{"id":16309,"date":"2018-09-08T15:58:03","date_gmt":"2018-09-08T22:58:03","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=16309"},"modified":"2018-09-08T18:18:16","modified_gmt":"2018-09-09T01:18:16","slug":"sb-2018-09-08","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2018\/09\/sb-2018-09-08\/","title":{"rendered":"Security Bits \u2013 Forced Smartphone Decryption Breaches 5th Amendment, Apple Fails to Remove Malicious App, Google &#038; MasterCard Sharing Info"},"content":{"rendered":"<h3>Followups<\/h3>\n<ul>\n<li>Instapaper comes back to the EU at last \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/product-news\/instapaper-available-in-eu-again\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>Facebook is refusing to comply with a GDPR data request, so a complaint has been lodged with the Irish Data Protection Commissioner (DPR). The DPR has opened an investigation, but has said the case is likely to get escalated from Ireland to the European Data Protection Board. This will be a really important test case to watch \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/29\/facebook-its-too-tough-to-find-personal-data-in-our-huge-warehouse\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Security Medium \u2014 &#x1f1fa;&#x1f1f8; Forced Smartphone Decryption Breaches 5th Amendment to US Constitution<\/h3>\n<p>The US Appeals Court in Indiana (only level below the US Supreme Court) has ruled that forcing a user to decrypt their <strong>encrypted<\/strong> smartphone violates the 5th amendment to the US constitution (<em>self incrimination<\/em>). IMO the ruling is noteworthy for two reasons.<\/p>\n<p><!--more-->Firstly, the ruling recognises that a smartphone is effectively an extension of our brain, and that makes it very special indeed:<\/p>\n<blockquote><p>\n  A modern smartphone, with its central purpose of connecting its owner to the Internet and its ability to store and share incredible amounts of information in \u2018the Cloud\u2019 of online storage, is truly as close as modern technology allows us to come to a device that contains all of its owner\u2019s conscious thoughts, and many of his or her unconscious thoughts, as well. So, when the State seeks to compel a person to unlock a smartphone so that it may search the phone without limitations, the privacy implications are enormous and, arguably, unique.\n<\/p><\/blockquote>\n<p>Secondly, the ruling lays down a set of legal tests it recommends courts apply <em>&#8216;for resolving decryption requests from law enforcement authorities&#8217;<\/em>. <a href=\"https:\/\/www.theindianalawyer.com\/articles\/47929-smartphone-privacy-first-impression-case-splits-coa\">The Indiana Lawyer summarised this structure<\/a> as follows:<\/p>\n<ul>\n<li>Requiring the decryption of data should be recognized as data recreation and, thus, strictly limited.<\/li>\n<li>Law enforcement will have legitimate need of encrypted data in some instances.<\/li>\n<li>Law enforcement requests that are identified as bona fide emergencies should be supported by \u201ca warrant that describes the other imminent crime(s) suspected and the relevant information sought through a warrant.\u201d<\/li>\n<li>Law enforcement should be required to seek digital data through third parties in non-emergency situations.<\/li>\n<li>Fourth Amendment exceptions and state analogues should be inapplicable or strictly limited in \u201cthe search and seizure of digital data stored on devices owned or controlled by that defendant, or from \u2018Cloud\u2019 subscriptions that defendant owns or uses.\u201d<\/li>\n<\/ul>\n<p>Finally, I want to draw attention to the word I bolded in the opening paragraph \u2013 <em>encrypted<\/em>. I&#8217;m not a lawyer, but from my reading of the ruling it seems clear it only applies to encrypted phones:<\/p>\n<blockquote><p>\n  We consider [the plaintif]\u2019s act of unlocking, and therefore decrypting the contents of her phone, to be testimonial not simply because the passcode is akin to the combination to a wall safe as discussed in Doe. We also consider it testimonial because her act of unlocking, and thereby decrypting, her phone effectively recreates the files sought by the State.\n<\/p><\/blockquote>\n<p>So, if you&#8217;re not encrypting your phone yet, here&#8217;s yet another reason to do it!