Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 13 comments

Apple Categorically Denies Businessweek’s China Hack Report

Bloomberg Businessweek last week published a bombshell article that alleges that Chinese spies inserted a malicious chip into servers used by Apple and other technology companies. Apple has unequivocally denied everything. Who to believe?

Glenn Fleishman 29 comments

SMS Text Message Login Codes Autofill in iOS 12 and Mojave, but Remain Insecure

Apple streamlined two-factor login confirmations via text message in iOS 12 and macOS 10.14 Mojave. But using SMS to validate your login remains problematic because of phone number hijacking. Apple should lead the way to retire it.

Adam Engst 16 comments

Follow These Steps to Enable Backblaze for Mojave

The Backblaze Mac client can’t back up all your data in macOS 10.14 Mojave unless you give it full disk access, and its companion menu bar utility also needs automation permissions. Follow Backblaze’s instructions to restore full functionality.

Adam Engst 8 comments

50 Million Facebook Accounts Hacked

Facebook has acknowledged that attackers took advantage of the platform’s View As feature to breach the security of at least 50 million accounts. If you’re forced to log in again, you might be among the affected users.

Adam Engst 2 comments

Trend Micro Mac Apps Stole Users’ Browser Histories

A number of Mac apps from Trend Micro have been discovered to be collecting users’ browsing histories and have been removed from the Mac App Store.

Rich Mogull 18 comments

Mojave’s New Security and Privacy Protections Face Usability Challenges

macOS 10.14 Mojave brings important security and privacy improvements to the Mac, but both Apple and developers need to work harder to avoid overwhelming users with a cacophony of alerts.

Josh Centers 10 comments

Popular Mac App Store Utility Turned Out to Be Spyware

A paid utility that was secretly spying on users’ Web browsing histories somehow made it past both Apple’s review process and macOS’s application sandboxing.

Josh Centers 2 comments

Hackers Steal T-Mobile Customer Data, Including Passwords

There has been yet another big data theft. This time, attackers stole the personal data and encrypted passwords of two million T-Mobile customers. If you use T-Mobile, change your password immediately.

Josh Centers 10 comments

Avoiding Google’s Geotracking Requires Disabling More Than Location History

An investigation by the Associated Press and Princeton University has found that Google tracks and stores your location history even when you have disabled Location History. To prevent Google from tracking your location, also disable Web & App Activity.

Adam Engst 8 comments

Are We Talking about Privacy or Liberty?

It seems that both tech giants and government agencies want to know everything about us. But is “privacy” what we’re really looking for, or something more along the lines of the right to be left alone?

Josh Centers 22 comments

USB Restricted Mode Can Block iOS Device Charging

USB Restricted Mode is a new security feature in iOS 11.4.1, but it can have some unintended consequences. Josh Centers explains what it is, how it works, why it exists, and how you can turn it off if necessary.

Josh Centers 6 comments

Reddit Announces Account Data Breach

Social news site Reddit has announced a relatively minor data theft that’s a good reminder to change old passwords, turn on two-factor authentication, and delete any Reddit content you don’t want linked to your email address.

Josh Centers 12 comments

Wyze Cam Pan Helps You Watch Your House for $30

The latest entry in the Wyze Cam line, the Wyze Cam Pan, can cover an entire 360-degree area for an absurdly low price. It’s well worth checking out if you’re looking for an interior security camera, but sadly, it doesn’t support HomeKit.

Josh Centers 7 comments

Beware New Bitcoin Extortion Scam That Uses Stolen Passwords

A new email scam claims to have images of you viewing pornography, and to make its assertion more convincing, it includes an old leaked password in the message. Don’t be fooled.

Adam Engst 23 comments

International Verify Your Backups Day

What better day than Friday the 13th to check that your backups are actually working by restoring some critical files?