Fingerprinting Apple Device Types by Sensors

The dark truth about fingerprinting hardware is that it can be used to specifically target particular weaknesses of mobile devices. Using embedded magnetometer, gyroscope, and accelerometer, any web page can determine your device type by serving up some script. What this also means is that a mobile web site tab can pretty much follow you around town all day, even without GPS.

A New Apple Supply Chain Compromise #gatekeeper

Hackers are leaving no stone unturned when it comes to scouring systems and software for an attack vector. Usually, an adversary is looking for one-off anomolies at the low-end of computer programming, the 1's and 0's. A buffer overflow, a protocol fuzzing, some kind of byte-level trickery. Nothing so brazen as a supply chain attack. These attacks are swift, trusted, often skipped during antivirus and malware scanning. Last week I read about a terrible new Apple supply chain compromise.