-mode-apple-os-security","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2018\/06\/sb-usb-restricted-mode-apple-os-security\/","title":{"rendered":"Security Bits &#8211; USB Restricted Mode, Apple&#8217;s Focus on Security in OS Announcements"},"content":{"rendered":"<h3>Followups<\/h3>\n<ul>\n<li>Telegram have now been able to update their apps on Apple&#8217;s non-Russian app stores \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/04\/apple-lifts-two-month-ban-on-telegram-updates-in-ios-store\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>The VPNFilter malware\/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei &amp; ZTE \u2014 <a href=\"https:\/\/www.zdnet.com\/article\/vpnfilter-malware-now-targeting-asus-d-link-huawei-zte\/\">www.zdnet.com\/\u2026<\/a>, <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/11\/check-your-router-list-of-routers-affected-by-vpnfilter-just-got-bigger\/\">nakedsecurity.sophos.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.imore.com\/vpnfilter-malware\">www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; As anticipated, the vote to restore net neutrality that passed the Senate recently was not even taken up by the House of Representatives, so they didn&#8217;t even get a change to vote on it, and President Trump didn&#8217;t get a chance to veto it. Net Neutrality has officially ended in the US \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/11\/welcome-to-the-non-neutral-net-day-one\/\">nakedsecurity.sophos.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.macobserver.com\/analysis\/net-neutrality-ends\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<p><!--more--><\/p>\n<h3>Security Medium 1 \u2014 <em>USB Restricted Mode<\/em><\/h3>\n<p>It wasn&#8217;t mentioned during the recent WWDC keynote, but some recent beta versions of iOS have included a new security feature named <em>USB Restricted Mode<\/em>. The concept is simple, if an iOS device has not been unlocked recently, then its USB interface will behave as if it were connected via a charge-only USB cable. That is to say, the power pins will function normally, but the data pins will play dead.<\/p>\n<p>One of the mechanisms attackers use to try break into a lost, stolen, or ceased iOS device is to connect it to a computer over USB, and then attack the phone via that port. If the OS on the device is out of date that may well be trivially easy to do, just use a known-patched exploit against it!<\/p>\n<p>This is also the mechanism used by grey-hat companies like GreyShift, makers of the GreyKey iPhone cracking device, to try break into phones on behalf of law enforcement agencies.<\/p>\n<p>This feature is still in beta, so the specifics are still subject to change. Indeed, until this week Apple had not even officially acknowledged the existence of the probably future feature.<\/p>\n<p>Why has this feature been in the news all week then?<\/p>\n<p>One reason is that the feature is included in the first iOS 12 beta. Another is that Apple have now acknowledged the feature&#8217;s existence. But, I think what really set the cat among the pigeons was an article by the New York Times (NYT) that spun the feature as an attempt by Apple to thwart law enforcement. This is of course totally wrong-headed, but it does make for some great click-bait! It&#8217;s in response to the NYT&#8217;s reporting that Apple have acknowledged the feature&#8217;s existence.<\/p>\n<p>The grey-hat companies also helped fan the news flames by claiming they have already found a workaround for the feature. We have nothing to go on but their word for that, so make if it what you will.<\/p>\n<p>We&#8217;ll probably re-visit this story when iOS 12 launches, by which time we&#8217;ll probably know exactly how the feature works, and what its implications are.<\/p>\n<h4>Links<\/h4>\n<ul>\n<li>The original NYT Article \u2014 <a href=\"https:\/\/www.nytimes.com\/2018\/06\/13\/technology\/apple-iphone-police.html\">www.nytimes.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/apple-confirms-ios-feature\/\">Apple Confirms iOS Security Feature to Block Devices Like GrayKey \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/tips\/quick-tip\/phone-ipad-usb-restricted-mode\/\">How to Enable and Disable iPhone and iPad USB Restricted Mode \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Security Medium 2 \u2014 Apple Focuses on Security in OS Announcements<\/h3>\n<p>As usual, Apple previewed their major OS updates at their annual World Wide Developers Conference (WWDC). MacOS 10.14 Mojave and iOS 12 will be released <em>&#8216;in the fall&#8217;<\/em>, but the first beta versions are already in the hands of developers and journalists.<\/p>\n<p>Something that was very noticeable during the keynote presentation was a strong focus on security for both the Mac and iOS. I don&#8217;t want to go into an exhaustive list, so these are just some highlights that caught my eye.<\/p>\n<h4>Improved Privacy Protections in Safari<\/h4>\n<p>The next versions of Safari will improve your privacy in two very important ways.<\/p>\n<p>Firstly, Apple are updating their AI-driven privacy protection to block more kinds of trackers, including things like Facebook like buttons. The exact details of how this will work are not clear yet, but the intention is, and I think that makes it worthy of special mention.