<\/p>\n<h4>Links:<\/h4>\n<ul>\n<li>Naked Security&#8217;s excellent summary of the ruling \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/31\/forcing-iphone-unlock-violates-fifth-amendment-says-court-of-appeals\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>A summary of the ruling from <em>The Indiana Lawyer<\/em> \u2014 <a href=\"https:\/\/www.theindianalawyer.com\/articles\/47929-smartphone-privacy-first-impression-case-splits-coa\">www.theindianalawyer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable Security Updates<\/h3>\n<ul>\n<li>Adobe released a critical out-of-band patch for the Creative Cloud desktop app \u2014 <a href=\"https:\/\/www.us-cert.gov\/ncas\/current-activity\/2018\/08\/28\/Adobe-Releases-Security-Update-Creative-Cloud\">www.us-cert.gov\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable News<\/h3>\n<ul>\n<li>Apple have removed the popular app <em>Adware Doctor<\/em> from the Mac App Store after it was found to be sending users browser history and other data to servers in China. It seems Apple were very slow off the mark though, the app and its developer had a longer history of sketchy behaviour \u2014 <a href=\"https:\/\/daringfireball.net\/2018\/09\/mac_app_store_malware\">daringfireball.net\/\u2026<\/a><\/li>\n<li>In addition to recently introducing 2FA, Instagram have announced two new features to help users distinguish real content  from fake content \u2013 <em>About this Account<\/em> will show information about a user&#8217;s activity, and there will be a process for getting <em>Verified<\/em> badges \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/instagram-fights-misinformation-and-account-hijackings-with-new-tools\/\">nakedsecurity.sophos.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/instagram-verification-authentication\/\">Get Instagram Verification and Two-Factor Authentication \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>A previously secret data-sharing deal between Google and MasterCard has been revealed. This allows Google to link real-world purchases to ad views online. Neither company informed their customers\/users, and while Google point out that user can technically opt out, the setting is obscure and not clearly labelled (<strong>Editorial by Bart<\/strong> while Google can say they <em>technically<\/em> allow users to opt out, the setting is so well obfuscated it may as well not exist, and besides, since they didn&#8217;t announce this deal, how were users supposed to know there was even something they might want to opt out of? IMO this just stinks to high-heaven) \u2014 <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2018-08-30\/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales\">www.bloomberg.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/03\/google-quietly-bought-mastercard-credit-and-debit-card-records\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Mozilla will move to disabling ad-tracking by default in FireFox by putting measures in place to block cross-site tracking and browser fingerprinting \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/03\/firefox-to-start-blocking-ad-tracking-by-default\/\">nakedsecurity.sophos.com\/\u2026<\/a>\n<ul>\n<li>Mozilla&#8217;s post announcing and explaining their new approach \u2014 <a href=\"https:\/\/blog.mozilla.org\/futurereleases\/2018\/08\/30\/changing-our-approach-to-anti-tracking\/\">blog.mozilla.org\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/07\/firefox-finally-casts-windows-xp-users-adrift\/\">Firefox finally casts Windows XP users adrift \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>The latest Chrome update makes it even more cumbersome to run Flash, it really is nearing its long-over-due demise! \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/03\/chrome-flash-is-almost-almost-almost-dead\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Google cracks down on tech support scams by forcing advertisers wishing to advertise such services to go through advanced validation before their ad will be accepted \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/04\/google-ads-cracks-down-on-tech-support-scammers\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1369565\">Windows 10 support extended again: September releases now get 30 months \u2014 arstechnica.com<\/a><\/li>\n<\/ul>\n<h3>Suggested Reading<\/h3>\n<ul>\n<li>PSAs, Tips &amp; Advice\n<ul>\n<li>&#x2b50;&#xfe0f; Security researchers warn of the danger of Safari&#8217;s default setting which opens <em>&#8216;safe&#8217;<\/em> files automatically on download \u2013 TL;DR, disable the setting! (Preferences > General > Open \u201csafe\u201d files after downloading) \u2014 <a href=\"http:\/\/www.loopinsight.com\/2018\/09\/06\/malware-takes-advantage-of-specific-safari-setting\/\">www.loopinsight.