Hello, welcome to the Friday, August 18th,

2000-23 edition of the Sandton Stormontas Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Jesse took a quick look today at a problem that's actually kind of common

when you're looking at text on the command line in

Linux with tools like cat. The problem is that the white space characters are often not clearly

displayed and so two strings that kind of look the same may not be the same because they have

white space characters following

them. Well, Jesse is looking at a couple different options to solve the problem with a little

Python script or, well, a simple cat option das, capital A, which will make these white space

characters more obvious.

An Apple security company, YAMF, has an interesting blog post showing how an attacker may be able to simulate airplane mode in an iOS 16 device.

The problem here is that, well, a user may think that they're safe if the phone is in

airplane mode, but what the attacker is really doing here is essentially just displaying the

airplane mode icon, and with that, the user may feel safe if indeed they're not. The attack

actually goes sort of a step further. In addition to

setting the airplane mode icon, the attack will also disconnect all software from the internet.

And if a user, for example, now attempts to use the email software or the like, it will alert the user, hey, you need to set up

a network connection. Do you want to connect to Wi-Fi? So a behavior that's identical to what

you would experience if the phone is actually in airplane mode. And of course, the attacker is at

the same time also able to still maintain

connectivity for their own application. Pretty neat trick. This is a post-exploid technique,

...