<\/p>\n<p>Secondly, Apple is striking a blow against browser fingerprinting. We&#8217;re well aware of overt tracking technologies like cookies \u2014 they preserve state between web page loads by design. But there is a second kind of tracking that&#8217;s less well known, but much more insidious \u2014 browser fingerprinting.<\/p>\n<p>The idea is very simple \u2014 each time a browser sends a request to a website it includes some headers in that request. These headers contain information the server may find useful when formulating its response. The information in these headers all looks innocuous \u2014 your browser version, your OS, a list of acceptable MIME types (plugins like Flash and Silverlight will add themselves to this list), an ordered list of preferred locals (e.g. EN-GB followed by EN-US), a list of available fonts, your screen resolution, and so on. Individually, none of this information identifies you uniquely in any way.<\/p>\n<p>How many million people are using the same browser as you? How many million use the same OS? How many million web surfers prefer British English over US English? The thing is, if you get enough pieces of data that don&#8217;t identify you very well, and put them all together, you soon start to get a very unique fingerprint \u2014 how many people have the identical browser version as you, <strong>and<\/strong> the identical OS version, <strong>and<\/strong> the identical language preferences, <strong>and<\/strong> accept the same list of MIME types, <strong>and<\/strong> have exactly the same list of fonts installed, <strong>and<\/strong> have the same screen resolution, and so on.<\/p>\n<p> Advertisers and trackers have found the answer to be <em>very few<\/em>! In other words, in aggregate, all these little signals soon add up to an almost unique fingerprint that can be used to re-connect browsing sessions even when private browsing is enabled, or when cookies get deleted, or even to connect events on completely separate websites together.<\/p>\n<p>So what has Apple done? Simple, they&#8217;ve removed the headers that weren&#8217;t really needed, and standardised others. For example, instead of returning the list of all installed fonts, Safari will only return the default fonts that come with the OS \u2014 suddenly all Macs look the same as each other when it comes to fonts, hence neutralising the signal from that header. By removing the variability from as many headers as possible, Apple have turned the entropy right down, effectively making more and more Safari users indistinguishable from each other.<\/p>\n<h4>Better Password Management in iOS<\/h4>\n<p>In iOS 11 Apple experimented with using FaceID on iPhone X to protect the iCloud keychain.<br \/>\nBefore Safari on an iPhone X auto-fills a password, it uses FaceID to make sure it&#8217;s really you using the phone. In iOS 12, that behaviour is expanded to include TouchID, so users of other iOS devices will also have to prove their identity before passwords auto-fill.<\/p>\n<p>Another big password-related change is the addition of APIs to allow 3rd-party password manager integrate with password dialogues, making them equally as easy to use as the build-in keychain.<\/p>\n<h4>A Better Sandbox on the Mac<\/h4>\n<p>On the Mac side, Apple have put a lot of effort into improving the list of available entitlements apps can request, making it possible for ever more powerful apps to be sandboxed, and hence, to appear in the Mac app store. To underline the level of improvement two of the highest profile apps driven out of the MacApp Store by the sandboxing requirement, BBEdit and Transmit, are returning!<\/p>\n<p>As well as improving the sandbox for app developers, Apple have also added some user-facing privacy enhancements. More OS-level APIs will now protect your devices and data with explicit opt-in dialogues. For example, when ever an app requests microphone or camera access, the OS will pop up a dialogue asking your permission before granting the requested access.<\/p>\n<h4>And Much Much More &#8230;.<\/h4>\n<ul>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1320893\">A host of new security enhancements is coming to iOS and macOS \u2014 arstechnica.com<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/whats-new-apples-privacy-settings\">What&#8217;s new in Apple&#8217;s Privacy Settings? \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/macos-mojave-whats-new-in-security-and-privacy-features\/\">macOS Mojave: What\u2019s New in Security and Privacy Features \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/why-ios-12-is-huge-for-security-and-privacy\/\">Why iOS 12 Is Huge for Security and Privacy \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/macos-mojave-privacy-features\/\">Here\u2019s All of the macOS Mojave Privacy Features Coming \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/siri-shortcuts-how-apple-keeping-your-data-private-and-secure\">Siri Shortcuts: How Apple is keeping your data private and secure \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/passwords-on-ios-12\/\">How Passwords on iOS 12 Are Treated Differently \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/automatic-updates-ios-12\/\">Automatic System Updates Coming to iOS 12 \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/06\/apple-says-no-to-facebooks-tracking\/\">Apple says no to Facebook\u2019s tracking \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/appleinsider.com\/articles\/18\/06\/05\/face-id-on-ios-12-allows-two-different-faces-to-unlock-the-same-iphone\">Face ID on iOS 12 allows two different faces to unlock the same iPhone \u2014 appleinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable Security Updates<\/h3>\n<ul>\n<li>Adobe patched a zero-day Flash vulnerability that was, and remains, under active exploitation \u2013 if you run Flash, patch your system ASAP \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2018\/06\/adobe-patches-zero-day-flash-flaw\/\">krebsonsecurity.