Skip to content
Thoughtful, detailed coverage of everything Apple for 30 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 27 comments

Kernel Vulnerability Causes Apple to Update All Operating Systems

Apple has released updates to macOS, iOS, iPadOS, watchOS, and tvOS to address a security vulnerability in the kernel that could allow an app to execute arbitrary code with kernel privileges. Update soon!

Adam Engst 16 comments

macOS 10.15.5 Update Adds Battery Health Management

Apple has released macOS 10.15.5 Catalina with a new battery health management feature for recent Mac laptops, along with a necessary option for Group FaceTime, calibration for the Pro Display XDR, and a smattering of bug and security fixes.

Josh Centers 2 comments

FBI Cracks Pensacola Shooter’s iPhone, Still Mad at Apple

The FBI has cracked the iPhone at the center of the Pensacola naval base shooting case, but the agency still slammed Apple’s stance on encryption. This time, Apple didn’t pull any punches in its rebuttal.

Josh Centers 3 comments

watchOS 6.2.5 Brings ECG and Irregular Heart Rhythm Notifications to Saudi Arabia

Apple has released watchOS 6.2.5, a highly focused update to bring the ECG app and irregular heart rhythm notifications to Saudi Arabia, along with as-yet-unspecified security fixes.

Josh Centers 6 comments

Adobe Acrobat Reader Flaws Could Let Attacks Hijack Your Mac

If you use Adobe Acrobat Reader, you should update immediately to protect your Mac from some nasty security vulnerabilities accessible to local attacks.

Glenn Fleishman 1 comment

iOS Mail Exploits Serious but Unlikely to Affect Normal Users

A security research firm found a pair of bugs in Mail in iOS 13 that could be leveraged to allow arbitrary code to run without a user viewing the message. But claims about how severe and how widespread the exploits are seem overstated.

Glenn Fleishman 15 comments

Zoom Repairs Flaws and Improves Privacy

Following several terrible, horrible, no good, very bad days for Zoom, with the disclosure of multiple security and privacy exploits and problems, the company has, instead of moving to Australia, fixed nearly every outstanding issue and even enhanced its interface. Will it be enough to restore trust?

Glenn Fleishman 26 comments

Apple and Google Partner for Privacy-Preserving COVID-19 Contact Tracing and Notification

The tech rivals are working together on a secure, opt-in, and privacy-focused method of letting people report a COVID-19 diagnosis that would be pushed to everyone they passed near in the previous two weeks.

Glenn Fleishman 44 comments

Every Zoom Security and Privacy Flaw So Far, and What You Can Do to Protect Yourself

The videoconferencing service Zoom has seen a 20-fold increase in usage during the coronavirus pandemic. That extra attention has put a spotlight on poor technical and policy decisions that have exposed Zoom’s users to harm and revealed personal data unnecessarily. But hope blooms with the company’s latest comprehensive apology and roadmap.

Adam Engst 3 comments

Coronavirus Tracking in Today’s Surveillance Society

Location tracking, facial recognition, and app-based tracking have become tools in fighting the spread of the SARS-CoV-2 coronavirus. But will these uses start a conversation about how to safeguard personal privacy or result in it being further exploited?

Adam Engst 25 comments

International Verify Your Backups Day

What better day than Friday the 13th to check that your backups are actually working by restoring some critical files?

Ivan Drucker 37 comments

Alternative Ways to Protect Yourself from Being Spearfished

Having good passwords may protect you from drive-by attacks, but if you are individually targeted, online thieves can steal your cell phone number and reset all your passwords in minutes. Google Voice used with two-factor authentication is an answer for those for whom authentication apps don’t work well.

Josh Centers 2 comments

Antivirus Maker Avast Sold Data on Millions of Users

Motherboard and PCMag have teamed up to expose antivirus maker Avast’s practice of collecting and selling data on millions of users. The harsh light of media coverage worked as it's supposed to, and Avast's CEO has announced that the company is eliminating the program and shutting down the subsidiary that sold the data.

Josh Centers 29 comments

Apple Allegedly Dropped Full iCloud Backup Encryption under FBI Pressure

Reuters is reporting that Apple dropped plans to offer a stronger encryption option for iCloud backups under pressure from the US Federal Bureau of Investigation.

Josh Centers 9 comments

Geoffrey Fowler Challenges Apple’s Privacy Stance

Apple claims to be a guardian of consumer privacy, but the company does little to regulate what third-party iPhone apps do with the data they collect. The Washington Post’s Geoffrey Fowler asks if Apple could do more to protect our privacy.