Apple's extension of "Activation Locks" to laptops will turn refurbishable electronics into e-waste

"Activation Lock" is a tool that uses Apple's trusted computing hardware to render systems inoperable if you don't have a login/password; nominally, this is used for theft-deterrence, but when Apple product owners fail to disable Activation Lock when they dispose of their equipment, it becomes effectively impossible to refurbish or repair, dooming it to become e-waste. Read the rest

Tpmfail: a timing attack that can extract keys from secure computing chips in 4-20 minutes

Daniel Moghimi, Berk Sunar, Thomas Eisenbarth and Nadia Heninger have published TPM-FAIL: TPM meets Timing and Lattice Attacks, their Usenix security paper, which reveals a pair of timing attacks against trusted computing chips ("Trusted Computing Modules" or TPMs), the widely deployed cryptographic co-processors used for a variety of mission-critical secure computing tasks, from verifying software updates to establishing secure connections. Read the rest