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/07\/flash-zero-day-exploit-act-now\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2018\/06\/microsoft-patch-tuesday-june-2018-edition\/\">Microsoft Patch Tuesday, June 2018 Edition \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable News<\/h3>\n<ul>\n<li>Intel released a security advisory announcing the <em>Lazy FP State Restore<\/em> vulnerability. This bug affects their entire <em>Core<\/em> line of CPUs, but thankfully it&#8217;s difficult to exploit, especially remotely, and can be entirely mitigated by OSes without the need for any microcode updates. OS vendors have begun the process of rolling out fixes \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-lazy-fp-state-restore-vulnerability-affects-all-intel-core-cpus\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>Security researchers have responsibly disclosed the details of a bug in many archiving apps and libraries that they have named <em>ZIP Slip<\/em>. The bug allows maliciously crafted ZIP files to replace system files when vulnerable apps\/libraries try to un-zip them. Because the bug was responsibly disclosed, most of the affected apps have been updated, so for the most part, all regular users have to do is keep their software up to date \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/06\/the-zip-slip-vulnerability-what-you-need-to-know\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Google add <em>Insider Attack Resistance<\/em>, basically hardware security protections similar to Apple&#8217;s <em>Secure Enclave<\/em>, to their Pixel 2 phones \u2014 <a href=\"https:\/\/android-developers.googleblog.com\/2018\/05\/insider-attack-resistance.html\">android-developers.googleblog.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1330767\">Apple bans developers from creating, selling user Contacts databases \u2014 arstechnica.com<\/a><\/li>\n<li>Security researchers have reported that through a combination of poor programming practices and arguably insufficiently clear documentation, many 3rd-party Mac security apps (including VirusTotal &amp; Little Snitch) failed to properly verify digital signatures on apps. Updates are being released, and Apple have clarified their API documentation \u2014 <a href=\"https:\/\/arstechnica.com\/?p=1326011\">arstechnica.com<\/a><\/li>\n<li>Responding to pressure from employees, Google has pledged not to use AI to create weapons of war, facilitate illegal surveillance, or cause <em>&#8216;overall harm&#8217;<\/em>. The new rules do not go so far as to rule out working with military or intelligence organisations \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/11\/google-we-wont-cause-overall-harm-with-our-ai\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1ea;&#x1f1fa; Some major internet pioneers, including Tim Berners Lee &amp; Jimmy Wales have gotten together to send an open letter to the European Parliament, urging them to vote down the current proposal for article 13 of the up-coming new EU-wide law on copyright. Their argument, the law is too vague, and it appears to mandate problematic recognition technologies like those used by YouTube for all content uploaded by Europeans to any large internet site \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/13\/tech-pioneers-new-copyright-law-a-step-towards-an-internet-of-surveillance-and-control\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Suggested Reading<\/h3>\n<ul>\n<li>Notable Breaches &amp; Privacy Violations\n<ul>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2018\/06\/researcher-finds-credentials-for-92-million-users-of-dna-testing-firm-myheritage\/\">Researcher Finds Credentials for 92 Million Users of DNA Testing Firm MyHeritage \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/08\/facebook-bug-may-have-made-14m-users-posts-public\/\">Facebook bug may have made 14m users\u2019 posts public \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/trik-spam-botnet-leaks-43-million-email-addresses\/\">Trik Spam Botnet Leaks 43 Million Email Addresses \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/13\/6-million-cards-compromised-in-dixons-carphone-beach-act-now\/\">6 million cards compromised in Dixons Carphone breach \u2013 act now! \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; A Vermont citizen won a small claims court case she took against Equifax in response to their massive 2017 data breach. She hopes other will follow her lead \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2018\/06\/librarian-sues-equifax-over-2017-data-breach-wins-600\/\">krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>News\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/07\/hackable-cloudpets-pulled-from-target-walmart-amazon-and-more\/\">Hackable