Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

From Blue Security by Andy Jaw & Adam Brewer

April 28, 2026 · 34 min · Season 6 · Episode 32

About this episode

Andy and Adam discuss a vulnerability in Signal, the endorsement of passkeys by the NCSC, and challenges in open source software security.

Summary In this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification system. They emphasize the importance of user settings and the need for regular updates. The conversation then shifts to the UK National Cyber Security Centre's endorsement of passkeys as a preferred login method for consumers, highlighting the shift away from traditional passwords. Finally, they address the challenges of open source software security, referencing Marcus Hutchins' insights on the lack of bug bounty programs and the potential risks associated with unmonitored code. ---------------------------------------------------- YouTube Video Link: https://youtu.be/yXuUc32MPL4 ---------------------------------------------------- Documentation: https://arstechnica.com/tech-policy/2026/04/apple-stops-weirdly-storing-data-that-let-cops-spy-on-signal-chats/ https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/ ---------------------------------------------------- Contact Us: Website…

People in this episode

Hosts: Andy Jaw, Adam Brewer

Topics covered

  • Signal vulnerability
  • passkeys
  • open source security
  • Apple notification system
  • cybersecurity

Keywords

  • Signal
  • FBI
  • passkeys
  • Apple
  • open source
  • cybersecurity
  • Marcus Hutchins

Mentioned in this episode

Organizations: Signal, FBI, UK National Cyber Security Centre

Products: passkeys, Apple

More episodes of Blue Security

Explore listener stats, chart rankings, contacts and more on the Blue Security podcast page.