{"id":21211,"date":"2020-06-14T13:18:43","date_gmt":"2020-06-14T20:18:43","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=21211"},"modified":"2020-06-14T15:49:35","modified_gmt":"2020-06-14T22:49:35","slug":"sb-2020-06-14","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2020\/06\/sb-2020-06-14\/","title":{"rendered":"Security Bits \u2014 14 June 2020"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>As expected, Apple quickly patched the Kernel flaw powering the  Unc0ver Jailbreak: <a href=\"https:\/\/tidbits.com\/2020\/06\/01\/kernel-vulnerability-causes-apple-to-update-all-operating-systems\/\">Kernel Vulnerability Causes Apple to Update All Operating Systems \u2014 tidbits.com\/\u2026<\/a>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/apple-has-stopped-signing-ios-135-stopping-jailbreakers-downgrading\">Apple is no longer signing iOS 13.5, stopping jailbreakers from downgrading \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Covid19 Exposure Notification\/Contact Tracing and other Apps Continue to be developed and rolled out:\n<ul>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/www.macobserver.com\/news\/apple-covid-19-app-and-website-adds-anonymous-symptom-tracking\/\">Apple COVID-19 App and Website Adds Anonymous Symptom Tracking \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; Things remain confusing in the UK:\n<ul>\n<li>Private companies with connections to the government are getting permanent access to health data: <a href=\"https:\/\/www.opendemocracy.net\/en\/under-pressure-uk-government-releases-nhs-covid-data-deals-big-tech\/\">Under pressure, UK government releases NHS COVID data deals with big tech \u2014 www.opendemocracy.net\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/uk-ministers-still-considering-switching-nhs-app-apple-and-googles-framework\">UK ministers still considering switching NHS app to Apple and Google&#8217;s framework \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/uk-covid-19-contact-tracing-app-set-to-launch-in-coming-weeks\/\">UK COVID-19 Contact Tracing App Set to Launch in Coming Weeks \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>This report claims the UK are not considering Apple &amp; Google&#8217;s API: <a href=\"https:\/\/www.imore.com\/uk-launch-contact-tracing-app-when-time-right-says-matt-hancock\">UK to launch contact tracing app &#8216;when the time is right&#8217;, says Matt Hancock \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1ea;&#x1f1fa; <a href=\"https:\/\/www.macobserver.com\/news\/more-european-countries-moving-to-apple-google-framework-for-covid-19-contact-tracing-apps\/\">More European Countries Moving to Apple\/Google Framework For Covid-19 Contact Tracing Apps \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1e8;&#x1f1ed; <a href=\"https:\/\/uk.reuters.com\/article\/us-health-coronavirus-swiss-apps\/swiss-parliament-paves-way-for-coronavirus-tracing-app-rollout-this-month-idUKKBN23F2E9\">Swiss parliament paves way for coronavirus tracing app rollout this month \u2014 uk.reuters.com\/\u2026<\/a><\/li>\n<li>&#x1f1ee;&#x1f1f9; <a href=\"https:\/\/www.imore.com\/italy-launches-contact-tracing-app-based-apple-and-googles-technology\">Italy launches contact-tracing app based on Apple and Google&#8217;s technology \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>&#x1f1f8;&#x1f1ec; <a href=\"https:\/\/www.imore.com\/singapores-contact-tracing-app-isnt-mandatory-because-it-doesnt-work-ios\">Singapore&#8217;s contact tracing app isn&#8217;t mandatory because it doesn&#8217;t work on iOS \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Nintendo have admitted that the breach of their  Nintendo Network IDs last April was actually worse than initially reported, affecting about twice as many accounts (140K on top of the original 160K), and they are warning that if users had PayPal accounts or credit cards linked to their accounts then attackers could have made unauthorised purchases \u2014 <a href=\"https:\/\/www.imore.com\/140000-nintendo-accounts-may-have-been-accessed-illegally-says-nintendo\">www.imore.com\/\u2026<\/a><\/li>\n<li>Social Media Developments:\n<ul>\n<li>17 major tech companies including Facebook, Google, Microsoft &amp; Apple have joined a renewed industry push to combat online child abuse \u2014 <a href=\"https:\/\/www.imore.com\/facebook-google-microsoft-announce-industry-initiative-combat-online-child-sexual-abuse\">www.imore.