# SANS ISC

# threatpost.com

# Reddit netsec

# Krebs On Security

  • Apple Explains Mysterious iPhone 11 Location Requests Thu, 05 Dec 2019 19:46:02 +0000
    KrebsOnSecurity ran a story this week that puzzled over Apple's response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user's location even when all applications and system services are individually set never to request this data. Today, Apple disclosed that this behavior is tied to the inclusion of a new short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it.
  • The iPhone 11 Pro’s Location Data Puzzler Wed, 04 Dec 2019 03:51:15 +0000
    One of the more curious behaviors of Apple's new iPhone 11 Pro is that it intermittently seeks the user's location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company's own privacy policy.
  • It’s Way Too Easy to Get a .gov Domain Name Wed, 27 Nov 2019 02:08:55 +0000
    Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a .gov domain versus a commercial one ending in .com or .org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own .gov domain.

# Bruce Schneier's blog

# TWITTER

?>

# WIRED Threat Level

# exploit-db.com

# Securiteam

?>