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; FYI: <a href=\"https:\/\/tidbits.com\/2018\/08\/27\/as-of-september-2018-microsoft-office-365-updates-will-require-macos-10-12-sierra\/\">As of September 2018, Microsoft Office 365 Updates Will Require 10.12 Sierra \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/www.imore.com\/fail-safe-vs-fail-secure-backing-age-encryption\">Fail safe vs. fail secure: What everyone gets wrong about backups \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/overcast.fm\/+K8ljoJtVM\">159: iPhone SECURITY TIPS You Need to Know! \u2014 Vector with Rene Ritchie \u2014 Overcast \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/how-create-add-child-account-family-sharing\">How to create and add a child account to Family Sharing \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.macobserver.com\/tips\/psa-robo-call-att-pin-social-security-number\/\">PSA: Robo Call Asks AT&amp;T PIN and Social Security Number \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/tips\/deep-dive\/choosing-privacy-applications-for-mac\/\">What To Actually Evaluate When Choosing Privacy Applications for Mac \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-tell-if-an-online-article-is-real-fake-or-a-scam\/\">How to Tell If an Online Article is Real, Fake or a Scam \u2014 www.intego.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Notable Breaches &amp; Privacy Violations\n<ul>\n<li>&#x2b50;&#xfe0f; A very damaging hack of the British Airways website has led to the compromise of tens of thousands of credit cards, including the 3-digit verification codes \u2014 <a href=\"https:\/\/www.telegraph.co.uk\/travel\/news\/ba-british-airways-data-hack-compensation\/\">www.telegraph.co.uk\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; &#x1f1fa;&#x1f1f8; <a href=\"https:\/\/tidbits.com\/2018\/08\/27\/hackers-steal-t-mobile-customer-data-including-passwords\/\">Hackers Steal T-Mobile Customer Data, Including Passwords \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; &#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.macobserver.com\/news\/charter-security-flaw\/\">Charter Security Flaw Just Exposed Customer Data for Millions \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/air-canada-resets-1-7-million-accounts-after-app-breach\/\">Air Canada resets 1.7 million accounts after app breach \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; &#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/06\/social-security-numbers-exposed-on-us-government-transparency-site\/\">Social Security numbers exposed on US government transparency site (foia.gov) \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/hacked-stalking-app-reveals-victims-photos-texts-and-location-info\/\">Hacked stalking app (TruthSpy) reveals victims\u2019 photos, texts and location info \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2018\/09\/for-2nd-time-in-3-years-mobile-spyware-maker-mspy-leaks-millions-of-sensitive-records\/\">For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records \u2014 krebsonsecurity.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/06\/mobile-spyware-maker-mspy-leaks-millions-of-records-again\/\">Mobile spyware maker mSpy leaks millions of records \u2013 AGAIN \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>A bug in the popular Magento eCommerce platform has allows a credit-card-stealing malware campaign to proliferate \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/04\/credit-card-gobbling-code-found-piggybacking-on-ecommerce-sites\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/hotel-chains-customer-data-on-dark-web-500m-records-for-50k\/\">Chinese hotel chain\u2019s customer data on Dark Web \u2013 500M records for $50K \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/krebsonsecurity.com\/2018\/08\/fiserv-flaw-exposed-customer-data-at-hundreds-of-banks\/\">Fiserv Flaw Exposed Customer Data at Hundreds of Banks \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>News\n<ul>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/31\/proposed-us-law-would-require-president-to-act-on-overseas-hackers\/\">Proposed US law would require President to act against overseas hackers \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1365821\">Microsoft obliquely acknowledges Windows 0-day bug published on Twitter \u2014 arstechnica.com<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/five-eyes-encryption-debate\/\">Five Eyes Countries Want to Avoid Public Encryption Debate \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/link\/middle-easter-espionage-macs\/\">Middle East Espionage Involves Hacking Macs \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/04\/how-refusing-to-give-police-your-facebook-password-can-lead-to-prison\/\">How refusing to give police your Facebook password can lead to prison \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Security Researchers have found flaws in two smart access control systems \u2013 <em>iStar Ultra<\/em> &amp; <em>IP-ACM Ethernet Door Module<\/em> \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/05\/knock-knock-digital-key-flaw-unlocks-door-control-systems\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/06\/thousands-of-unsecured-3d-printers-discovered-online\/\">Thousands