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.macobserver.com\/news\/apple-helps-fight-childhood-sexual-abuse\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>A major shake-up underway at Redit including changes on the board, and to content policies \u2014 <a href=\"https:\/\/www.reddit.com\/r\/announcements\/comments\/gxas21\/upcoming_changes_to_our_content_policy_our_board\/\">www.reddit.com\/\u2026<\/a>\n<ul>\n<li><strong>Related:<\/strong> &#x1f1ee;&#x1f1ea; the moderators of the Sub-redit for Ireland have started closing it down each night to stem a torrent of racism and other abusive posts \u2014 <a href=\"https:\/\/extra.ie\/2020\/06\/09\/news\/irish-news\/reddit-ireland-shut-down-racism\">extra.ie\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/01\/facebook-to-verify-identities-on-accounts-that-churn-out-viral-posts\/\">Facebook to verify identities on accounts that churn out viral posts \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/facebook-announces-new-manage-activity-feature-lets-you-hide-your-past-posts\">Facebook announces new &#8216;Manage Activity&#8217; feature that lets you hide your past posts \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/twitter-now-labeling-all-tweets-linking-5g-and-coronavirus\">Twitter now labeling all tweets linking 5G and coronavirus \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/techcrunch.com\/2020\/06\/08\/twitter-to-launch-a-revamped-verification-system-with-publicly-documented-guidelines\/\">Twitter to launch a revamped verification system with publicly documented guidelines \u2014 techcrunch.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/12\/twitter-wants-to-know-if-you-meant-to-share-that-article\/\">Twitter wants to know if you meant to share that article \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/twitter-discloses-over-32000-fake-accounts-state-links-china-russia-and-turkey\">Twitter discloses over 32,000 fake accounts with state links to China, Russia, and Turkey \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thenextweb.com\/security\/2020\/06\/04\/signal-can-now-automatically-blur-faces-in-photos-and-you-can-use-the-images-in-any-app\/\">Signal can now automatically blur faces in photos \u2014 and you can use the images in any app \u2014 thenextweb.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/snapchat-we-are-not-currently-promoting-presidents-content-snapchats-discover-platform\">Snapchat stops promoting President Trump following violent tweets \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/tiktok-joins-eus-fight-against-fake-news\">TikTok joins EU&#8217;s fight against fake news \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>A mixed 2 Weeks for Zoom:\n<ul>\n<li>&#x1f3a7; A good in-depth look at Zoom&#8217;s new End-to-End encryption (it seems really well designed): <a href=\"https:\/\/overcast.fm\/+LUuQQY0S8\/1:39:28\">Security Now 769: Zoom\u2019s E2EE Design \u2014 overcast.fm\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/zoom-says-it-wont-end-end-encrypt-free-calls-so-it-can-work-law-enforcement\">Zoom says it won&#8217;t end-to-end encrypt free calls so it can work with law enforcement \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/zoom-u-turns-decision-ban-account-us-based-chinese-pro-democracy-activists\">Zoom U-turns on decision to ban the account of U.S-based Chinese pro-democracy activists \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.imore.com\/zoom-says-we-fell-short-explanation-over-banning-pro-chinese-democracy-accounts\">Zoom says &#8220;we fell short&#8221; in explanation over banning of pro-Chinese democracy accounts \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/lawmakers-zoom-ties-china\/\">U.S. Lawmakers Ask Zoom About its Ties to China \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>WebAuthn: <a href=\"https:\/\/www.imore.com\/google-upgrades-physical-authentication-technology-iphone-and-ipad\">Google upgrades physical authentication technology for iPhone and iPad \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Deep Dive \u2014 The <em>CallStranger<\/em> UPnP Vulnerability<\/h2>\n<p>A security researcher has released details of a new vulnerability in the Universal Plug &amp; Play (UPnP) specification that allows attackers to commandeer vulnerable devices for use in distributed denial of service attacks (DDoS).<\/p>\n<p>For home users the big danger is routers with UPnP enabled on the internet-facing (WAN) side of the router. This won&#8217;t allow attackers to attack you, but it will allow them to use your router to attack others.<\/p>\n<p>If you don&#8217;t need it, I would suggest disabling UPnP on your router. This is by no means the only UPnP attack out there, so disabling UPnP has been my advice for years anyway!<\/p>\n<p>The problem was in the UPnP specification, so that has been updated, and device vendors now need to create and distribute firmware updates to update their implementation of the spec.<\/p>\n<p>###Links<\/p>\n<ul>\n<li>The vulnerability&#8217;s home page \u2014 <a href=\"https:\/\/callstranger.com\/index.html\">callstranger.