@CrashNBurns@infosec.exchange Ooof. I wonder if it’s available in some states though, for example California? They have https://oag.ca.gov/privacy/ccpa

This here is the prime example of why we must stay vigilant about the collection and dissemination of personal information.

Also, while this article only mentions “algorithm”, it’s not difficult to predict that AI models are or will be used for this kind of task.

AI advocates often claim that any plans to regulate AI are just a hindrance to progress. I will take regulation if it will stop this kind of madness.

@jerry It largely depends on how well the initial impact is cleaned up. I’m hoping we won’t see a ton of backdoors in various components next.

The httpget 0.2 doesn’t quite work in the form it was uploaded.

First it uses hardcoded argv, argc instead of getting from the app invocation (as args in main, the code uses void main).

Second obtaining any data from the socket will result in the app stopping and leaving behind an empty file (if (nread) break;).

This program could never download anything. It is likely some work in progress or modified test version of httpget. Since it includes some windows specific headers and has disabled the unix ones I can only presume it was some earlier attempt to get the tool running on windows.

So while the code has a local stack buffer overflow it can’t be triggered for this early version.

If this trend continues, we will be losing the ability to use secure means of communication with UK friends and colleagues. For example, #signalapp will rather get out of the UK than add backdoors: https://www.bbc.com/news/technology-64584001

“#Nordnet admits that it was possible to trade in other people’s depots during the IT breakdown”

https://www.marketscreener.com/quote/stock/NORDNET-AB-115787339/news/Nordnet-admits-that-it-was-possible-to-trade-in-other-people-s-depots-during-the-IT-breakdown-49034492/

#Nordnet services appear to be back.

Nordnet has a lot of technical issues to sort out. If the malfunction allowed unauthorized parties to operate the accounts it will be quite messy to sort out.

Among with technical part, they will have to deal with the regulatory issues, in particular the Financial Supervisory Authority. They will demand answers.

@SatyrSack@feddit.org Curl will likely address this eventually even though they don’t consider it a vulnerability. See https://github.com/curl/curl/issues/16197

The latest curl version 8.12.0 (released today) is affected.

The details of the #AMD Microcode Signature Verification #Vulnerability are out:

• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html
• https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w

#infosec #infosecurity #cybersecurity

So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation “DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende” gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s

@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn’t seem to be going great here.

Update: The “PeCoffLoader memory overflow issue for security” likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796

I had actually forgotten I still had Docker installed on this system. I’ve now fixed this issue by uninstalling the malicious app. I’m using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!

@g@irrelephant.co Oof, that’s not good at all.

@pancake@infosec.exchange it’s restricted for other than macOS, it seems. In macOS it worked fine with location in Finland.

So far all my Apple Intelligence tests have been using a local model. The privacy report from Setting > Privacy & Security > Apple Intelligence Report > Export Activity generates JSON with:

{
“modelRequests”: [],
“privateCloudComputeRequests”: []
}

#appleintelligence #privacy

@pancake@infosec.exchange Really? It works for me and I’m in Finland, part of European Union. My account is indicates this as well.

Here’s a way to check if the #Spotlight searches are being shared with #Apple from the command line:

defaults read com.apple.assistant.support “Search Queries Data Sharing Status”

The values are:

1 - Enabled (data is being shared)
2 - Disabled (data is not shared)

NOTE: I do not know if there are other possible values, or what happens if the key is missing.

From “About Search & Privacy…”:

"Search and Privacy

Search is designed to protect your information and enable you to choose what you share.

To Make Search Results More Relevant, Some Information Is Sent to Apple and Not Associated with You

When you use Look Up or Visual Look Up, when you type in Search, Safari search, #images search in Messages, or when you invoke Spotlight, limited information will be sent to Apple to provide up-to-date suggestions. Any information sent to Apple does not identify you, and is associated with a 15-minute random, rotating device-generated identifier. This information may include location, topics of interest (for example, cooking or basketball), your search queries, including visual search queries, contextual information related to your search queries, suggestions you have selected, apps you use, and related device usage data. This information does not include search results that show files or content on your device. If you subscribe to music or video subscription services, the names of these services and the type of subscription may be sent to Apple. Your account name, number, and password will not be sent to Apple.

You can also search using Siri, such as by asking Siri to look up general knowledge or do things like get directions. When you use Siri, the transcript of your request and other data may be sent to Apple to process your request and may be stored. You can learn more about how Siri handles your data by going to Settings > Apple Intelligence & Siri.

Information sent to Apple related to your searches is used to process your request and to develop and improve search results, such as by using your search queries to fine-tune Search models. It is not linked to your Apple Account or email address.

Aggregated information may be used to improve other Apple products and services. Apple may also send a limited, randomly sampled set of search queries to search tools for the purpose of evaluating and improving the performance and quality of Search.

Search Engine Suggestions in Safari

Safari has a single field for searches and web addresses so you can browse the web from one convenient place. When Search Engine Suggestions are enabled, Safari will ask your selected search engine for suggestions based on what you’ve typed.

Preload Top Hit in Safari

With Preload Top Hit enabled, as soon as Safari determines a Top Hit based on your bookmarks and browsing history, Safari will begin loading the webpage in the background. If you disable this option, the page will load normally.

You Have Choice and Control

If you do not want your search queries to be stored by Apple and used to improve Search, you can disable Improve Search by going to Settings > Search and tapping to turn off Improve Search. Searches you make through Siri will still be stored and used to improve Siri if you have enabled Improve Siri & Dictation. You can disable Improve Siri & Dictation by going to Settings > Privacy & Security > Analytics & Improvements and tapping to turn off Improve Siri & Dictation.

If you do not want web-based content and search results, you can disable “Show in Look Up” and “Show in Spotlight” by going to System Settings > Search and tapping to turn off those features.

You can disable Safari Suggestions in Safari by going to Safari > Settings > Search and deselecting Include Safari Suggestions.

You can disable Location Services for Search by going to System Settings > Privacy & Security > Privacy > Location Services, then clicking Details next to System Services and turning off Suggestions & Search. If you turn off Location Services on your device, your location will not be sent to Apple.

Apple may process and store the information that is sent to Apple with trusted third-party service providers.

By using Siri Suggestions in Search, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information. At all times, information collected by Apple will be treated in accordance with Apple’s Privacy Policy, which can be found at www.apple.com/privacy."

#apple #privacy