April 4, 2022
David Redekop

TWINN Security News April 4

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

Let’s first talk about crypto currency. By now it’s becoming increasingly obvious that the future of money is all digital as central banks all over the world are planning or introducing a central digital currency in the form of their own crypto tokens. Some even have interesting properties like an expiry date on money. The digital Yuan has exactly that, which will obviously have the desired effect of having to spend it or losing it. More on that another day.

However, one key principle for us all to understand is the location of the tokens. Initially, crypto-currencies, or bitcoin specifically, was designed to be distributed where you hold your own wallet in the form of some bits on your hard drive. That is now referred to as the non-custodial method. It turns out it’s quite easy to keep a secret and quite easy to keep thieves at bay using the non-custodial method. However, everyone knows someone who has lost their bitcoin for one reason or another to accidental erasure, crashed hard drive or forgotten password.

Along came the easy way, which is use a custodial method. This is where your exchange actually holds your crypto tokens, you have the elegant experience of an app where you can buy and sell with a few taps. This has the net effect of thousands and millions of people’s assets being centralized, which makes it the natural target for hackers.

Ronin Network: What a $600m hack says about the state of crypto. While these attacks have a pattern of repeating, the non-custodial method is still best for the serious investor because you do not need to depend on anyone else’s security policies. You’re completely in charge. Go non-custodial.

Unmasking China’s State Hackers. This long read is worthwhile. Kim Zetter goes to greath length to illustrate the depth of Chinese government hackers’ work, exposure of their identities and who may be behind some of the revelations.

People Are Getting Scam Texts From … Themselves. Reminds us of the days we used to get email from ourselves. If this happens to you, clearly it is not legitimate. For the spammers and scammers, though, it’s a way where they don’t have to keep buying up new numbers.

‘Most Severe’ Cyberattack Since Russian Invasion Crashes Ukraine Internet Provider. It’s 2022 and Denial of Service attacks are still difficult to defend against.

Apple rushes out patches for two 0-days threatening iOS and macOS users. As usual, you know what to do. Update right away if you haven’t already. If 15.4.1 isn’t available to you make sure you remove your Beta Software profile.

Did you know?

Dante is now mac M1 compatible!

For a video version of this see: https://youtu.be/_q7jory6JO4