Matt Baer @matt

358 posts240 participants48 posts today

**Texas Observer** @TexasObserver@texasobserver.social · 1h *

Texas Observer @TexasObserver@texasobserver.social

New from Francesca D'Annunzio: Under Governor Greg Abbott's multi-billion dollar border security bonanza, Operation Lone Star, the Rio Grande no longer holds back law enforcement efforts. Today's digital border reaches across Texas and beyond. https://www.texasobserver.org/texas-dps-surveillance-arsenal-artificial-intelligence-lege/

This story is presented in partnership with the Pulitzer Center.

#surveillance #tech #SocialMedia

**BSD Security Advisories** @bsd@mastodon.bot · 1h *

1h *

BSD Security Advisories @bsd@mastodon.bot

OpenBSD 7.6 // EXPAT // ERRATA 011

Date: April 1, 2025
Name: 011_expat.patch
Description: In libexpat fix regression of behavior introduced by previous errata.
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.6/common/011_expat.patch.sig

#OpenBSD #Security #Update

**Pete Prodoehl** @rasterweb@mastodon.social · 1h

Pete Prodoehl @rasterweb@mastodon.social

So here's a question... an iPhone has a thing where you can "Erase All Content and Settings" which I assume does just that.

Let's say someone is concerned with the authorities taking their phone. How much would the erasing protect the person's data & information?

And let's say the person's phone is *not* taken by authorities, could the person just restore it later from a previous backup?

#security #iOS #iphone

**ApplSec** @applsec@infosec.exchange · 2h

ApplSec @applsec@infosec.exchange

EMERGENCY UPDATES

Apple pushed additional updates for 3 zero-days that may have been actively exploited.

CVE-2025-24200 (Accessibility) additional patches,
CVE-2025-24201 (WebKit) additional patches:
- iOS and iPadOS 15.8.4
- iOS and iPadOS 16.7.11

CVE-2025-24085 (CoreMedia) additional patches:
- iPadOS 17.7.6
- macOS Sonoma 14.7.5
- macOS Ventura 13.7.5

#apple #cybersecurity #infosec

**ApplSec** @applsec@infosec.exchange · 2h

ApplSec @applsec@infosec.exchange

FIXED IN iOS and iPadOS 18.4

- 7 bugs in WebKit
- 5 bugs in Siri
- 4 bugs in Safari
- 3 bugs in libxpc
and 43 other vulnerabilities fixed
https://support.apple.com/en-us/122371

Apple SupportAbout the security content of iOS 18.4 and iPadOS 18.4 - Apple SupportThis document describes the security content of iOS 18.4 and iPadOS 18.4.

#apple #cybersecurity #infosec

**ApplSec** @applsec@infosec.exchange · 2h

ApplSec @applsec@infosec.exchange

NEW SECURITY CONTENT

Apple SupportAbout the security content of macOS Sequoia 15.4 - Apple SupportThis document describes the security content of macOS Sequoia 15.4.

#apple #cybersecurity #infosec

**The Privacy Foundation** @theprivacyfoundation@mastodon.social · 2h *

2h *

The Privacy Foundation @theprivacyfoundation@mastodon.social

Thanks for allowing the long detour of a thought experiment at https://mastodon.social/@theprivacyfoundation/114258140266536566 Comments on that post are off to allow for train of thought.

From a #privacy and #security perspective, it is a unique challenge. Even though it's all hypothetical, one can ponder self protection opportunities and apply safety ideas within legal boundaries to their own needs.

There are no universal situations or solutions to keep people safe. Think on your own situation. How do you stay safe?

#immigration

**Lobsters** @lobsters@mastodon.social · 2h

Lobsters @lobsters@mastodon.social

The Evolution of HTTPS Adoption in Firefox https://lobste.rs/s/dcbnlm #browsers #privacy #security
https://attackanddefense.dev/2024/03/31/https-first-in-firefox-136.html

lobste.rsThe Evolution of HTTPS Adoption in Firefox | Lobsters

**The Privacy Foundation** @theprivacyfoundation@mastodon.social · 2h *

2h *

The Privacy Foundation @theprivacyfoundation@mastodon.social

Thought experiment: What could a person do to protect themselves from deportation or harm from authoritarian regimes?

