https://9to5mac.com/2025/02/21/apple-removing-end-to-encryption-uk/
Apple is removing iCloud end-to-encryption features from the UK after government compelled it to add backdoors

For UK users with Advanced Data Protection currently active, Apple warns they will soon have to disable this feature to keep being able to use their iCloud account. Because of the end-to-end nature of the system, Apple cannot automatically do this. Apple will be releasing additional documentation soon to lay out the migration path for these customers.

If I were Apple, that Documentation would include instructions on how to achieve end-to-end encryption separate from whatever service they are able to offer.

 

https://www.msn.com/en-us/news/tech...t-egregious-apple-back-door-order/ar-AA1zQg9M
Intelligence chief Tulsi Gabbard will fight ‘egregious’ Apple back-door order

New U.S. Director of National Intelligence Tulsi Gabbard has called a U.K. order that Apple break the encrypted storage it offers customers worldwide an “egregious” violation of American rights and said it could violate a law easing cooperation between the countries in investigations.

Gabbard wrote late Tuesday to Sen. Ron Wyden (D-Oregon) and Rep. Andy Biggs (R-Arizona), saying that she had directed a legal review of the secret order and that she had not known of it before it was reported by The Washington Post and confirmed by other publications. The legislators had urged her to act just after her confirmation as the top U.S. intelligence leader.

“I share your grave concern about the serious implications of the United Kingdom, or any foreign country, requiring Apple or any company to create a `backdoor’ that would allow access to Americans’ personal encrypted data,” she wrote in response. “This would be a clear and egregious violation of Americans’ privacy and civil liberties, and open up a serious vulnerability for cyber exploitation by adversarial actors.”

 

https://futurism.com/the-byte/life-destroyed-ai

Last February, Disney employee Matthew Van Andel downloaded what seemed like a helpful AI tool from the developer site GitHub.
Little did he know that the decision would totally upend his life — resulting in everything from his credit cards to social security number being leaked to losing his job, as the Wall Street Journal reports.
"It's impossible to convey the sense of violation," the 42-year old Van Andel, who is the father of two boys, told the newspaper.
...
Eleven days after the leak, Disney called Van Andel to tell him he was fired, depriving him of about $200,000 in bonuses and his family's healthcare.

 

https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/
UK quietly scrubs encryption advice from government websites

The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.

The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP).

ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud.

The URL hosting the NCSC document now redirects to a different page that makes no mention of encryption or ADP. Instead, it recommends that at-risk individuals use Apple’s Lockdown Mode, an “extreme” security tool that restricts access to certain functions and features.

Muffett reports that the original document, still accessible via the Wayback Machine, has been “wholesale deleted from the internet.” TechCrunch wasn’t able to find any encryption advice on the U.K. government’s website.

 

https://www.bleepingcomputer.com/ne...-in-bluetooth-chip-used-by-a-billion-devices/

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.

The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence.
...
Armed with this new tool, which enables raw access to Bluetooth traffic, Tarlogic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions.

https://www.documentcloud.org/documents/25554812-2025-rootedcon-bluetoothtools/

 

https://www.bleepingcomputer.com/ne...-in-bluetooth-chip-used-by-a-billion-devices/


https://www.documentcloud.org/documents/25554812-2025-rootedcon-bluetoothtools/

Someday, people will realize that China needs to be treated as though it is exactly what it pretty much actually is -- a criminal organization that lies, cheats, and steals at every opportunity.

 

Someday, people will realize that China needs to be treated as though it is exactly what it pretty much actually is -- a criminal organization that lies, cheats, and steals at every opportunity.

But they have very low labor rates, nearly zero health or environmental regulations, and nearly all important economic activities are subsidized.

So, there's that.

