Crypto Wars 2.0

Privacy is a human right - and you don't have to justify rights, you just have them. That's kinda the whole point. But you do need to exercise them and defend them sometimes. It has been leaked that the UK is telling Apple to reveal the encrypted data of every single one of their users to the UK government under the auspices of the Investigatory Powers Act (and its recent controversial Amendment). This would be a privacy and security disaster, and we were not even supposed to know about it. In other news: Netgear warns of serious router bugs (so update your firmware now); DeepSeek AI app has serious security and privacy problems, but the AI model has real promise in other ways; AngelSense personal customer data exposed; Cybercrime groups exploit 7-Zip app flaws to bypass Windows protections; some clever Mac and iOS malware making the rounds; new Android Identity Check feature released, and I introduce some Privacy Enhancing Technologies. Article Links [Bleeping Computer] Netgear warns users to patch critical WiFi router vulnerabilities https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-critical-wifi-router-vulnerabilities/ [krebsonsecurity.com] Experts Flag Security, Privacy Risks in DeepSeek AI App https://krebsonsecurity.com/2025/02/experts-flag-security-privacy-risks-in-deepseek-ai-app/ [techcrunch.com] AngelSense exposed location data and personal information of tracked users https://techcrunch.com/2025/01/30/angelsense-exposed-location-data-and-personal-information-of-tracked-users/ [The Hacker News] Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections https://thehackernews.com/2025/02/russian-cybercrime-groups-exploiting-7.html [appleinsider.com] New macOS malware disguises itself as Chrome & Zoom installers https://appleinsider.com/articles/25/02/04/new-macos-malware-disguises-itself-as-chrome-zoom-installers [macrumors.com] Apple Removed Apps Infested With Screen Reading Malware https://www.macrumors.com/2025/02/06/apple-removed-screen-reading-malware-apps/ [Bleeping Computer] New Android Identity Check locks settings outside trusted locations https://www.bleepingcomputer.com/news/security/new-android-identity-check-locks-settings-outside-trusted-locations/ [theverge.com] Apple ordered to open encrypted user accounts globally to UK spying https://www.theverge.com/news/608145/apple-uk-icloud-encrypted-backups-spying-snoopers-charter Tip of the Week: https://firewallsdontstopdragons.com/privacy-enhancing-technologies-pet/  Further Info Securing your router:  https://firewallsdontstopdragons.com/secure-your-network-4-remediate/  Objective-See tools: https://objective-see.org/  Recommend news stories: send to news [at] firewallsdontstopdragons.com  Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book  Subscribe to the newsletter: https://fdsd.me/newsletter  Become a patron! https://www.patreon.com/FirewallsDontStopDragons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Give the gift of privacy and security: https://fdsd.me/coupons  Support our mission! https://fdsd.me/support  Generate secure passphrases! https://d20key.com/#/  Table of Contents Use these timestamps to jump to a particular section of the show. 0:00:06: Intro 0:00:20: Tax scams, ID.me 0:02:54: News preview 0:05:01: Netgear router vulnerabilities 0:08:17: DeepSeek AI has security problems, but also shows promise 0:19:36: AngelSense exposed personal information of tracked users 0:26:23: Russian Cybercrime Groups Exploiting 7-Zip Flaw 0:35:44: macOS stealer malware disguises itself as fake installer 0:42:30: New Apple malware uses OCR to mine secrets 0:46:00: New Android Identity Check locks settings outside trusted locations 0:49:10: Apple ordered to open encrypted user accounts globally to UK spying 1:04:56: Tip of the Week: Privacy Enhancing Technologi...