Feedback & Followups
- Zoom says it’ll provide end-to-end encryption even for free users now — thenextweb.com/…
- COVID Exposure Notification/Contact Tracing Apps continue to be developed around the world with continued varying levels of success:
- Amnesty International warn that some Gulf states are abusing COVID19 apps for mass surveillance — www.theverge.com/…
- 🇺🇸 NY Attorney General calls for stricter rules on contact tracing apps — www.imore.com/…
- 🇦🇺 Critical flaw discovered in Australia’s iOS COVIDSafe app — www.imore.com/…
- 🇬🇧 The UK seems to have finally given in to the inevitable, and are changing course to develop an app using Apple & Google’s API in the hope of getting something that works out ‘before the winter’. They did not change their approach with good grace, and made claims that are difficult to interpret and have been rejected by Apple:
- 🇩🇪 Germany releases Apple and Google-based contact tracing app — www.imore.com/…
- 🇨🇦 Canada launches contact-tracing app built with Apple/Google technology — www.imore.com/…
- Social Media companies continue to adapt:
- Facebook creates fact-checking exemption for climate deniers – Popular Information — popular.info/…
- 🇺🇸 💵 Facebook Removes Trump Campaign Ads With Symbol Once Used by Nazis to Designate Political Prisoners — daringfireball.net/…
- Facebook will warn users against sharing old news articles — www.imore.com/…
- 🇺🇸 Facebook announces huge changes to political ads on its platform — www.imore.com/…
- Google continue to struggle to keep the Google Play Store clean: More ad fraud apps found hiding on Google Play Store — nakedsecurity.sophos.com/…
- 🇺🇸 Thanks to Senator Wyden we now know a little but more about how the so-called Vault7 leak of CIA documents and hacking tools happened (really shoddy security practices and lots of shadow IT) — krebsonsecurity.com/…
❗ Action Alerts
- Adobe released out-of-band patches for their creative tools — nakedsecurity.sophos.com/…
- Patch time! NVIDIA fixes kernel driver holes on Windows and Linux — nakedsecurity.sophos.com/…
- This month’s Windows updates came with a sting in the tail for some users, a bug preventing printing, Microsoft have now issued a fix for hardware printers, but problems remain with printing to PDF for some users — nakedsecurity.sophos.com/…
Worthy Warnings
Notable News
- Security researchers have released preliminary details of a bug in a TCP/IP library used by many network & IoT devices that can be silently remotely exploited. They’ve given the bug the catchy name Ripple20. The original library has been patched, but getting patches out to the millions of affected devices will be difficult — nakedsecurity.sophos.com/…
- The researcher’s overview including a table of vendors broken into “Not Affected”, “Confirmed” (definitely affected), and “Pending” (work in progress) — www.jsof-tech.com/…
- 🇺🇸 Daring Fireball: Senate Republicans Propose Law to Outlaw End-to-End Encryption — daringfireball.net/…
- 🇺🇸 ‘BlueLeaks’ exposes sensitive files from hundreds of police departments — nakedsecurity.sophos.com/…
- 🇺🇸 The US government have announced plans for require HTTPS on all .gov websites — nakedsecurity.sophos.com/…
- Intel have released technical details of two new security features, a shadow stack and indirect branch tracking, that will be included in future chip designs. The pair of new features have been branded CET for Control-flow Enforcement Technology — nakedsecurity.sophos.com/…
- Apple’s WWDC revealed some interesting new security and privacy features to look forward to this autumn (or Fall if you must 😉):
- macOS Big Sur and iOS 14 – New security and privacy features — www.intego.com/…
- iOS 14 & macOS Big Sur both get both DoH & DOT support: Apple Adds Encrypted DNS Support to iOS 14, macOS 11 — www.macobserver.com/…
- iOS 14, macOS Big Sur, Safari to give us ‘No, thanks!’ option for ad tracking — nakedsecurity.sophos.com/…
- With iOS 14, you’ll be told when an app reads your clipboard — www.imore.com/…
- iOS 14: New privacy tool lets you give an app access to a single photo rather than your whole library — www.imore.com/…
- Apple adds encrypted drive support to Files with iOS 14 and iPadOS 14 — www.imore.com/…
- Craig Federighi talks Apple’s privacy news at WWDC in new interview — www.imore.com/…
- Related Opinion: Apple Privacy in 2020: Why you’ll want these features right now — www.imore.com/…
- Related: Should you sign up for the iOS, iPadOS, macOS, and tvOS public betas? — www.imore.com/…
Top Tips
Excellent Explainers
- Anatomy of a survey scam – how innocent questions can rip you off — nakedsecurity.sophos.com/…
- 🎧 Short Wave: Tech Companies Are Limiting Police Use of Facial Recognition. Here’s Why — overcast.fm/… (~15min)
Interesting Insights
- Cybercriminals are moving to a new technique for extracting money from businesses: You’ve heard of sextortion – now there’s “breachstortion”, too — nakedsecurity.sophos.com/…
- 🎧 The Real Story: Is this the internet we always wanted? — overcast.fm/… (~50min)
Just Because it’s Cool 😎
Palate Cleansers
Legend
When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.
| Emoji | Meaning |
|---|---|
| 🎧 | A link to audio content, probably a podcast. |
| ❗ | A call to action. |
| flag | The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country. |
| 📊 | A link to graphical content, probably a chart, graph, or diagram. |
| 🧯 | A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂 |
| 💵 | A link to an article behind a paywall. |
| 📌 | A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future. |
| 🎩 | A tip of the hat to thank a member of the community for bringing the story to our attention. |