# Apple-Signal Bug, NCSC recommends passkeys, Open Source debate Page: https://stenobird.com/podcast/blue-security-2167092/apple-signal-bug-ncsc-recommends-passkeys-open-source-debate Text version: https://stenobird.com/podcast/blue-security-2167092/apple-signal-bug-ncsc-recommends-passkeys-open-source-debate.md Podcast: [Blue Security](https://stenobird.com/podcast/blue-security-2167092) Published: 2026-04-28T12:00:01+00:00 Episode link: https://podcasters.spotify.com/pod/show/blue-security-podcast/episodes/Apple-Signal-Bug--NCSC-recommends-passkeys--Open-Source-debate-e3ij25i Audio file: https://anchor.fm/s/37babf1c/podcast/play/119162482/https%3A%2F%2Fd3ctxlq1ktw2nl.cloudfront.net%2Fstaging%2F2026-3-28%2F423025759-44100-2-cf39b2dc9573d.mp3 Processing state: not_requested JSON: https://stenobird.com/v1/public/podcasts/blue-security-2167092/episodes/apple-signal-bug-ncsc-recommends-passkeys-open-source-debate Duration seconds: 2064 ## Resource Summary In this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification system. They emphasize the importance of user settings and the need for regular updates. The conversation then shifts to the UK National Cyber Security Centre's endorsement of passkeys as a preferred login method for consumers, highlighting the shift away from traditional passwords. Finally, they address the challenges of open source software security, referencing Marcus Hutchins' insights on the lack of bug bounty programs and the potential risks associated with unmonitored code. ---------------------------------------------------- YouTube Video Link: https://youtu.be/yXuUc32MPL4 ---------------------------------------------------- Documentation: https://arstechnica.com/tech-policy/2026/04/apple-stops-weirdly-storing-data-that-let-cops-spy-on-signal-chats/ https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/ ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠… ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/blue-security-2167092/episodes/apple-signal-bug-ncsc-recommends-passkeys-open-source-debate/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/blue-security-2167092/apple-signal-bug-ncsc-recommends-passkeys-open-source-debate.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.