{"id":34440,"date":"2025-08-31T13:27:24","date_gmt":"2025-08-31T20:27:24","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=34440"},"modified":"2025-08-31T13:27:24","modified_gmt":"2025-08-31T20:27:24","slug":"sb-2025-08-31","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2025\/08\/sb-2025-08-31\/","title":{"rendered":"Security Bits \u2014 31 August 2025"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 The leaked data from the Allianz Life breach discussed last time has been added to Have-I-Been-Pwned, so you can now check if you are affected \u2014 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/massive-allianz-life-data-breach-impacts-11-million-people\/\">www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>There have been confusing developments in the UK government&#8217;s secret attempt to force Apple to break iCloud encryption \ud83c\uddec\ud83c\udde7 \ud83c\uddfa\ud83c\uddf8\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 Initially, it looked like this crisis was all over when US Director of National Security Tulsi Gabbard posted on X to US citizens that data was now safe, but her statement was very short and devoid of details \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/25\/08\/19\/uk-blinks-backs-down-from-its-apple-backdoor-encryption-demand\">appleinsider.com\/\u2026<\/a><br \/>\n> &#8220;\u2026 the UK has agreed to drop its mandate for Apple to provide a &#8220;back door&#8221; that would have enabled access to the protected encrypted data of American citizens and encroached on our civil liberties.&#8221; \u2014 Gabbard<\/li>\n<li>\ud83c\uddec\ud83c\udde7 The Financial Times, who have been the ones leading the reporting on this story from the start with what appears to be excellent sources added a lot of confusion by sharing fresh reporting on a secret court filing they have seen \u2014 <a href=\"https:\/\/appleinsider.com\/articles\/25\/08\/29\/uk-icloud-data-demand-wanted-far-more-than-the-worlds-messages\">appleinsider.com\/\u2026<\/a><br \/>\n> \u2026 new court filings seen by the Financial Times show that Apple&#8217;s appeal against the demand is continuing. It&#8217;s not clear whether the documentation reflects the original demand, or whether the UK has actually not rescinded the order \u2026 The IPT filing is in preparation for a court case between Apple and the UK government, which is not scheduled to take place until early 2026. It&#8217;s possible that the reports of the UK backing down mean that Apple&#8217;s appeal is not necessary, and it may not go ahead \u2026 there is a canary in the coal mine. If Apple does not turn back on Advanced Data Protection for UK users \u2014 and so far it has not \u2014 then the case is continuing. And so is the UK&#8217;s attempt to gain backdoor access.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Deep Dive(s)<\/h2>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/apple\/apple-emergency-updates-fix-new-actively-exploited-zero-day\/\">Apple fixes new zero-day flaw exploited in targeted attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a> (iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8 &amp; macOS Ventura 13.7.8)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/whatsapp-patches-vulnerability-exploited-in-zero-day-attacks\/\">WhatsApp patches vulnerability exploited in zero-day attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>Docker Desktop Users on Windows:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts\/\">Critical Docker Desktop flaw lets attackers hijack Windows hosts \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li>An example of why you need to be careful giving AI the power to <strong>do<\/strong> things (i.e., the risks of <em>agentic<\/em> AI): <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/perplexitys-comet-ai-browser-tricked-into-buying-fake-items-online\/\">Perplexity\u2019s Comet AI browser tricked into buying fake items online \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>An example that shows that attackers are now succeeding with <em>&#8216;click-fix&#8217;<\/em> type scams against Mac users: <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fake-mac-fixes-trick-users-into-installing-new-shamos-infostealer\/\">Fake Mac fixes trick users into installing new Shamos infostealer \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/transunion-suffers-data-breach-impacting-over-44-million-people\/\">TransUnion suffers data breach impacting over 4.4 million people \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>This is one of the so-called <em>big three<\/em> credit reporting agencies!