I just observed a regression on CVE-2022-32857 (plaintext TSS signing during OS update, leaking unique identifiers to the network via http/80 connections to on 13.1 (M1) when updating to 13.2. My system's ECID was transmitted in plaintext.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!