CloudPets pulled from Target, Walmart, Amazon and more \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/04\/cloudflare-mistakes-own-1-1-1-1-dns-for-ddos-attack\/\">Cloudflare mistakes own 1.1.1.1 DNS for DDoS attack \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/08\/atlanta-ransomware-attack-destroyed-years-of-police-dashcam-video\/\">Atlanta ransomware attack destroyed years of police dashcam video \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/08\/wannacry-hero-sinks-deeper-into-trouble-as-new-malware-charges-filed\/\">WannaCry hero sinks deeper into trouble as new malware charges filed \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/12\/florida-skips-gun-background-checks-for-a-year-after-employee-forgets-login\/\">Florida skips gun background checks for a year after employee forgets login \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; The EFF do not &#x2764;&#xfe0f; HART, the DHS&#8217;s new biometrics database that appears to be lining itself up to be able to track people in real time through facial and numberplate recognition \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/11\/us-governments-biometric-database-worries-privacy-advocates\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/12\/bitcoin-value-tumbles-as-hackers-loot-coinrail-cryptocurrency-exchange\/\">Bitcoin value tumbles as hackers loot CoinRail cryptocurrency exchange \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/15\/shock-horror-surprise-bitcoin-priceplosion-may-have-been-market-manipulation\/\">SHOCK! HORROR! SURPRISE! Bitcoin priceplosion may have been market manipulation \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/13\/mp-gets-600-rape-threats-in-a-night-wants-an-end-to-online-anonymity\/\">MP gets 600 rape threats in a night, wants an end to online anonymity \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Opinion &amp; Analysis\n<ul>\n<li>The latest FaceBook <em>&#8216;scandal&#8217;<\/em> \u2013 device-makers special access to FaceBook data:\n<ul>\n<li>The original reporting by the NYT that broke the story \u2014 <a href=\"https:\/\/www.nytimes.com\/interactive\/2018\/06\/03\/technology\/facebook-device-partners-users-friends-data.html\">www.nytimes.com\/\u2026<\/a><\/li>\n<li>FaceBook&#8217;s rebuttal \u2014 <a href=\"https:\/\/newsroom.fb.com\/news\/2018\/06\/why-we-disagree-with-the-nyt\/\">newsroom.fb.com\/\u2026<\/a><\/li>\n<li>A nice overview by Naked Security \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/05\/facebook-defends-practice-of-giving-deep-data-access-to-device-makers\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/14\/google-locks-out-extensions-that-dont-come-from-its-chrome-web-store\/\">Google locks out extensions that don\u2019t come from its Chrome Web Store \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/columns-opinions\/particle-debris\/thinking-deeply-browser-choice\/\">Thinking Deeply About the Browser We Use: Chrome, Safari, Firefox? \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Propellor Beanie Territory\n<ul>\n<li>Details have been announced of a very interesting, and now patched, vulnerability in Chrome &amp; FireFox&#8217;s implementations of CSS 3 layer blending modes that could be abused to leak data between websites in situations where that should be impossible \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/05\/bizarre-chrome-and-firefox-flaw-exposed-facebook-details\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/06\/13\/serious-security-how-three-minor-bugs-make-one-major-exploit\/\">Serious Security: How three minor bugs make one major exploit \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Palate Cleansers<\/h3>\n<ul>\n<li><img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/customer_rewards.png\" alt=\"Customer Rewards \u2014 xkcd.com\/...\" \/><br \/>(<a href=\"https:\/\/xkcd.com\/2006\/\">Customer Rewards \u2014 xkcd.com\/\u2026<\/a>)<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Followups Telegram have now been able to update their apps on Apple&#8217;s non-Russian app stores \u2014 nakedsecurity.sophos.com\/\u2026 The VPNFilter malware\/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei &amp; ZTE \u2014 www.zdnet.com\/\u2026, nakedsecurity.sophos.com\/\u2026 &amp; www.imore.com\/\u2026 &#x1f1fa;&#x1f1f8; As anticipated, [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":14958,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[522,126,1104,50,569,1626,2003],"class_list":["post-15555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-fbi","tag-ios","tag-macos","tag-security","tag-security-bits","tag-usb","tag-vulnerabilities"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2018\/04\/Security-Bits-Logo_1000px.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/15555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=15555"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/15555\/revisions"}],"predecessor-version":[{"id":15557,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/15555\/revisions\/15557"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/14958"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=15555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=15555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=15555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}