If this trend continues, we will be losing the ability to use secure means of communication with UK friends and colleagues. For example, #signalapp will rather get out of the UK than add backdoors: https://www.bbc.com/news/technology-64584001

“#Nordnet admits that it was possible to trade in other people’s depots during the IT breakdown”

https://www.marketscreener.com/quote/stock/NORDNET-AB-115787339/news/Nordnet-admits-that-it-was-possible-to-trade-in-other-people-s-depots-during-the-IT-breakdown-49034492/

#Nordnet services appear to be back.

Nordnet has a lot of technical issues to sort out. If the malfunction allowed unauthorized parties to operate the accounts it will be quite messy to sort out.

Among with technical part, they will have to deal with the regulatory issues, in particular the Financial Supervisory Authority. They will demand answers.

I still occasionally write some m68k code and apps. These are from 2024:

- Execute code in #amiga color registers: https://sintonen.fi/src/colexec/colexec.asm
- RXS-M-XS 32bit->32bit Permuted Congruential Generator: https://sintonen.fi/src/misc/pcg_rand.asm
- Minimal modplayer (protracker music player): https://sintonen.fi/src/minimod/ (the replayer routine is mostly from Frank Wille however)

I also participated in very useless size/speedcoding competitions - some of them are still accessible from this old web page: https://amycoders.org/compo/

Note that some of the HTML is a bit broken, for example https://amycoders.org/compo/circlecompo.html - you can view source to see the full routine

#m68k #assembly #sizecoding #speedcoding

@[email protected] Curl will likely address this eventually even though they don’t consider it a vulnerability. See https://github.com/curl/curl/issues/16197

The latest curl version 8.12.0 (released today) is affected.

The details of the #AMD Microcode Signature Verification #Vulnerability are out:

• https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3019.html
• https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w

#infosec #infosecurity #cybersecurity

So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation “DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende” gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s

@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn’t seem to be going great here.

Update: The “PeCoffLoader memory overflow issue for security” likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796

I had actually forgotten I still had Docker installed on this system. I’ve now fixed this issue by uninstalling the malicious app. I’m using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!

@[email protected] Oof, that’s not good at all.

@[email protected] it’s restricted for other than macOS, it seems. In macOS it worked fine with location in Finland.

So far all my Apple Intelligence tests have been using a local model. The privacy report from Setting > Privacy & Security > Apple Intelligence Report > Export Activity generates JSON with:

{
“modelRequests”: [],
“privateCloudComputeRequests”: []
}

#appleintelligence #privacy

@[email protected] Really? It works for me and I’m in Finland, part of European Union. My account is indicates this as well.

@[email protected] Nah, but there’s another booze bottle in the game that is exact same alcvol as Koskenkorva. They are of course actively avoiding trademark issues by creating their own labels and trademarks for items.

Here’s a way to check if the #Spotlight searches are being shared with #Apple from the command line:

defaults read com.apple.assistant.support “Search Queries Data Sharing Status”

The values are:

1 - Enabled (data is being shared)
2 - Disabled (data is not shared)

NOTE: I do not know if there are other possible values, or what happens if the key is missing.

From “About Search & Privacy…”:

"Search and Privacy

Search is designed to protect your information and enable you to choose what you share.

To Make Search Results More Relevant, Some Information Is Sent to Apple and Not Associated with You

When you use Look Up or Visual Look Up, when you type in Search, Safari search, #images search in Messages, or when you invoke Spotlight, limited information will be sent to Apple to provide up-to-date suggestions. Any information sent to Apple does not identify you, and is associated with a 15-minute random, rotating device-generated identifier. This information may include location, topics of interest (for example, cooking or basketball), your search queries, including visual search queries, contextual information related to your search queries, suggestions you have selected, apps you use, and related device usage data. This information does not include search results that show files or content on your device. If you subscribe to music or video subscription services, the names of these services and the type of subscription may be sent to Apple. Your account name, number, and password will not be sent to Apple.

You can also search using Siri, such as by asking Siri to look up general knowledge or do things like get directions. When you use Siri, the transcript of your request and other data may be sent to Apple to process your request and may be stored. You can learn more about how Siri handles your data by going to Settings > Apple Intelligence & Siri.

Information sent to Apple related to your searches is used to process your request and to develop and improve search results, such as by using your search queries to fine-tune Search models. It is not linked to your Apple Account or email address.

Aggregated information may be used to improve other Apple products and services. Apple may also send a limited, randomly sampled set of search queries to search tools for the purpose of evaluating and improving the performance and quality of Search.

Search Engine Suggestions in Safari

Safari has a single field for searches and web addresses so you can browse the web from one convenient place. When Search Engine Suggestions are enabled, Safari will ask your selected search engine for suggestions based on what you’ve typed.

Preload Top Hit in Safari

With Preload Top Hit enabled, as soon as Safari determines a Top Hit based on your bookmarks and browsing history, Safari will begin loading the webpage in the background. If you disable this option, the page will load normally.

You Have Choice and Control

If you do not want your search queries to be stored by Apple and used to improve Search, you can disable Improve Search by going to Settings > Search and tapping to turn off Improve Search. Searches you make through Siri will still be stored and used to improve Siri if you have enabled Improve Siri & Dictation. You can disable Improve Siri & Dictation by going to Settings > Privacy & Security > Analytics & Improvements and tapping to turn off Improve Siri & Dictation.

If you do not want web-based content and search results, you can disable “Show in Look Up” and “Show in Spotlight” by going to System Settings > Search and tapping to turn off those features.

You can disable Safari Suggestions in Safari by going to Safari > Settings > Search and deselecting Include Safari Suggestions.

You can disable Location Services for Search by going to System Settings > Privacy & Security > Privacy > Location Services, then clicking Details next to System Services and turning off Suggestions & Search. If you turn off Location Services on your device, your location will not be sent to Apple.

Apple may process and store the information that is sent to Apple with trusted third-party service providers.

By using Siri Suggestions in Search, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information. At all times, information collected by Apple will be treated in accordance with Apple’s Privacy Policy, which can be found at www.apple.com/privacy."

#apple #privacy

I just noticed that the game location (Mankila) is actually a real place in Finland: https://maps.app.goo.gl/D3dFdmt7ACokCf7d8

The shape of the lake, the buildings around it are different and there are extra islands etc, but it is clearly modelled after the real deal. That’s quite cool, heh.

#FinnishCottageSimulator