Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

Category: Security

Josh Centers 21 comments

1Password 7 for Mac Offers a Fresh Look… for an Upgrade Price

AgileBits has released 1Password 7, the company’s first paid upgrade in many years. Are the changes to 1Password mini and the many visual improvements worth the cost of admission?

Josh Centers No comments

Apple Will Soon Report on Government App Store Takedown Requests

Apple will soon be adding information about government requests to remove apps from the App Store to its biannual transparency report.

Adam Engst 25 comments

Beware “iCloud Breach” Phone Scam

Apple users report receiving multiple automated calls per day from a scammer claiming to be “Apple Support Care” and warning of an iCloud breach. Just hang up and get a call-blocking app.

Josh Centers 19 comments

iOS 11.4 to Make iPhones Harder to Crack

iOS 11.4 betas include a USB Restricted Mode that would make it harder for law enforcement and government agencies to extract information from a locked iPhone.

Adam Engst 3 comments

Twitter Encourages Users to Change Their Passwords

After discovering that passwords for many user accounts were logged in clear text internally, Twitter is encouraging all users to change their passwords.

Geoff Duncan 113 comments

Europe’s General Data Protection Regulation Makes Privacy Global

Your inbox has probably been filled with notices from companies updating their terms and privacy policies to comply with Europe's General Data Protection Regulation (GDPR). But what will it actually mean, both inside and outside the European Union?

Glenn Fleishman 18 comments

Cloudflare and Quad9 Aim to Improve DNS

The domain name system is largely insecure, leaking information and subject to compromise. New services from Cloudflare and Quad9 could provide greater security and integrity than Google Public DNS, currently the best known public DNS service.

Adam Engst No comments

AgileBits Introduces 1Password Business

AgileBits has introduced 1Password Business, which extends the subscription-based password-management service to large organizations. New features include finely grained access control, custom roles, activity logs, and usage reporting.

Adam Engst 2 comments

Should You Delete Your Facebook Page?

Mark Jeftovic, the outspoken CEO of DNS provider easyDNS, has weighed in on the whole Facebook/Cambridge Analytica scandal with opinions that are simultaneously harsh and realistic. He starts by equating social media platforms to “The Spew,” a 1994 short story by Neal Stephenson in Wired, and lays out multiple condemnations of Facebook and Mark Zuckerberg. But then Jeftovic returns to the real question at hand: Should you delete your Facebook page? He recommends keeping business Facebook pages but not relying on them, and he says he’ll keep a personal Facebook page while assuming that anything he posts is completely public and will be used for targeting. But he votes against the mobile Facebook apps, which try their hardest to harvest your contact data.

Josh Centers 11 comments

$20 WyzeCam Security Camera Is Almost Too Good to Be True

A Wi-Fi security camera for $20? What’s the catch? Josh Centers shares his experiences with the unbelievably cheap WyzeCam. It’s well-built, has a decent app, works in the dark, and even provides limited cloud storage for free. There’s only one minor problem.

Josh Centers 6 comments

Apple Updates Its Operating Systems to Address Telugu Bug

Apple has updated all of its operating systems — macOS 10.13 High Sierra, iOS 11, watchOS 4, and tvOS 11 — to fix yet another text-crashing bug. Here’s how to get the updates, and our advice on when you should install them.

Josh Centers 4 comments

Facebook Shows Why SMS Isn’t Ideal for Two-Factor Authentication

Facebook is sending its two-factor authentication users text messages they don’t want. This situation provides yet another reason why you should use a dedicated app for generating two-factor authentication codes instead of SMS.

Adam Engst 5 comments

Beware “Protect” In Facebook’s iOS App

Facebook has added a Protect item to a screen in its iOS app that lists Facebook services. Tapping Protect takes you to an App Store page for a VPN called Onavo Protect that admits that it is owned by Facebook and “collects your mobile data traffic.” Worse, 12.5 million iOS users may already be using Onavo Protect.

Josh Centers 1 comment

Your Smart Home Could Be Spying On You

Gizmodo’s Kashmir Hill and Surya Mattu teamed up to learn the extent to which home automation devices report back to their manufacturers and leak personal information. Hill filled her house with smart devices, including an Amazon Echo, lights, coffee maker, TV, and even a bed. Then she had Surya monitor how much data was sent out by the devices. The results may shock you. Perhaps unsurprisingly, the worst offender was the Amazon Echo, which contacted Amazon’s servers every few minutes, even when the “Alexa” wake word and the microphone were turned off.

Josh Centers 3 comments

Malicious Cryptominer Distributed by MacUpdate Hack

The MacUpdate site was hacked on 1 February 2018, and the attackers slipped malicious code into updates for Firefox, OnyX, and Deeper that would use CPU cycles on infected machines to mine cryptocurrency. Malwarebytes has instructions for removing the malware. Although MacUpdate removed the offending updates quickly, the moral of the story is that it’s always best to update an app from inside the app itself or via the developer’s Web site.