{"id":20907,"date":"2020-05-03T13:46:55","date_gmt":"2020-05-03T20:46:55","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=20907"},"modified":"2020-05-03T13:46:55","modified_gmt":"2020-05-03T20:46:55","slug":"sb-2020-05-03","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2020\/05\/sb-2020-05-03\/","title":{"rendered":"Security Bits \u2014 3 May 2020"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>Zoom continues to respond positively to problems with and criticisms of their platform:\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/zoom-announces-50-update-tougher-encryption-and-new-security-features\">Zoom announces 5.0 update with tougher encryption and new security features \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>Last time Bart was not sure of the exact detail of how Zoom&#8217;s region controls worked, iMore have the details: <a href=\"https:\/\/www.imore.com\/zoom-has-fixed-one-biggest-complaints-about-its-platform\">Zoom has fixed one of the biggest complaints about its platform \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f3a7; Steve Gibson gave their efforts an enthusiastic &#x1f44d;: <a href=\"https:\/\/overcast.fm\/+LUuRT4PHU\/12:14\">Security Now Episode 763: The COVID Effect \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.imore.com\/zoom-now-has-more-300-million-daily-users\">Zoom now has more than 300 million daily users \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>COVID-19 Contact Tracing\/Exposure Notification\n<ul>\n<li>Apple &amp; Google have updated their API a little in response to feedback. None of the fundamentals have changed, but there has been a big re-branding from the scary and privacy-invading-sounding term <em>&#8216;Contact Tracing&#8217;<\/em> to the more accurate, and friendlier sounding, term <em>&#8216;Exposure Notification&#8217;<\/em>:\n<ul>\n<li><a href=\"https:\/\/www.macrumors.com\/2020\/04\/24\/apple-and-google-strengthen-privacy-covid\/\">Apple and Google Strengthen Privacy of COVID-19 Exposure Notification System, Targeting Next Week for Beta Release \u2014 www.macrumors.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/apple-and-google-will-disable-covid-19-tracing-when-pandemic-ends\">Apple and Google will disable COVID-19 tracing when pandemic ends \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/apple-has-added-covid-19-exposure-notifications-ios-135-beta\">Apple has added &#8220;COVID-19 Exposure Notifications&#8221; in the iOS 13.5 beta \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>Cartoon graphic explaining how Exposure Notification can work: <a href=\"https:\/\/ncase.me\/contact-tracing\/\">ncase.me\/&#8230;<\/a><\/li>\n<li>Nate Lanxon explains Apple\/Google&#8217;s Exposure Notification on Tech&#8217;s Message Podcast using &#8220;Jeff&#8221; and &#8220;Boat-Shaped Head&#8221;: <a href=\"https:\/\/www.uktechshow.com\/episodes\/techs-message-podcast-episode-55kzh\">www.uktechshow.com\/&#8230;<\/a><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.cnbc.com\/2020\/04\/28\/apple-iphone-contact-tracing-how-it-came-together.html\">How a handful of Apple and Google employees came together to help health officials trace coronavirus \u2014 www.cnbc.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/link\/cellebrite-tools-covid-19\/\">Cellebrite Pitches its iPhone Hacking Tools as COVID-19 Surveillance Solution \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><em><strong>Editorial by Bart:<\/strong> Lots of countries are wrestling with the decision of how to proceed \u2014 centralise and send all the data to the government, or, distribute, so the data remains on-device and private. More data is better for scientists and health officials, but very open to abuse and will deter users, and these apps are only useful when lots of people use them, so in democracies, I think decentralised is the only way to go, and Germany&#8217;s U-turn adds credence to that.<\/em>\n<ul>\n<li>&#x1f1eb;&#x1f1f7; &#x1f1ec;&#x1f1e7; Apple &amp; Google&#8217;s refusal to make exceptions to their security and privacy protections is causing problems for countries like France and the UK that want to go with a centralised approach: <a href=\"https:\/\/www.ft.com\/content\/10f87eb3-87f9-46ea-88ab-8706adefe72d\">www.ft.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.imore.com\/france-claims-apples-privacy-policy-blocking-its-contact-tracing-app\">France claims Apple&#8217;s privacy policy is blocking its contact tracing app \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; Regardless of what Apple &amp; Google say or do, the UK is pressing ahead with a centralised app:\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/uk-has-rejected-apple-and-googles-contact-tracing-program\">The UK has rejected Apple and Google&#8217;s contact tracing program \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/uk-coronavirus-testing-app-could-be-rolled-out-in-two-three-weeks\/\">UK Coronavirus Contact Tracing App Could be Rolled Out in Two-Three Weeks \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/privacy-advocates-raise-concerns-about-uk-covid-19-contact-tracing-app\/\">Privacy Advocates Raise Concerns About UK COVID-19 Contact Tracing App \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/nhs-says-despite-not-following-apple-and-google-its-contact-tracing-app-will-work\">The NHS says despite not following Apple and Google, its contact tracing app will work \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1e9;&#x1f1ea; <a href=\"https:\/\/www.imore.com\/germany-reverses-course-now-supports-apple-and-googles-contact-tracing\">Germany reverses course, supports Apple\/Google&#8217;s contact tracing approach \u2014 www.imore.