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>&#x2757; Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you there is some action you should take.<\/aside>\n<ul>\n<li>Last Tuesday was Patch Tuesday, lots of critical updates from Microsoft &amp; Adobe, so patch promptly! \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2020\/06\/microsoft-patch-tuesday-june-2020-edition\/\">krebsonsecurity.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/11\/microsoft-squishes-129-bugs-with-patch-tuesday-updates\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/03\/firefox-fixes-cryptographic-data-leakage-in-latest-security-update\/\">Firefox fixes cryptographic data leakage in latest security update \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/11\/crooks-hijack-black-lives-matter-to-spread-zombie-malware\/\">Crooks hijack \u201cBlack Lives Matter\u201d to spread zombie malware \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/11\/bitcoin-scammers-take-youtube-channels-for-a-spacex-ride\/\">Bitcoin scammers take YouTube channels for a SpaceX ride \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/03\/amtrak-breached-some-customers-logins-and-pii-potentially-exposed\/\">Amtrak breached, some customers\u2019 logins and PII potentially exposed \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/10\/babylon-mobile-health-app-mixes-up-patient-consultation-videos\/\">Babylon mobile health app mixes up patient consultation videos \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2020\/06\/privnotes-com-is-phishing-bitcoin-from-users-of-private-messaging-service-privnote-com\/\">Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/05\/botnet-blasts-wordpress-sites-with-configuration-download-attacks\/\">Botnet blasts WordPress sites with configuration download attacks \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/12\/facebook-paid-for-a-0-day-to-help-fbi-unmask-child-predator\/\">Facebook paid for a 0-day to help FBI unmask child predator \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f9ef;Intel have patched the flaw enabling <em>CROSSTALK<\/em>, another side-channel attack against their CPUs. Like with many side-channel attacks that have been found since <em>Spectre<\/em> and <em>Meltdown<\/em> first drew the security community&#8217;s attention to Intel&#8217;s CPUs, this vulnerability breaks down the security between processes sharing a CPU. For home users that means the malware has to be running on your computer to attack you, which would add no additional value for an attacker since they&#8217;re already succeeded in running malware on your computer! Where this matters is in the cloud, where processes belonging to different organisations share hardware \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/12\/intel-patches-chip-flaw-that-could-leak-your-cryptographic-secrets\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>The privacy-focused commercial browser Brave got into hot water for adding trackers to links: <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/09\/brave-ceo-apologises-for-adding-affiliate-links-to-urls\/\">Brave CEO apologises for adding affiliate links to URLs \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>Apple&#8217;s Bug Bounty Program in Action: <a href=\"https:\/\/nakedsecurity.sophos.com\/2020\/06\/01\/no-password-required-sign-in-with-apple-account-takeover-flaw-patched\/\">No password required! \u201cSign in with Apple\u201d account takeover flaw patched \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>IBM and Amazon pull back from using AI for facial recognition because of fears about biases, privacy concerns, and the possibility of abuses by over-reaching governments and law enforcement agencies:\n<ul>\n<li><a href=\"https:\/\/www.computing.co.uk\/news\/4016237\/ibm-develop-sell-facial-recognition-software\">IBM will no longer develop or sell facial recognition software \u2014 www.computing.co.uk\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/blog.aboutamazon.com\/policy\/we-are-implementing-a-one-year-moratorium-on-police-use-of-rekognition\">We are implementing a one-year moratorium on police use of Rekognition \u2014 blog.aboutamazon.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Two big companies release Open Source security libraries for developers:\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/apple-open-sources-password-manager-resources-help-apps-create-strong-passwords-popular-websites\">Apple open sources Password Manager Resources to help apps create strong passwords for popular websites \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>IBM have released open source toolkits to implement Fully Homomorphic Encryption (lets you process data while it&#8217;s encrypted) for iOS &amp; macOS, and Linux &amp; Android toolkits are on the way \u2014 <a href=\"https:\/\/www.ibm.com\/blogs\/research\/?p=42496\">www.ibm.