<\/li>\n<li>We are lacking usable detail; apparently, the data was *&#8217;limited&#8217; and did not include actual credit reports<\/li>\n<li><strong>Note:<\/strong> there really is a spike in data breaches ATM, and the common cause is insecure back-end connections to Salesforce, a so-called <em>supply chain attack<\/em>.<\/li>\n<li>If you want to understand how these credit reporting agencies came to exist, listen to <a href=\"https:\/\/www.npr.org\/sections\/money\/2017\/10\/06\/556212654\/episode-798-bad-credit-bureau\">Planet Money Episode 798: Bad Credit Bureau<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li><a href=\"https:\/\/appleinsider.com\/articles\/25\/08\/21\/meta-accused-of-inflating-ad-results-dodging-apple-privacy-rules\">Meta accused of inflating ad results &amp; dodging Apple privacy rules \u2014 appleinsider.com\/\u2026<\/a> \ud83c\uddec\ud83c\udde7<br \/>\n<blockquote><p>\n  A filing at the Central London Employment Tribunal, reported by The Financial Times, suggests Meta didn&#8217;t play by Apple&#8217;s rules. Former product manager Samujjal Purkayastha alleges the company used &#8220;deterministic matching&#8221; to link data across platforms \u2026  That means identifiable details, not anonymous signals, were tied together to track behavior without consent. If true, Meta found a a back door through Apple&#8217;s privacy wall.\n<\/p><\/blockquote>\n<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/appleinsider.com\/articles\/25\/08\/21\/ftc-draws-hard-line-on-foreign-driven-censorship-data-demands-for-big-tech\">FTC draws hard line on foreign-driven censorship &amp; data demands for Big Tech \u2014 appleinsider.com\/\u2026<\/a><br \/>\n<blockquote><p>\n  On August 21, 2025, FTC Chairman Andrew N. Ferguson sent formal letters to over a dozen technology companies. The recipients included major firms like Apple, Microsoft, Meta, Alphabet, and Amazon \u2026 The letters emphasized their responsibility to safeguard the privacy and data security of Americans. They also reminded the companies that this duty remains even when foreign governments request compliance.\n<\/p><\/blockquote>\n<ul>\n<li>The primary thrust of the letter is that US companies can&#8217;t lie in their TOS \u2014 if they promise end-to-end encryption, they can&#8217;t add secret back doors, even if a foreign government demands it (based on Article 5 of the Federal Trade Act)<\/li>\n<li>There is also language about not impinging on Americans&#8217; free speech, but it&#8217;s much less emphasised (<strong>Editorial by Bart:<\/strong> almost reads like an afterthought, perhaps directed more at the Oval Office than the corporate boardrooms).<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/google-to-verify-all-android-devs-to-block-malware-on-google-play\/\">Google to verify all Android devs to protect users from malware \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>This covers all apps, including side-loaded apps<\/li>\n<li>Purely developer identity verification, not app notarisation like Apple does.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Bart:<\/strong>\n<ul>\n<li>A fun game to show rather than tell just how nuts the official email address specification really is \u2014 <a href=\"https:\/\/e-mail.wtf\/\">e-mail.wtf\/\u2026<\/a> (via fellow Cross-pond-chit-chatter Adam Engst)<\/li>\n<li>\ud83c\udfa6 A spectacular video explaining the stunning tech inside Apple&#8217;s tiny ear buds, and why knockoffs are always worse: <a href=\"https:\/\/nebula.tv\/videos\/realengineering-the-hidden-design-of-the-apple-airpod\/\">The Hidden Design of the Apple Airpod \u2014 nebula.tv\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. \ud83c\uddfa\ud83c\uddf8 The leaked data from the Allianz Life breach discussed last time has been added to Have-I-Been-Pwned, so you can now check if you are affected \u2014 www.bleepingcomputer.com\/\u2026 There have been confusing developments in [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[7586,3434,2023,4927,114,7585,7584,7067],"class_list":["post-34440","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-credit-reporting","tag-docker","tag-ftc","tag-meta","tag-privacy","tag-transunion","tag-uk-encryption","tag-zero-day-2"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34440","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=34440"}],"version-history":[{"count":1,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34440\/revisions"}],"predecessor-version":[{"id":34441,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/34440\/revisions\/34441"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=34440"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=34440"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=34440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}