Followups We looked at WebAuthn, a new protocol for password-less authentication on the web in a Security Medium back in April. At that stage Microsoft had committed to adding support for the protocol to their Edge browser in the future, they’ve followed through, adding support to Insider (think beta) version of Windows 10. If testing […]
Continue readingTag: security bits
Security Bits – USB Protected Mode, Exactis Breach
Followups 🇪🇺 EU Copyright Directive: Italy Wikipedia shuts down in protest at EU copyright law — www.bbc.com/… Copyright Directive legislation voted down by European Parliament — nakedsecurity.sophos.com/… (This is not the end of this legislation, but it is a significant setback.) Spectre/Meltdown Another variant has been discovered, but it’s similar enough to previous ones that […]
Continue readingSecurity Bits – Mostly Good News
Followup Following on from security breaches at the 3rd-party companies all American cell phone companies were sharing real-time location data with, Verizon have announced they are ceasing all location data sharing (the other carriers have ended their relationships with some specifics companies, but not globally like this) — krebsonsecurity.com/… GDPR Fallout & Experiences: The Norwegian […]
Continue readingListening to Bart Really Pays Off
Bart has been teaching you and me for many years now. Between his Taming the Terminal series and now his Programming By Stealth series, he’s attempted to cram vast amounts of knowledge into our brains. My father used to say that children are like wine bottles – you should pour as much information into them […]
Continue reading
NC #684 MacBook Keyboard, HashPhotos, Security Bits
Thanks for giving us a few extra days with Steve’s dad before publishing the show. We’ll start out with a rant by me against everyone who has declared the butterfly keyboard on the newer MacBooks as bad, then I’ll tell you about an amazing photo app for iOS called HashPhotos from BeyondF. Bart is back […]
Continue readingSecurity Bits – USB Restricted Mode, Apple’s Focus on Security in OS Announcements
Followups Telegram have now been able to update their apps on Apple’s non-Russian app stores — nakedsecurity.sophos.com/… The VPNFilter malware/botnet story continues to evolve as security researchers find more router makes and model are affected. Additions to the list include routers by Asus, D-Link, Huawei & ZTE — www.zdnet.com/…, nakedsecurity.sophos.com/… & www.imore.com/… 🇺🇸 As anticipated, […]
Continue readingNC #682 Vectornator Pro, Tiny Tip to Dim Your Screen, Apple Heart Study, Security Bits
We’ll be in the live chatroom during the WWDC Keynote – join us! I also hope you’ll come to Macstock Expo in July, and to help it be more affordable use coupon code PODFEET. The free Vectornator Pro for iPad (and iPhone) is an amazing vector design program and I’ll tell you all about it. […]
Continue readingSecurity Bits – VPNFilter, CallKit Removal in China, No Telegram Updates in App Store, End of Flash & Silverlight, Papua New Guinea Turns Off Facebook
Followups Spectre & Meltdown Details have been released of a new Spectre variant named Speculative Store Bypass, or SSB. The vulnerability affects AMD, ARM & Intel chips. Thankfully it can be mitigated quite easily, so it’s just a matter of applying software, OS, firmware, and microcode updates as they are released — arstechnica.com/…
Continue readingNC #680 Keep It, Backblaze B2, Airtable, Security Bits
There won’t be a live show next week, and the NosillaCast will be out on Tuesday instead of Sunday (sorry guys). Check out the tutorial I did on Keep It for ScreenCasts Online at screencastsonline.com. We’ve got another of Steve’s videos from NAB, this time from Backblaze about their B2 cloud storage. Then I’ll tell […]
Continue readingSecurity Bits – Efail, 4th Amendment, Glitch & ThrowHammer, Black Dot & Text-Bomb
Security Medium — The Efail Email Encryption Vulnerability The latest bug with a cool name and a cute logo is Efail, a mashup of the words email and fail. The bug affects encrypted email sent with both of the common email encryption protocols S/MIME & PGP/GPG. Under certain circumstances, the bug allows an attacker to […]
Continue reading