Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 5 comments

Eufy Home Security Cameras Caught Uploading Footage to the Cloud

For Anker's Eufy brand, secure design apparently takes a back seat to empty privacy promises. The Verge confirmed the finding by security consultants that Eufy cameras can stream encryption-free video through the cloud, all in violation of the company's claims.

Adam Engst 7 comments

1Password Previews Prospective Passkey Plans

Passkey promises from password-manager 1Password, brought to you by the letter P.

Josh Centers 31 comments

iOS 16.1.1, iPadOS 16.1.1, and macOS 13.0.1 Ventura Plug Two Security Holes

iOS 16.0.1, iPadOS 16.0.1, and macOS 13.0.1 Ventura close a couple of concerning security vulnerabilities related to libxml2. Update soon to protect yourself.

Adam Engst 5 comments

Ventura Bug Disables Real-Time Security Software

A macOS 13.0 Ventura bug revolving around Full Disk Access permissions is preventing real-time protection features in security software from operating. Thomas Reed of Malwarebytes shares a workaround until Apple fixes the bug in macOS 13.1.

Josh Centers No comments

Apple Launches Consolidated Security Site

Apple has created a new Apple Security Research website to centralize all of the company’s security resources.

Josh Centers 25 comments

Apple Releases iOS 15.7.1 and iPadOS 15.7.1 to Fix Security Vulnerabilities on Older Devices

Apple has released iOS 15.7.1 and iPadOS 15.7.1 to address numerous vulnerabilities on iPhones and iPads that either haven’t upgraded or can’t upgrade to iOS 16 and iPadOS 16. Update such devices as soon as possible.

Adam Engst 15 comments

Move Downloaded Mac Apps Before Initial Launch

Howard Oakley explains App Translocation, a macOS security mechanism that protects against malicious plug-ins within benign apps but can occasionally cause first-launch crashes.

Josh Centers 13 comments

macOS’s New XProtect Remediator Now Regularly Scans for Malware

A few months ago, Apple quietly updated Monterey, Big Sur, and Catalina with XProtect Remediator, a new malware scanner built into XProtect, so your Mac is now regularly checking for malware in the background. Howard Oakley uncovered it and offers some technical details.

Josh Centers 3 comments

iOS 12.5.6 Fixes Serious WebKit Vulnerability for Older Devices

Apple has released iOS 12.5.6 to fix a serious WebKit vulnerability for older models of the iPhone, iPad, and iPod touch. It has been exploited in the wild, so update immediately if you’re still using one of those classics.

Josh Centers 5 comments

Plex User Passwords Compromised in Data Breach

Streaming service Plex is warning users to change their passwords after user data was compromised. Here’s how to do so.

Glenn Fleishman 77 comments

Tune Find My for Travel Tracking to Avoid Annoying AirTag and Apple Device Alerts

Apple’s AirTag and other Find My trackers—along with Find My-tracked Apple devices—may be too aggressive about telling you where they are—or aren’t. They can be useful for tracking luggage and other valuables while traveling, particularly with others, but you will likely need to tune your settings to reduce notifications.

Josh Centers 39 comments

iOS 15.6.1, iPadOS 15.6.1, and macOS 12.5.1 Monterey Address Serious Security Vulnerabilities

Evildoers are exploiting a pair of security vulnerabilities in iOS, iPadOS, and macOS 12 Monterey, so Apple has released focused updates to thwart them. Don’t delay, update today.

Adam Engst 14 comments

Instagram and Facebook Could Track Everything You Do in Their In-App Browsers

Meta’s Instagram and Facebook iOS apps open external links in an in-app browser instead of Safari, enabling them to inject custom JavaScript code into every website you visit using the in-app browser.

Adam Engst 30 comments

How to Securely Erase a Mac’s SSD or Hard Drive

If you need to get rid of a Mac or external drive, how do you ensure that no one can access the data on it? Adam Engst runs through the various methods you can employ, one or more of which should address your situation.

Adam Engst 38 comments

Not Receiving SMS Text Message 2FA Codes? Call Your Carrier

After failing to receive SMS text messages from five financial services websites that use them for two-factor authentication codes, Adam Engst resolved his problem with a quick call to T-Mobile to remove an automatically created system-level block on those numbers.