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/28\/coronavirus-tracking-tool-from-apple-and-google-embraced-by-germany\/\">Coronavirus tracking tool from Apple and Google embraced by Germany \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.imore.com\/cdcs-guidance-contact-tracing-apps-align-apple-and-google\">The CDC&#8217;s guidance on contact tracing apps align with Apple and Google \u2014 www.imore.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> &#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.imore.com\/us-senators-propose-covid-19-data-privacy-bill\">U.S. Senators propose COVID-19 data privacy bill \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> &#x1f1fa;&#x1f1f8; <a href=\"https:\/\/arstechnica.com\/?p=1671845\">Half of Americans won\u2019t trust contact-tracing apps, new poll finds \u2014 arstechnica.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.imore.com\/us-poll-suggests-americans-sharply-divided-use-contact-tracing-apps\">U.S. poll suggests Americans sharply divided on use of contact tracing apps \u2014 www.imore.com\/\u2026<\/a>\n<ul>\n<li><strong>Editorial by Bart:<\/strong> the questions in this poll were poorly worded, so this result may not be as meaningful as it could be. John Gruber explains the problem succinctly: <a href=\"https:\/\/daringfireball.net\/linked\/2020\/04\/30\/washington-post-exposure-notification-poll\">Regarding the Washington Post&#8217;s Poll on Americans&#8217; Willingness to Use Smartphone Apps for Exposure Notification \u2014 daringfireball.net\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1e8;&#x1f1e6; <a href=\"https:\/\/www.imore.com\/contact-tracing-stirs-debate-canada\">Contact tracing stirs debate in Canada \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f1ee;&#x1f1ea; <a href=\"https:\/\/www.imore.com\/irish-government-confirms-it-will-use-decentralized-contact-tracing-model\">Irish government confirms it will use de-centralized contact tracing model \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><strong>Related:<\/strong> an excellent explainer covering the what, the how, and the why: <a href=\"https:\/\/www.imore.com\/contact-tracing-guide-one-possible-pandemic-solution\">Contact tracing: A guide to one possible pandemic solution \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f3a7; An in-depth discussion of this issue: <a href=\"https:\/\/overcast.fm\/+Ip8zd0_To\">The Real Story: Coronavirus &#8211; Is mass surveillance here to stay? \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Social Media companies continue to respond to the COVID-19 crisis\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/21\/facebook-to-alert-us-if-weve-been-exposed-to-fake-coronavirus-news\/\">Facebook to alert us if we\u2019ve been exposed to fake coronavirus news \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/link\/facebook-removes-pseudoscience-category\/\">Facebook Removes \u2018Pseudoscience\u2019 Category for Targeted Ads \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/facebook-launches-messenger-rooms-compete-facetime-and-zoom\">Facebook launches Messenger Rooms to compete with FaceTime and Zoom \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/new-whatsapp-beta-expands-group-call-limit-8-people\">New WhatsApp beta expands group call limit to eight people \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Google are continuing the fight against dangerous browser extensions: <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/05\/01\/google-fights-spammy-extensions-with-new-chrome-web-store-policy\/\">Google fights spammy extensions with new Chrome Web Store policy \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f3a7; We wondered last time where on earth the COVID-19 5G conspiracy came from, the wonderful RESET podcast has the answer: <a href=\"https:\/\/overcast.fm\/+YH-4XLxww\">RESET: The 5G coronavirus conspiracy theory \u2014 overcast.fm\/\u2026<\/a><\/li>\n<\/ul>\n<h2>&#x1f9ef; Deep Dive \u2014 The iOS Mail Bug<\/h2>\n<p><strong>TL;DR \u2014 don&#8217;t panic, there is no immediate danger, and a patch is on the way &#x1f642;<\/strong><\/p>\n<p>Security researchers found a pair of bugs in Apple&#8217;s Mail app on iOS that would cause the app to crash when trying to load a maliciously crafted mail. Importantly, the bugs can&#8217;t be used to actually exploit a device without being paired with other bugs in an exploit chain. This makes the bugs useful building-blocks for an attacker, but not a problem in isolation. Basically \u2014 Apple&#8217;s multi-layered security system is doing what it should and protecting us all from this bug!