of unsecured 3D printers discovered online \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/global-law-enforcement-web-portal\/\">Apple Will Create a Global Law Enforcement Web Portal \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/05\/google-releases-free-ai-tool-to-stamp-out-child-sexual-abuse-material\/\">Google releases free AI tool to stamp out child sexual abuse material \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/06\/ungagged-google-warns-users-about-fbi-accessing-their-accounts\/\">Ungagged Google warns users about FBI accessing their accounts \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/microsoft-authenticator-app-launches-apple-watch-public-preview\">Microsoft Authenticator app launches for Apple Watch in public preview \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Opinion &amp; Analysis\n<ul>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/why-yahoo-scanning-user-email-is-no-cause-for-panic\/\">Why Yahoo scanning user email is no cause for panic \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/www.intego.com\/mac-security-blog\/a-honeypot-guide-why-researchers-use-honeypots-for-malware-analysis\/\">A Honeypot Guide: Why Researchers Use Honeypots for Malware Analysis \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/www.imore.com\/what-its-live-under-google-advanced-protection-program\">What it&#8217;s like to live under the Google Advanced Protection Program \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; Browser Extensions: Are They Worth the Risk? \u2014 krebsonsecurity.com\/\u2026](https:\/\/krebsonsecurity.com\/2018\/09\/browser-extensions-are-they-worth-the-risk\/)<\/li>\n<\/ul>\n<\/li>\n<li>Propellor Beanie Territory\n<ul>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/09\/05\/can-sonar-sniff-out-your-androids-lock-code\/\">Can \u2018sonar\u2019 sniff out your Android\u2019s lock code? \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Security researchers demo a proof-of-concept attack that reads the content of a screen by listening to the sounds it emits \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/29\/and-you-you-thought-you-were-safe-behind-your-laptop-screen\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/08\/30\/how-one-man-could-have-pwned-all-your-php-programs\/\">How one man could have pwned all your PHP programs \u2013  nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/sysadmins-prepare-ios-12-mojave\/\">System Administrators: Prepare Your Institution for iOS 12 and macOS Mojave \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>US Cert warns of the dangers of combing dynamic DNS with the WPAD protocol \u2014 <a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/598349\">www.kb.cert.org\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Palate Cleansers<\/h3>\n<ul>\n<li>A wonderful example of how Apple sweats the details \u2013 the emoji of a lock will not show in the Safari title bar because it could make an insecure page seem secure \u2014 <a href=\"http:\/\/www.loopinsight.com\/2018\/08\/28\/an-emoji-that-will-not-show-in-the-safari-title-bar\/\">www.loopinsight.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/new-product-lego-will-teach-your-kid-how-code\">With this new product, Lego will teach your kid how to code \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>Funny, but also disturbing: <img decoding=\"async\" src=\"https:\/\/imgs.xkcd.com\/comics\/voting_software.png\" alt=\"Voting Software\" \/> <a href=\"https:\/\/xkcd.com\/2030\/\">xkcd.com\/\u2026<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Followups Instapaper comes back to the EU at last \u2014 www.macobserver.com\/\u2026 Facebook is refusing to comply with a GDPR data request, so a complaint has been lodged with the Irish Data Protection Commissioner (DPR). The DPR has opened an investigation, but has said the case is likely to get escalated from Ireland to the European [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":14958,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[569],"class_list":["post-16309","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2018\/04\/Security-Bits-Logo_1000px.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/16309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=16309"}],"version-history":[{"count":4,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/16309\/revisions"}],"predecessor-version":[{"id":16320,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/16309\/revisions\/16320"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/14958"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=16309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=16309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=16309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}