Infosec Reading List – August 2021

On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Best of Twitterverse

InfoSec
- Secret terrorist watchlist with 2 million records exposed online – link
- Is Apple’s NeuralMatch searching for abuse, or for people? – link
- We Got the Phone the FBI Secretly Sold to Criminals – link
- Embrace ephemerality with default disappearing messages – not a big change but I think the default setting is something nice to have – link
- One Bad Apple – a longer and more detailed article on the “Apple scans our pictures” discussion – I really liked it and I can also recommend the follow up article – link
- Wanted: Disgruntled Employees to Deploy Ransomware – insider threats have been always an underestimated topic – now they don’t need to steal the data themselves, they can just install the ransomware and afterwards claim that they weren’t aware & did it unintentionally – link
- Thinking about “traceability” – “What is “traceability” in an end-to-end encrypted system?” – link
- Automated Qubes AppVMs based on Whonix Anonymity Modes – nice idea using .sls files which are part of the SALT framework – link
- Learning as Investing: 7 Skills That Pay Off in Any Job – good start for a list – link
- The All-Seeing “i”: Apple Just Declared War on Your Privacy – “How long do we have left before the iPhone in your pocket begins quietly filing reports about encountering “extremist” political material, or about your presence at a “civil disturbance”?” – “I can’t think of any other company that has so proudly, and so publicly, distributed spyware to its own devices—and I can’t think of a threat more dangerous to a product’s security than the mischief of its own maker.” – link
- Disgruntled ransomware affiliate leaks the Conti gang’s technical manuals – link
- Threat Landscape for Supply Chain Attacks – very informative PDF by the ENISA around supply chain attacks – link
- From open Guest Wi-Fi to pwning a lift – link
- Exploiting custom protocol handlers for cross-browser tracking in Tor, Safari, Chrome and Firefox – link
- The Stealthy iPhone Hacks That Apple Still Can’t Stop – link
Outdoor
- Saddlebags for Bikepacking & Top Opening Handlebar Bags – link
- A new road to an inaccessible land – especially in stormy times like these in regards to Afghanistan, it’s important to not forget that another situations exist, also in Afghanistan – link
- The Northern Soul – link
- Two Women, 600km Across the Aralkum Desert – link