Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

Category: Security

Josh Centers 14 comments

SMS Database Leak Exposed 2FA Login Codes

An unsecured server has resulted in tens of millions of SMS messages being exposed, and along with it password reset links, two-factor authentication codes, shipping notifications, and more.

Adam Engst 24 comments

“Hacked Account” Blackmail Spam on the Rise—Beware!

A relatively new form of spam is making the rounds on the Internet. It purports to be from a hacker who has taken over your computer and who will reveal your porn browsing to all your contacts unless you pay a Bitcoin blackmail. It’s fake, but its use of breached passwords as “proof” points toward a concerning future.

Josh Centers 5 comments

Tim Cook Calls for GDPR-Like Laws around the World

During a speech in Brussels, Apple CEO Tim Cook reiterated Apple’s strong privacy stance and advocated for GDPR-like laws both in the United States and around the world.

Joe Kissell 6 comments

Inside iOS 12: Use Third-Party Password Managers to Simplify Logins

Among the password-related changes in iOS 12 is the much-anticipated support for integrating third-party password managers with Safari and other apps, almost—but not quite—as a peer to iCloud Keychain.

Josh Centers No comments

How Kids Are Circumventing iOS 12’s Screen Time Limits

Apple’s Screen Time feature is designed to help parents limit their kids’ device usage, but the little nippers are already finding ways to defeat it. Is anyone surprised?

Adam Engst 15 comments

Apple Categorically Denies Businessweek’s China Hack Report

Bloomberg Businessweek last week published a bombshell article that alleges that Chinese spies inserted a malicious chip into servers used by Apple and other technology companies. Apple has unequivocally denied everything. Who to believe?

Glenn Fleishman 29 comments

SMS Text Message Login Codes Autofill in iOS 12 and Mojave, but Remain Insecure

Apple streamlined two-factor login confirmations via text message in iOS 12 and macOS 10.14 Mojave. But using SMS to validate your login remains problematic because of phone number hijacking. Apple should lead the way to retire it.

Adam Engst 17 comments

Follow These Steps to Enable Backblaze for Mojave

The Backblaze Mac client can’t back up all your data in macOS 10.14 Mojave unless you give it full disk access, and its companion menu bar utility also needs automation permissions. Follow Backblaze’s instructions to restore full functionality.

Adam Engst 8 comments

50 Million Facebook Accounts Hacked

Facebook has acknowledged that attackers took advantage of the platform’s View As feature to breach the security of at least 50 million accounts. If you’re forced to log in again, you might be among the affected users.

Adam Engst 2 comments

Trend Micro Mac Apps Stole Users’ Browser Histories

A number of Mac apps from Trend Micro have been discovered to be collecting users’ browsing histories and have been removed from the Mac App Store.

Rich Mogull 20 comments

Mojave’s New Security and Privacy Protections Face Usability Challenges

macOS 10.14 Mojave brings important security and privacy improvements to the Mac, but both Apple and developers need to work harder to avoid overwhelming users with a cacophony of alerts.

Josh Centers 10 comments

Popular Mac App Store Utility Turned Out to Be Spyware

A paid utility that was secretly spying on users’ Web browsing histories somehow made it past both Apple’s review process and macOS’s application sandboxing.

Josh Centers 2 comments

Hackers Steal T-Mobile Customer Data, Including Passwords

There has been yet another big data theft. This time, attackers stole the personal data and encrypted passwords of two million T-Mobile customers. If you use T-Mobile, change your password immediately.

Josh Centers 10 comments

Avoiding Google’s Geotracking Requires Disabling More Than Location History

An investigation by the Associated Press and Princeton University has found that Google tracks and stores your location history even when you have disabled Location History. To prevent Google from tracking your location, also disable Web & App Activity.

Adam Engst 8 comments

Are We Talking about Privacy or Liberty?

It seems that both tech giants and government agencies want to know everything about us. But is “privacy” what we’re really looking for, or something more along the lines of the right to be left alone?