Security Medium 1 — HP’s Accidental Keylogger Some HP laptops shipped with a keyboard driver from Synaptics in which a developer debugging feature was accidentally left enabled. The effect of this mistake is that the driver has built-in support for logging all keystrokes via WPP (a debugging tool that’s built into Windows). This sounds bad, […]
Continue readingTag: security bits
NC #657 Making Holiday Labels, Pocket Casts vs Downcast, Patreon Changes, Security Bits
Tom Merritt was on Chit Chat Across the Pond to talk net neutrality. I confess that after all my “I have made fire” talk about writing a script for chapter marks, it didn’t actually work. Learn how to make Holiday Card Address Labels using plain old Apple Contacts. Rush Sherman asks our first ever video […]
Continue readingSecurity Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption
Security Medium 1 — macOS High Sierra Root Bug A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password. To trigger this bug all you had to do was go into the control panel, click […]
Continue readingNC #655 Follow Up on Chapters, Reader View and Adding Workouts, Show Hidden Files, Mind Map iOS 11 Settings, Security Bits
I’m still working on how to get chapters in the podcast (this show might have them!) Follow up tips from Mike Price and Kaylee Dayo on Reader View. How Sandy and Allister saved Thanksgiving with their tip on saving a workout from last week. Bart brings us a Tiny Tip on a trivially easy way […]
Continue readingSecurity Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips
Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail. What the hackers really […]
Continue readingNC #653 iOS Clean Install, iPhone X Second Look, Animoji Karaoke, Hue Motion Sensor, Security Bits
Possible replacement for Clarify (but maybe we don’t need it), a clean install tip for iOS from Joop Bruggink, a second look at iPhone X after a bit more time, my attempt at Animoji Karaoke, Denise Crown brings us her review of the Hue Motion Sensor. Then we have an installment of Security Bits with […]
Continue readingSecurity Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit
Security Medium 1 — Canvas Fingerprinting Before we look at canvas finger printing, I just want to set the scene with a reminder of one of the most fundamental truths about how the web was designed – each web page load is an independent event. Because that meant websites had no memory of anything that […]
Continue readingSecurity Bits – Child Smart Watches, IRS Not Worried about Equifax, Microsoft Office DDE, Eltima Hacked
Notable News A report from the Norwegian Consumer Council finds that smart watches aimed at kids are a security and privacy train wreck — nakedsecurity.sophos.com/… The head of the IRS in the US tells reporters Americans should assume their identity has been stolen and act accordingly — nakedsecurity.sophos.com/… IRS freezes its fraud prevention contract with […]
Continue readingNC #650 Resetting People Album in Photos, Grammarly, KRACK and ROCA in Security Bits
Bart was on the Phileas Club this week to talk about Ireland, and I was on Daily Tech News Show with Sarah Lane. Rick from Baltimore joins us with his first audio submission, where he tells us about how he discovered how to reset the People album in Apple Photos. I’ve found a tool called […]
Continue readingSecurity Bits – 22 October 2017
Security Medium 1 – WPA WiFi Encryption Develops KRACKs This week started with a big security news announcement (responsibly disclosed, which is nice). Security researchers at the Belgian university KU Leuven revealed a collection of related attacks against the WPA2 protocol (WiFi Protected Access version 2). The problem at the root of these attacks was […]
Continue reading