Feedback & Followups
- Apple issues Rapid Security Response update for iOS 16.4.1, macOS 13.3.1 — appleinsider.com/…
- Related: A nice link to bookmark and send to friends and family who ask for more info: What Are Rapid Security Responses and Why Are They Important? — tidbits.com/…
- Another example of attackers turning their attention to the Mac – a Trojan pretending to be a PDF viewer named RustBucket by a group code-named BlueNoroff. BlueNoroff are tied to the infamous Lazarus Group who are almost certainly the North Korean government — www.intego.com/…
- More evidence has emerged that MSI really have lost critically important private keys, including some corresponding to unchangeable public keys burned into many of their motherboards. This nullifies the protections provided by BIOS Guard and Boot Guard, meaning malicious firmware can be installed by attackers with physical access to computers with MSI motherboards, and there is nothing that can be done to protect these computers. If you have an MSI motherboard, only install firmware you downloaded from the MSI website yourself — nakedsecurity.sophos.com/…
❗ Action Alerts
- It was Patch Tuesday this week and the many patches from Microsoft include some for actively exploited zero-days, so patch ASAP — krebsonsecurity.com/…
- Thankfully most home users don’t need to worry about the very messy Secure Boot patch (important for high-profile people and corporate IT) — nakedsecurity.sophos.com/…
Notable News
- Dr. Geoffrey Hinton, one of the pioneers of AI research (working on neural nets since the 70s!) has resigned from Google so he can dedicate his time to protecting the world from the dangers AI poses — appleinsider.com/…
- 💵 The pay-walled original NYT article: ‘The Godfather of A.I.’ Leaves Google and Warns of Danger Ahead — www.nytimes.com/…
- 🇺🇸 The FTC has started a process that could see the terms of the settlement the agency reached with Facebook/Meta in 2020 altered to prevent the company from releasing new data-based products until it actually complies with the terms of the settlement. Meta have 30 days to formally respond, but their initial PR response has been to attack the US government — appleinsider.com/…
- Tracked by hidden tags? Apple and Google unite to propose safety and security standards… — nakedsecurity.sophos.com/…
- Google rolls out support for passkeys across its services — appleinsider.com/…
Top Tips
Interesting Insights
- An excellent argument against stressing too much about Juice Jacking: Those scary warnings of juice jacking in airports and hotels? They’re mostly nonsense — arstechnica.com/…
Palate Cleansers
- In our Podfeet Slack under the #delete-me channel Ian Lessing posted a screenshot from a long time ago during an iPhoto library migration. There’s a tiny progress bar and above it, it says, “Time remaining: About 2147483647 hours”.
- While that got a good giggle, it was Allister Jenks’s response that tickled Allison.
- “That number can also be written as 2^31-1 which means it is the largest positive number in a 32-bit integer. In other words, it was not expecting it to take nearly 245 millennia, but in fact an infinite amount of time. It just couldn’t find the
wordsnumbers.”
Legend
When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.
| Emoji | Meaning |
|---|---|
| 🎧 | A link to audio content, probably a podcast. |
| ❗ | A call to action. |
| flag | The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country. |
| 📊 | A link to graphical content, probably a chart, graph, or diagram. |
| 🧯 | A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂 |
| 💵 | A link to an article behind a paywall. |
| 📌 | A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future. |
| 🎩 | A tip of the hat to thank a member of the community for bringing the story to our attention. |