<\/p>\n<p>The security researchers claimed they had evidence that the bug was being actively exploited in the wild, but on further inspection those claims seem very suspect. Perhaps the most charitable thing you could say is that they are circumstantial at best. The emails they found could be evidence of failed attempted exploits, or, they could be perfectly normal MIME-encoded data, a given that MIME is used to send email attachments, that definitely seems the more likely explanation to me &#x1f642;<\/p>\n<p>Apple have also responded to the claims stating they can find no evidence of these bugs every having been exploited in the wild, and pointing out that the bugs can&#8217;t be used to exploit an iPhone directly.<\/p>\n<p>The bugs have been patched in the latest iOS betas.<\/p>\n<h3>Links<\/h3>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/23\/iphone-zero-day-dont-panic-heres-what-you-need-to-know\/\">iPhone zero day \u2013 don\u2019t panic! Here\u2019s what you need to know \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/tidbits.com\/2020\/04\/23\/ios-mail-exploits-serious-but-unlikely-to-affect-normal-users\/\">iOS Mail Exploits Serious but Unlikely to Affect Normal Users \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/new-security-vulnerability-has-been-discovered-default-mail-app\">A new security vulnerability has been discovered in the default Mail app \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/zecops-zero-day-ios-13\/\">iPhone Zero Day Found, Will Be Patched in iOS 13 \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/apple-responds-claim-mail-app-exploit-ios-13\">Apple responds to claim of Mail app exploit in iOS 13 \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/9to5mac.com\/2020\/04\/24\/iphone-mail-vulnerabilities\/\">Apple strongly denies that iPhone Mail vulnerabilities have been exploited \u2014 9to5mac.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>&#x2757; Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/24\/patch-now-microsoft-issues-unexpected-office-fix\/\">Patch now! Microsoft issues unexpected Office fix \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/30\/bumper-adobe-update-fixes-flaws-in-magento-bridge-and-illustrator\/\">Bumper Adobe update fixes flaws in Magento, Bridge and Illustrator \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/nintendo-switch-data-leak-exposes-160000-users-hacking-attempts\">Nintendo Switch data leak exposes 160,000 users by impersonating NNID \u2014 www.imore.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.imore.com\/how-to-enable-two-factor-authentication-your-nintendo-account\">How to enable two-factor authentication (2FA) for your Nintendo account \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/28\/warning-fake-zoom-hr-meeting-emails-phish-for-your-password\/\">Warning! Fake Zoom \u201cHR meeting\u201d emails phish for your password \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/20\/new-sextortion-scam-high-level-of-risk-your-account-has-been-hacked\/\">New sextortion scam: \u201cHigh level of risk. Your account has been hacked.\u201d \u2014 nakedsecurity.sophos.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/22\/porn-scammers-making-100000-a-month-from-sextortion-emails\/\">Porn scammers making $100,000 a month from sextortion emails \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Google&#8217;s project Zero has released details of bugs patched in recent versions of Apple&#8217;s OSes, so if you haven&#8217;t patched yet, do! \u2014 <a href=\"https:\/\/www.imore.com\/google-reveals-zero-click-bugs-apple-has-patched-recent-weeks\">Google reveals zero-click bugs that Apple has patched in recent weeks \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/22\/309-million-facebook-users-phone-numbers-and-more-found-online\/\">309 million Facebook users\u2019 phone numbers found online \u2014 nakedsecurity.sophos.com\/\u2026<\/a> (No passwords, but enough data to automate convincing phishing scams)<\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/23\/password-free-database-of-exercise-app-kinomap-leaks-42m-user-records\/\">Password-free database of exercise app Kinomap leaks 42m user records \u2014 nakedsecurity.sophos.com\/\u2026<\/a> (No passwords, but enough data to automate convincing phishing scams)<\/li>\n<li><a href=\"https:\/\/www.pcmag.com\/news\/exclusive-netatmo-patches-security-hole-in-indoor-camera\">Netatmo Patches Security Hole in Indoor Camera \u2014 www.pcmag.com\/\u2026<\/a><\/li>\n<li><strong>Attention WordPress Users<\/strong> \u2014 there&#8217;s a vulnerability in the obsolete theme <em>OneTone<\/em> being exploited in the wild to take over wordpress sites \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/29\/flaw-in-defunct-wordpress-plugin-exploited-to-create-backdoor\/\">nakedsecurity.sophos.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> there was also a security update to WordPress itself to patch a critical bug, but if your site is properly configured, it should have auto-installed itself: <a href=\"https:\/\/wordpress.org\/news\/2020\/04\/wordpress-5-4-1\/\">wordpress.org\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><strong>Attention Ruby Developers<\/strong> \u2014 beware of typo-squatting malware in the RubyGems repository: <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/23\/trove-of-rubygems-malware-highlights-software-supply-chain-issues\/\">Trove of RubyGems malware highlights software supply chain issues \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>A strange new iOS bug has surfaced that causes devices to freeze when they meet a certain sequence of emoji. If it happens to you, the fix is to reboot your phone: <a href=\"https:\/\/www.imore.com\/bizarre-text-bomb-crashing-ios-devices\">This bizarre text bomb is crashing iOS devices \u2014 www.imore.