Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 15 comments

Move Downloaded Mac Apps Before Initial Launch

Howard Oakley explains App Translocation, a macOS security mechanism that protects against malicious plug-ins within benign apps but can occasionally cause first-launch crashes.

Josh Centers 13 comments

macOS’s New XProtect Remediator Now Regularly Scans for Malware

A few months ago, Apple quietly updated Monterey, Big Sur, and Catalina with XProtect Remediator, a new malware scanner built into XProtect, so your Mac is now regularly checking for malware in the background. Howard Oakley uncovered it and offers some technical details.

Josh Centers 3 comments

iOS 12.5.6 Fixes Serious WebKit Vulnerability for Older Devices

Apple has released iOS 12.5.6 to fix a serious WebKit vulnerability for older models of the iPhone, iPad, and iPod touch. It has been exploited in the wild, so update immediately if you’re still using one of those classics.

Josh Centers 5 comments

Plex User Passwords Compromised in Data Breach

Streaming service Plex is warning users to change their passwords after user data was compromised. Here’s how to do so.

Glenn Fleishman 58 comments

Tune Find My for Travel Tracking to Avoid Annoying AirTag and Apple Device Alerts

Apple’s AirTag and other Find My trackers—along with Find My-tracked Apple devices—may be too aggressive about telling you where they are—or aren’t. They can be useful for tracking luggage and other valuables while traveling, particularly with others, but you will likely need to tune your settings to reduce notifications.

Josh Centers 39 comments

iOS 15.6.1, iPadOS 15.6.1, and macOS 12.5.1 Monterey Address Serious Security Vulnerabilities

Evildoers are exploiting a pair of security vulnerabilities in iOS, iPadOS, and macOS 12 Monterey, so Apple has released focused updates to thwart them. Don’t delay, update today.

Adam Engst 14 comments

Instagram and Facebook Could Track Everything You Do in Their In-App Browsers

Meta’s Instagram and Facebook iOS apps open external links in an in-app browser instead of Safari, enabling them to inject custom JavaScript code into every website you visit using the in-app browser.

Adam Engst 27 comments

How to Securely Erase a Mac’s SSD or Hard Drive

If you need to get rid of a Mac or external drive, how do you ensure that no one can access the data on it? Adam Engst runs through the various methods you can employ, one or more of which should address your situation.

Adam Engst 38 comments

Not Receiving SMS Text Message 2FA Codes? Call Your Carrier

After failing to receive SMS text messages from five financial services websites that use them for two-factor authentication codes, Adam Engst resolved his problem with a quick call to T-Mobile to remove an automatically created system-level block on those numbers.

Glenn Fleishman 1 comment

Apple Adds Lockdown Mode to Protect Activists and Government Targets

Apple announced it will add an enhanced security mode to this year’s planned operating system updates to deter government-level spyware.

Josh Centers 1 comment

Defending Ukraine: Microsoft’s Early Lessons from Russia’s Cyberwar

While the Russian military attempts to level Ukrainian cities, Russian intelligence agencies have targeted the rest of the world online. Microsoft offers early insights into what its threat intelligence team has learned on the digital front lines.

Glenn Fleishman 43 comments

Why Passkeys Will Be Simpler and More Secure Than Passwords

Passkeys are a new way to log into websites and apps that replaces passwords. The industry-standard passkey technology is simpler and more secure than passwords (even with two-factor authentication), resists phishing, and is built to be compatible across browsers and platforms.

Josh Centers 18 comments

Apple Releases iOS 15.5, iPadOS 15.5, macOS 12.4, watchOS 8.6, tvOS 15.5, and HomePod Software 15.5

In what may be the final release of the iOS 15/macOS 12 cycle to include more than bug fixes and security updates, Apple has updated all its operating systems with some improvements to Podcasts and Wallet, plus bug fixes and security updates.

Adam Engst 25 comments

International Verify Your Backups Day

What better day than Friday the 13th to check that your backups are actually working by restoring some critical files?

Adam Engst 25 comments

Bad Apple #5: iCloud Drive Folder Sharing Risks Data Loss

iCloud Drive folder sharing has been around since macOS 10.15 Catalina, which makes it all the less acceptable that someone with whom the folder is shared can delete a file permanently and with only one possible—and unmentioned by Apple—option for recovery.