#Apple Patches a Small, But Glaring Bug in macOSA new bug discovered in macOS High Sierra would allow an attacker to change your App Store system preferences without knowing your account password. But researchers found a flaw in WhatsApp, which is end-to-end encrypted by default, that would allow an attacker to join a private group chat and manipulate the notifications about their entrance so group members aren't necessarily aware that they are an interloper. Skype is going to start offering end-to-end encryption as an opt-in feature, which will bring the protection to the service's 300 million users (though the security industry likely won't be able to vet whether Skype's encryption implementation is actually robust). In other secret surveillance news, a report by Human Rights Watch details legal techniques law enforcement officials use to avoid revealing some of their sketchier investigative tools. On Thursday, Congress re-authorized warrantless surveillance initiatives under Section 702 of the 2008 FISA Amendments Act, rejecting reform proposals and instead expanding the scope of the dragnet for six years. Dozens of patches are now floating around to try to defend devices against attacks that might exploit the vulnerabilities, but a significant amount of time and resources has gone into vetting and installing the patches, because they slow processors down and generally take a toll on systems in some situations. WIRED took an in-depth look at the parallel sagas that caused four research teams to independently discover the bugs within months of each other. The fallout of the widespread Meltdown and Spectre processor vulnerabilities continued this week.
0 kommentar(er)
