Logging into a new Apple device may result in a prompt that asks you for the passcode or password of another one of your devices. Glenn Fleishman explains why this happens and why it’s a good idea.

Google’s Project Zero security research team has released the details of a significant series of attacks against iOS. The vulnerabilities have all been patched now, and it appears the attacks may have been part of the Chinese government’s crackdown on the minority Uyghur Muslim community.

After a whistleblower revealed that Apple contractors were listening in on Siri conversations, Apple shut down the program and promised improvements. Here they are.

Apple has issued emergency updates for macOS 10.14 Mojave, iOS 12, watchOS 5, and tvOS 12 because it accidentally reintroduced a major security vulnerability in last month’s round of updates.

A security researcher has discovered that many popular iOS robocall-blocking apps share your data with third parties, often in violation of App Store guidelines.

A critical vulnerability has been found in the Bluetooth specification that could allow an attacker to intercept data transferred between devices. Thankfully, it’s hard to exploit, and Apple has already released updates to address the vulnerability.

The major browser makers—Apple, Google, and Mozilla—have all taken measures to block an attempt by the Kazakhstani government to spy on its citizens.

It turns out that so many people signed up to receive $125 cash instead of credit monitoring in the Equifax breach settlement that no one will receive much money. There’s nothing we can do about it, and that has many of us fuming.

Apple has temporarily suspended its Siri “response grading” program that had contractors listen in on Siri recordings. That’s good, but it’s unfortunate that it took media coverage to push the company to change its practices.

A search engine marketing consultant has shown that it’s simple to use Google AdWords and YouTube videos to further a specific agenda. That might be a good thing, such as by encouraging suicidal people to call a hotline, but it could equally as easily be used for evil.

Capital One has announced a security breach that affects approximately 100 million people in the United States and 6 million in Canada.

Security expert Jon Callas has written a four-part series for the ACLU on problems with the latest government proposal—this time from the UK’s GCHQ—to allow the government to listen in on encrypted communications. Spoiler: it won’t work.

Apple has increasingly used its stance on privacy as a selling point, but The Guardian has revealed that, like Amazon, Apple lets contractors listen in on conversations held while Siri is active. The audio may be difficult or impossible to trace back to the individuals who are speaking, but Apple should still find a better way to improve Siri.

Amazon subsidiary Ring is partnering with police departments around the United States to distribute security cameras to communities, but in return, police must agree to promote Ring’s products.

Equifax has reached a deal to pay up to $425 million to Americans in order to compensate them for the credit bureau’s massive data breach. But a large percentage of the fine will be paid only if its claimed by people whose data was exposed in the breach—learn how to get your share of the settlement.