Fuller details have now been published about the EFAIL vulnerabilities in PGP and S/MIME email encryption, at the […]
vulnerability
A major vulnerability has been revealed, and will be detailed very shortly, affecting mail encryption using PGP/GPG and […]
While we were getting worried about Signal’s notifications leak, POPSS was quietly making almost every major operating system vulnerable – because of poor documentation.
Frustrated by the lack of information in Apple’s security release notes? You’re not alone. Over the last year, they have become almost worthless.
High Sierra 10.13.4 may have stopped leakage of APFS encryption passphrases, but that is only a small part of an accident chain going back many years.
I wrote yesterday that macOS High Sierra 10.13.4 finally fixes the leakage of APFS encryption passphrases into the […]
The latest update to High Sierra, bringing it to 10.13.4, does fix the bug discovered by Sarah Edwards […]
Did Apple keep quiet for more than 3 months about the leak of encryption passphrases into High Sierra’s log files?
I previously described a serious vulnerability in macOS High Sierra versions to 10.13.1 which was discovered by Sarah […]
How good is the new unified log’s privacy? Does it live up to Apple’s goal of designing privacy into the system, or is it easily beaten? And how did passwords leak into the log?
