After the release of iOS 17.4 and iPadOS 17.4 earlier in the week, there was little question that Apple would soon push out updates to the rest of its operating systems. That has now happened, and we recommend updating quickly to protect against several zero-day vulnerabilities.
Apple has released updates to the last three versions of iOS and iPadOS, adding features and fixing security vulnerabilities in iOS/iPadOS 17, addressing vulnerabilities in iOS/iPadOS 16, and fixing bugs in iOS/iPadOS 15.
The results of our poll asking how TidBITS readers engage with macOS updates reveal that most people stick with Apple’s default settings and follow our advice about how quickly to install. That’s good!
In the upcoming iOS 17, iPadOS 17.4, macOS 14.4 Sonoma, and watchOS 10.4, Apple will start rolling out the PQ3 encryption protocol for iMessage conversations to protect them against attacks made possible by future quantum computers.
Several TidBITS readers have alerted us to phishing messages that purport to be from TidBITS Talk. They’re not, of course, and should be marked as spam, but they serve as a warning for why it’s essential pay attention to email.
Twilio, the company behind the Authy two-factor authentication apps, has announced that Authy Desktop for the Mac will reach end-of-life next month. It might be a good excuse to switch to a full-fledged password manager that also supports 2FA codes.
Apple has made good on its promise to add Stolen Device Protection to iOS 17.3, allowing users concerned about iPhone passcode and snatch-and-run theft to require biometric authentication and sometimes a delay to carry out critical security and financial actions. We look at what it does and doesn’t protect, how to turn it on, and who can’t use it.
The “grandparent scam” goes back almost 20 years, but it and similar frauds are gaining new traction through AI voice impersonation. Protect your family, friends, and colleagues with advance planning.
Sometimes, you need to share private information—a password, financial details, a confidential document—over the Internet. Adam Engst looks at eight popular methods of transmitting your secrets securely to others.
Apple has released a large set of operating system updates, including iOS 17.3, iPadOS 17.3, macOS 14.3 Sonoma, watchOS 10.3, tvOS 17.3, HomePod Software 17.3, macOS 13.6.4 Ventura, macOS 12.7.3 Monterey, iOS 16.7.5 and iPadOS 16.7.5, and iOS 15.8.1 and iPadOS 15.8.1. New features include Stolen Device Protection in iOS 17.3 and Apple Music collaborative playlists.
Those who use Apple’s Magic Keyboard will automatically receive a firmware update that prevents an attacker with physical access from monitoring Bluetooth traffic. It’s not something to worry about but is an indication of the kind of attacks possible today.
For additional background and color surrounding the Wall Street Journal’s reporting on iPhone passcode thefts, watch Joanna Stern’s interview with a convicted thief.
A handful of iOS and iPadOS updates address unspecified bugs, and the update to macOS 14.2.1 Sonoma fixes a bug that could share random windows via Screen Sharing.
If you have purchased a smart TV recently, beware that it probably shares everything that appears onscreen with its makers. Here are instructions for turning off this privacy-abusing technology for three major smart TV platforms.
The Wall Street Journal reports that Apple will introduce a new feature, Stolen Device Protection, to deter the kind of significant digital damage that iPhone passcode thieves have inflicted on victims.