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/28\/iphone-word-of-death-could-crash-your-phone-what-you-need-to-know\/\">iPhone \u201cword of death\u201d could crash your phone \u2013 what you need to know \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.inputmag.com\/tech\/eight-year-old-discovers-screen-time-workaround-to-watch-more-youtube\">Eight-year-old discovers iPhone Screen Time workaround to watch more YouTube \u2014 www.inputmag.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/29\/twitter-turns-off-sms-based-tweeting-in-most-countries\/\">Twitter turns off SMS-based tweeting in most countries \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/techcrunch.com\/2020\/04\/21\/epic-games-launches-fortnite-on-the-google-play-store-and-theyre-not-happy-about-it\/\">Epic Games launches Fortnite on the Google Play Store and they\u2019re not happy about it \u2014 techcrunch.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.wired.com\/story\/cloudflare-bgp-routing-safe-yet\/\">You Can Now Check If Your ISP Uses Basic Security Measures | WIRED<\/a><\/li>\n<\/ul>\n<h2>Top Tips<\/h2>\n<aside class=\"small-aside\">Tip, tricks, or advice that is likely to be useful to the NosillaCast audience or the family members and friends whose IT they support.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/best-file-transfer-services\">Best File Transfer Services in 2020 \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/30\/zero-click-mobile-phone-attacks-and-how-to-avoid-them\/\">\u201cZero-click\u201d mobile phone attacks \u2013 and how to avoid them \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-online-ads-can-endanger-your-security\/\">How online ads can endanger your security \u2014 www.intego.com\/\u2026<\/a><\/li>\n<li>A superb human-friendly explanation of a now-patched iOS bug: <a href=\"https:\/\/daringfireball.net\/linked\/2020\/05\/02\/psychic-paper\">daringfireball.net\/\u2026<\/a><\/li>\n<li>A fascinating deep-dive in to how the recently patched Safari web cam bug worked and was found: <a href=\"https:\/\/www.ryanpickren.com\/webcam-hacking\">Webcam Hacking: www.ryanpickren.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Just Because it&#8217;s Cool &#x1f60e;<\/h2>\n<aside class=\"small-aside\">Stories that are not important, that don&#8217;t require you to do anything, and that you don&#8217;t even have to worry about.<\/aside>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/04\/20\/fan-vibrations-can-be-used-transmit-data-from-air-gapped-machines\/\">Fan vibrations can be used to transmit data from air-gapped machines \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything up-beat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.starwars.com\/news\/star-wars-backgrounds\">Join Meetings from A Galaxy Far, Far Away with These Star Wars Backgrounds \u2014 www.starwars.com\/\u2026<\/a><\/li>\n<li>&#x1f3a6; Some excellent (and playfully delivered) advice from the wonderful CGP Grey for managing life during lockdown: <a href=\"https:\/\/www.youtube.com\/watch?v=snAhsXyO3Ck&amp;feature=share\">Lockdown Productivity: Spaceship You &#8211; YouTube \u2014 www.youtube.com\/\u2026<\/a><\/li>\n<li>&#x1f3a6; <strong>From Allison:<\/strong> <a href=\"https:\/\/kottke.org\/20\/04\/build-your-own-magically-floating-lego-tensegrity-sculpture\">Build Your Own Magically Floating Lego Tensegrity Sculpture \u2014 kottke.org\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">&#x1f3a7;<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x2757;<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4ca;<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f9ef;<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> &#x1f642;<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4b5;<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4cc;<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f3a9;<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. Zoom continues to respond positively to problems with and criticisms of their platform: Zoom announces 5.0 update with tougher encryption and new security features \u2014 www.imore.com\/\u2026 Last time Bart was not sure of the [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":19030,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[50,569],"class_list":["post-20907","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-security","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2019\/08\/security_bits_logo_400px_no_alpha.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/20907","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=20907"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/20907\/revisions"}],"predecessor-version":[{"id":20909,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/20907\/revisions\/20909"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/19030"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=20907"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=20907"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=20907"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}