Totally hypothetical.

This thread will have comments off.

#privacy #security #thought

**TechHelpKB.com** @techhelpkb@mastodon.social · 3h

TechHelpKB.com @techhelpkb@mastodon.social

A passkey is a secure, easy-to-use replacement for passwords. It uses your device's built-in security (Face ID, fingerprint, PIN, etc.) to log you into a website or service, without requiring you to remember or type anything.

#passkey #password #security
https://www.techspot.com/article/2971-passkeys-explainer/

TechSpotAre Passwords Dead? What Are Passkeys, and Why Everyone's Talking About ThemTired of forgetting passwords and getting locked out of your accounts? Passkeys offer a simpler, safer way to log in---no passwords, no frustration, just a quick scan...

**Prof. Dr. Dennis-Kenji Kipker** @kenji@chaos.social · 3h

Prof. Dr. Dennis-Kenji Kipker @kenji@chaos.social

Warum wir unbedingt mehr "#Security by Design" brauchen: Das #Krankenhausinformationssystem (KIS) ist das Kernstück der digitalen Gesundheitsdatenverarbeitung.
Das #BSI hat zum Thema eine neue Studie veröffentlicht, bei der die #Cybersecurity des KIS untersucht wird. Fazit: Es wurden signifikante Schwachstellen wie die unsichere Übertragung von Daten, die unsichere Speicherung und Verwaltung von Passwörtern sowie die unsichere Verteilung von Software-Updates festgestellt:
https://www.bsi.bund.de/DE/Service-Navi/Presse/Alle-Meldungen-News/Meldungen/SiKIS_250327.html

**Miguel Afonso Caetano** @remixtures@tldr.nettime.org · 4h

Miguel Afonso Caetano @remixtures@tldr.nettime.org

"Recently, the editor in chief of The Atlantic found himself in a group chat on Signal, in which president Trump's national security team discussed a military operation in Yemen. This immediately became SignalGate.

Here I present the secure government equipment and networks that Trump's team should have used instead of an app on their (personal) smartphones. It will also become clear why the Trump team prefers using Signal."

https://www.electrospaces.net/2025/03/the-equipment-that-trumps-national.html

www.electrospaces.netThe equipment that Trump's national security team should have usedA weblog about Signals Intelligence, Communications Security and top level telecommunications equipment

#USA #Trump #Intelligence

**Peter Gleick** @petergleick@fediscience.org · 4h

Peter Gleick @petergleick@fediscience.org

I describe here 4 decades of US defense/intelligence reports on the threat of #climatechange to national security.

https://www.gleick.com/blog/a-history-of-u-s-defense-intelligence-and-security-assessments-of-climate

The new 2025 report from Trump's Office of the Director of National Intelligence explicitly censors out ANY mention of #climate change threats to #peace and #security or to the operations and bases of US #military. This is political interference with intelligence analysis.

https://www.dni.gov/index.php/newsroom/reports-publications/reports-publications-2025/4058-2025-annual-threat-assessment

A History of U.S. Defense, Intelligence, and Security Assessments of Climate ChangeA History of U.S. Defense, Intelligence, and Security Assessments of Climate ChangePeter H. Gleick In March 2019, the Trump Administration announced they were considering creating an ad hoc White House panel to dispute a long-series of national assessments of the

**𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕** @kubikpixel@chaos.social · 4h

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕 @kubikpixel@chaos.social

How to report a security issue in an open source project

So you’ve found a security issue in an open source project – or maybe just a weird problem that you think might be a security problem. What should you do next?
– from @jacob

https://jacobian.org/2025/mar/27/reporting-security-issues-in-oss/

jacobian.orgHow to report a security issue in an open source project - Jacob Kaplan-MossSo you’ve found a security issue in an open source project – or maybe just a weird problem that you think might be a security problem. What should you do next?

#opensource #repost #security