 

https://www.eff.org/deeplinks/2025/03/memoriam-mark-klein-att-whistleblower-about-nsa-mass-spying
In Memoriam: Mark Klein, AT&T Whistleblower Who Revealed NSA Mass Spying

We did. And what Mark told us changed everything. Through his work, Mark had learned that the National Security Agency (NSA) had installed a secret, secure room at AT&T’s central office in San Francisco, called Room 641A. Mark was assigned to connect circuits carrying Internet data to optical “splitters” that sat just outside of the secret NSA room but were hardwired into it. Those splitters—as well as similar ones in cities around the U.S.—made a copy of all data going through those circuits and delivered it into the secret room.


A photo of the NSA-controlled 'secret room' in the AT&T facility in San Francisco (Credit: Mark Klein)

 

The ESP32 Bluetooth Backdoor That Wasn’t

​

Effectively, [Xeno] makes the point that VSCs are a standard feature in Bluetooth controllers, which – like most features – can also be abused. [Tarlogic] has since updated their article as well to distance themselves from the ‘backdoor’ term and instead want to call these VSCs a ‘hidden feature’. That said, if these VSCs in ESP32 chips are a security risk, then as [Xeno] duly notes, millions of BT controllers from Texas Instruments, Broadcom and others with similar VSCs would similarly be a security risk.

 

The ESP32 Bluetooth Backdoor That Wasn’t
View attachment 344618​

It's really a matter of trusting the vendor, they are 'fixing' the undocumented commands, if it's so benign then why do it?

 

https://apnews.com/article/signal-app-atlantic-war-plans-32699da142c5209b845e57f690df4925
What is Signal, the chat app used by US officials to share attack plans?

A magazine journalist’s account of being added to a group chat of U.S. national security officials coordinating plans for airstrikes has raised questions about how highly sensitive information is supposed to be handled.

The world found out shortly before 2 p.m. eastern time on March 15 that the United States was bombing Houthi targets across Yemen.

I, however, knew two hours before the first bombs exploded that the attack might be coming. The reason I knew this is that Pete Hegseth, the secretary of defense, had texted me the war plan at 11:44 a.m. The plan included precise information about weapons packages, targets, and timing.

This is going to require some explaining.

OMG, the stupidity.

Sending TS (these types of tactical plans are born classified, you don't need a formal header and classification stamp for it until distribution) attack plans using a unclassified chat app even to those that are authorized receivers seems to be a leaking security hole you could drive a truck into. Encryption is just one part of security. All of wacky code words (BOOTY and PINUP were good ones ) and "compartments" are solid blast doors to limit distribution of information ONLY to those previously authorized to receive those code-word message and then only with a need to know.

https://irp.fas.org/nsa/yeates-ufo.pdf
UMBRA codeword material about UFOs. The classification was given because of sources and methods, not because of Little Green Men on earth.

On authorized classified networks these restriction are automatic and can't be changed by a USER. On the chat apps these guys were using, you could add you bookie to the list of people receiving TS messages. Crazy.

 

https://securelist.com/operation-forumtroll/115989/
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered. The vulnerability CVE-2025-2783 really left us scratching our heads, as, without doing anything obviously malicious or forbidden, it allowed the attackers to bypass Google Chrome’s sandbox protection as if it didn’t even exist. The cause of this was a logical error at the intersection of Google Chrome’s sandbox and the Windows operating system. We plan to publish the technical details of this vulnerability once the majority of users have installed the updated version of the browser that fixes it.

 

IMO, the bottom line is that any system can be abused. Signal, the chat app is just the latest case.

In the old days of HF teletype comm links we had a system called "The Orderwire". It's how system configuration and setup/teardown orders where transmitted in the field or to ships at sea. We guys that used it were a tight community, went to the same schools, knew the same guys up the chain and all did the same job so we trusted anyone of the net, sight unseen. It was an informal chat network on a classified system but really, we were the only one listening and talking so, there were times when personal requests (in addition to the usual jokes and banter) were asked of remote operators to contact some guy or girl or business for personal reasons if we were headed to or near their station.

There is always some idiot (asking for things that were causing attention from higher up) that abuses something and gets a good thing shutdown.

This is why we can't have nice things.

