The next polla will use passkeys.
Glorious post by Signal (the secure messaging app) founder about shady hacking company Cellebrite and their main product’s lack of security.
Booby trapped apps FTW!
“Apple makes it easy to connect and share your life with the people closest to you. What you share, and whom you share it with, is up to you — including the decision to make changes to better protect your information or personal safety.
If you’d like to revisit what you share with other people, or restore your device’s original settings for any reason, this guide can help you understand what information you are sharing via your Apple devices, and how to make changes to protect your safety. It includes step-by-step instructions on how to remove someone’s access to information you’ve previously granted: from location data on the Find My app, to meetings you’ve scheduled via Calendar.
If you’re concerned that someone is accessing information you did not share from your Apple device, this guide will also help you identify risks, and walk you through the steps to help make the technology you rely on as private and secure as you want it to be.”
Nice idea. Can’t really wait on the web to adopt sane password practices so the pragmatic idea is to consolidate knowledge for the biggest websites.
Let's try and not use Zoom because
- They don't care about your privacy
- They don't care about your security
- They lie to you
- They are not trustworthy
Great article, and WOW.
A comment on related article on ArsTechnical had something interesting to say:
Why government regulations are always talked about as a Bad Thing, without being vocally and vociferously challenged by others amazes me. Many of these regulations are written in blood, or were put in place by deep thoughtful consideration by engineers advising regulators.
Cool visualization of largest known breaches since 2004.
So who’s lying (or got it wrong?) Bloomberg or The rest of the world?
List of top websites in the world that still don't use secure connections. Maybe if you shame them, they will fix it?
See if any of your passwords has been seen in a previous security breach.
There's a good chance that 1Password will integrate this into their excellent password manager.
Fascinating story behind the bugs and their disclosures. For me personally due to my line of work, these are a big deal.
Real time map of online attacks as seen by Norse.
Best practices for online passwords. It's kind of crazy how bad so many online services are about this stuff. Including tech companies.
This is a pretty darn good idea, for someone who is tech savvy and distrustful of ISPs.
I know of several non-technical people with great "tech business ideas" say that they can just hire cheap developers in India to implement their business. I always try to explain what a terrible idea that is unless you have someone they trust and who can provide technical oversight to the project. This is an example of how things can go horribly wrong.
Black-hat hackers pull off some incredibly clever stuff. This one is specially cool. But the weakness of credit card security surely doesn't help.
Nice overview of how iMessage security works, in a way that not even Apple can intercept messages. Interesting in view of WhatsApp's recent announcement of encryption and all the FBI / hacking hoopla.
This is crazy. BlackBerry built a backdoor to its BlackBerry messages service AND shared it with the Canadian police. This is a huge breach of trust from a company that advertised its secure devices, with millions of customers who bought BlackBerries partly due to that reason.
If the Canadian government had it, what makes anyone think that other governments didn't have access to it? They may have obtained it through RIM's (now BlackBerry) cooperation or without through hacking or old-school espionage. Think about it, in the early and mid 90's practically all heads of state including Obama used BBM.
They deserve to be sued by their former customers. This underscores why Apple and other tech companies need to resist against building such backdoors into their products.
Anyone interested in the Apple vs FBI debate or in encryption/privacy/security in general in how it relates to government and law enforcement should read this.