A fantastic new feature of iOS 16 is the ability to edit iMessages. But that doesn’t mean you’ll be able to get away with anything. When you send a message, if you long hold on the message, you get the ability to edit the message. But you can only edit…

I’ll admit that I was late to the game on password managers. For anything relatively important, I refused to use one, instead choosing to use complex, memorized, passwords for any important site, like bank accounts. …

A researcher who found that Facebook and Instagram are injecting tracking code into web pages that you visit, wrote a follow up report. In that report, the researcher noted the TikTok is able to capture every keystroke that you enter into a third party website viewed through the TikTok app. …

You might want to rethink having social network apps on your phone, but not because you’re addicted to scrolling or concerned about misinformation. According to new research, the Facebook and Instagram apps can track you when you click to visit non-Facebook and non-Instagram sites. The scenario is easy. Imagine that…

As any security practitioner will tell you, the tradeoff between security and usability is a constant tug of war. The more secure you make a system, the harder it becomes to use. But when you’re talking about software security, there’s another angle. …

The first article I saw on December 10 about the now infamous log4j remote code execution vulnerability (CVE-2021–44228), buried the lede. Posted at 10:39pm Central time on December 9, the headline read: “Minecraft and other apps face serious threat from Log4j code execution bug.” Of course, the log4j Java library…

The Apple Watch now controls my day. Don’t feel bad for me. I brought this upon myself. The Apple Watch and other types of fitness trackers don’t tell you to get to 10,000 steps like the original trackers did. …

Do you know that every single website certificate your external perimeter is valid? What about your VPN certificate? Many companies have robust solutions in place to rotate certificates, but how can you actually guarantee that every IP has the correct certificate installed? One of the easiest ways is to use…

Note (January 5, 2023): We found out there was a security breach of LastPass. Attackers were able to download the encrypted passwords of users, and the list of internet addresses associated with each user. LastPass seems to have made some questionable design decisions, and therefore I wouldn’t personally recommend using…