 

https://apnews.com/article/jfk-assa...-information-5609ccd6e106c5b30ee6b6cca3a30e3c
People named in JFK assassination documents are not happy their personal information was released

Sensitive personal information including Social Security numbers was revealed in the newly unredacted John F. Kennedy assassination documents released this week, and that is not sitting well with the people affected.
...
“It should not have happened,” diGenova said in a phone interview Thursday. “I think it’s the result of incompetent people doing the reviewing. I don’t believe it had anything to do with rushing the process. The people who reviewed these documents did not do their job.”
...
One of the newly unredacted documents, for example, discloses the Social Security numbers of more than two dozen people seeking security clearances in the 1990s to review JFK-related documents for the Assassination Records Review Board.

Gerald Posner, author of “Case Closed,” which concludes that Lee Harvey Oswald was the lone gunman, said the documents release was rushed, echoing what other researchers believe.

Well, they wanted everything and they got it, plus a little more.

 

https://cybersecuritynews.com/new-sophisticated-linux-backdoor-attacking-ot-systems/amp/
New Sophisticated Linux-Backdoor Attacking OT Systems Exploiting 0-Day RCE

The backdoor specifically targets systems associated with ORPAK, a company involved in gas stations and oil transportation infrastructure.

The malware was extracted from a Gasboy fuel management system that had previously been compromised by the CyberAv3ngers hacking group, which has been previously linked to cyberattacks exploiting Unitronics PLCs to breach water systems.

Embedded within Gasboy’s Payment Terminal (OrPT), the backdoor provides attackers with alarming capabilities to potentially control fuel services and extract sensitive financial information from customers.
...
The backdoor leverages the MQTT (Message Queuing Telemetry Transport) protocol for command and control (C2) communications—a protocol commonly used in IoT and industrial environments.

This design choice allows the malware to blend its traffic with legitimate operational messages, significantly complicating detection efforts.

OrpaCrab employs three main MQTT topics to facilitate its operations: one for uploading initial device information, another for receiving instructions from its controllers, and a third for returning command execution results.

 

https://cybersecuritynews.com/46-new-vulnerabilities-in-solar-inverters-systems/amp/
46 New Vulnerabilities in Solar Inverters Systems Let Attackers Tamper Inverter Settings

Forescout researchers noted these security gaps are part of a troubling pattern in the solar power ecosystem.

Their analysis found that over the past three years, an average of 10 vulnerabilities in solar power systems have been disclosed annually, with 80% classified as high or critical severity.

Even more concerning, 30% of these vulnerabilities received the highest possible CVSS scores (9.8-10), indicating attackers could gain complete control of affected systems.

The attack vectors vary by manufacturer. For Growatt inverters, researchers identified vulnerabilities enabling cloud-based takeover, granting unauthorized access to user resources and control of solar plants.
...
Research indicates over half of solar inverter manufacturers (53%) and storage system providers (58%) originate from China, raising questions about supply chain security in critical infrastructure components.

Following responsible disclosure protocols, all identified vulnerabilities have been patched by the affected vendors.

The discovery of these 46 vulnerabilities represents a significant security challenge for the renewable energy sector.

https://www.forescout.com/resources/sun-down-research-report/

Since then, threat actors have been more intentionally exploiting solar power systems. In 2024 alone, at least three incidents were significant: • Threat actors hijacked 800 Contec SolarView Compact remote monitoring devices used in solar power generation facilities in Japan. While their goal was not to disrupt power generation, the fact that attackers can gain control of these devices enables attack scenarios that impact grid stability. There are conflicting accounts of the incident pointing either to a hacktivist group called HackerCN (which was observed sharing details of vulnerabilities on Contec devices) or to ‘random malware’ botnets. There are at least 24 vulnerabilities on these devices cataloged since 2021, three of which are often exploited in the wild. • The same types of devices were hijacked by botnets built and operated by Chinese threat actor Flax Typhoon. These botnets may be used to hide attacker identities while launching attacks against networks in other countries. Other botnets, such as Mirai variants leveraged by cybercriminals, have been exploiting similar devices from the APsystems brand since 2023. • Another attack was carried out by the Just Evil hacktivist group in September 2024. In that incident, hackers targeted the solar monitoring solution used by the Lithuanian energy company Ignitis Group. The group claimed to access the power monitoring dashboard of 22 clients of Ignitis, including two hospitals, via a monitoring platform in the city of Kaunas. The platform was identified as Sungrow’s iSolarCloud. According to a public report, the group gained access to the client sites “by acquiring valid credentials to the owner’s PV Monitoring Platform using a Trojan on the customer’s computers or phones.”