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>CloudFlare have announced two new variants of it&#8217;s free 1.1.1.1 DNS service aimed at families \u2014 to get free malware filtering use 1.1.1.2, and to get free malware filtering and adult content blocking use 1.1.1.3 \u2014 <a href=\"https:\/\/blog.cloudflare.com\/introducing-1-1-1-1-for-families\/\">blog.cloudflare.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Top Tips<\/h2>\n<aside class=\"small-aside\">Tip, tricks, or advice that is likely to be useful to the NosillaCast audience or the family members and friends whose IT they support.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.imore.com\/how-use-aclu-mobile-justice-app\">How to use the ACLU Mobile Justice app \u2014 www.imore.com\/\u2026<\/a><\/li>\n<li>The IC3, the US government&#8217;s internet security agency, have released a PSA warning of a rise in banking malware, and giving some good practical advice to keep your money safe \u2014 <a href=\"https:\/\/www.ic3.gov\/media\/2020\/200610.aspx\">www.ic3.gov\/\u2026<\/a><\/li>\n<li>A nice guide on how to allow important people bypass do-not-disturb on iOS devices. This is especially important in troubled times like these: <a href=\"https:\/\/www.iphonelife.com\/content\/how-to-let-emergency-contacts-reach-you-when-do-not-disturb-turned\">How to Let Individual Contacts Reach You When Do Not Disturb Is Turned On for All Contacts \u2014 iPhone Life<\/a><\/li>\n<\/ul>\n<h2>Excellent Explainers<\/h2>\n<aside class=\"small-aside\">High-quality content explaining a security concept of some kind.<\/aside>\n<ul>\n<li>&#x1f1fa;&#x1f1f8; An excellent explainer on the important subtleties of section 230 of the US Communications Decency Act: <a href=\"https:\/\/arstechnica.com\/tech-policy\/2020\/06\/section-230-the-internet-law-politicians-love-to-hate-explained\/\">The Internet\u2019s most important\u2014and misunderstood\u2014law, explained \u2014 arstechnica.com\/\u2026<\/a><\/li>\n<li>Important if you plan to run any Apple Betas this summer: <a href=\"https:\/\/www.imore.com\/apple-reminds-everyone-how-file-bug-reports-ahead-ios-14\">Apple reminds developers how to file bug reports ahead of iOS 14 \u2014 www.imore.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything up-beat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><a href=\"https:\/\/matadornetwork.com\/read\/stonehenge-livestream-summer-solstice-celebration\/\">Stonehenge livestream summer solstice event in 2020 \u2014 matadornetwork.com\/\u2026<\/a><\/li>\n<li>&#x1f3a7; An excellent warts-and-all realistic look at America&#8217;s race to the Moon in the 60s: <a href=\"https:\/\/overcast.fm\/+SroP16HNM\">Moonrise \u2014 overcast.fm\/\u2026<\/a> &amp; <\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">&#x1f3a7;<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x2757;<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4ca;<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f9ef;<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> &#x1f642;<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4b5;<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f4cc;<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">&#x1f3a9;<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. As expected, Apple quickly patched the Kernel flaw powering the Unc0ver Jailbreak: Kernel Vulnerability Causes Apple to Update All Operating Systems \u2014 tidbits.com\/\u2026 Apple is no longer signing iOS 13.5, stopping jailbreakers from downgrading [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":19030,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[156,114,50,569,1134,904],"class_list":["post-21211","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-facebook","tag-privacy","tag-security","tag-security-bits","tag-upnp","tag-zoom"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2019\/08\/security_bits_logo_400px_no_alpha.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/21211","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=21211"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/21211\/revisions"}],"predecessor-version":[{"id":21213,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/21211\/revisions\/21213"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/19030"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=21211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=21211"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=21211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}