Follow

I just observed a regression on CVE-2022-32857 (plaintext TSS signing during OS update, leaking unique identifiers to the network via http/80 connections to gs.apple.com) on 13.1 (M1) when updating to 13.2. My system's ECID was transmitted in plaintext.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!