Likely more bad software than malicious software but the threat is the same.

 

https://therecord.media/european-commission-takes-aim-encryption-europol-fbi-proposal
European Commission takes aim at end-to-end encryption and proposes Europol become an EU FBI

The problem for the European Union is that defense, security and intelligence have always been sovereign matters for each member state, and there is little appetite from those member states’ governments to donate their national capabilities to the bloc.

 

https://therecord.media/nakasone-interview-china-ai-deepseek-doge
For nearly six years, Gen. Paul Nakasone led two of the most powerful — and secretive — arms of American national security: the NSA and U.S. Cyber Command. One listens. The other talks back.

CH: So let's talk a little bit about Volt Typhoon and Salt Typhoon [the names Western researchers use for specific Chinese nation-state operations]. … What are their intrusions in American networks telling us about China in cyberspace? It sounds like you think they’ve already replaced Russia as our major foe.

PN: Well, I, think they have. And again, this is the major change that I saw over the six years running NSA and Cyber Command: China has eclipsed all of our adversaries in terms of the scope and scale and now the sophistication of what they’re doing.

Consider Volt Typhoon. There is absolutely no intelligence to be gathered by putting malicious code in [critical infrastructure] networks. There's no intelligence to gather from the water in the United States or the water in different countries within the Indo-Pacific.

CH: Meaning this is clearly not an espionage operation.

PN: It's not espionage. This is not intended for espionage. This is intended to provide a capability at some point in the future that allows the Chinese to wreak havoc or spark a crisis [if they] enter a period of tension with the United States.

They want us to have to focus someplace else. … And look, it's very, very hard to detect someone who has stolen passwords or someone that has stolen credentials to get into a network or a data or a weapon system. And so as we look at that, we say, wow that's a sophistication that shows that the Chinese are continuing to get better.

I've said this before. They are hacking schools, utilities and these sorts of things not for espionage, they are doing it for possible strategic attack plans. It doesn't mean the Commies are coming, it just means due diligence with a known adversary called the USA in case the unimaginable (that we all also plan for) happens.

What's the most unhackable thing you own?

PN: The pencil and paper that I write on every single day.

CH: Why do you use a pencil instead of a pen?

PN: Because I need to erase it.

 

https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/
UK quietly scrubs encryption advice from government websites

The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.

The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP).

ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud.

The URL hosting the NCSC document now redirects to a different page that makes no mention of encryption or ADP. Instead, it recommends that at-risk individuals use Apple’s Lockdown Mode, an “extreme” security tool that restricts access to certain functions and features.

Muffett reports that the original document, still accessible via the Wayback Machine, has been “wholesale deleted from the internet.” TechCrunch wasn’t able to find any encryption advice on the U.K. government’s website.

This is some 1984, North Korea, China, Russia rewriting of history stuff. Pretty lame for a modern western country.

https://www.msn.com/en-us/money/oth...ncryption-fight-secret-is-blocked/ar-AA1CsokD
UK Effort to Keep Apple Encryption Fight Secret Is Blocked


https://investigatorypowerstribunal.org.uk/wp-content/uploads/2025/04/IPT-25-68-CH-Judgment.pdf

 

Alas, I fear that into the far future, society is going to devolve into two different species derived from the governors and the governed ... Morlocks and Eloi ..