Skip to content
Thoughtful, detailed coverage of everything Apple for 29 years
and the TidBITS Content Network for Apple professionals

Category: Security

Josh Centers 19 comments

Beware Spoofed Calls from Apple

Phone scammers have found a way to make their phony calls look like they’re coming from Apple. Don’t be fooled!

Adam Engst 4 comments

Facebook Shared User Data with Other Tech Giants

Facebook has been caught sharing data on its 2.2 billion users with other tech companies like Amazon, Microsoft, Netflix, Spotify, and even Russian search giant Yandex. Apple is in the list too, but not in a way that makes sense.

Josh Centers 14 comments

SMS Database Leak Exposed 2FA Login Codes

An unsecured server has resulted in tens of millions of SMS messages being exposed, and along with it password reset links, two-factor authentication codes, shipping notifications, and more.

Adam Engst 25 comments

“Hacked Account” Blackmail Spam on the Rise—Beware!

A relatively new form of spam is making the rounds on the Internet. It purports to be from a hacker who has taken over your computer and who will reveal your porn browsing to all your contacts unless you pay a Bitcoin blackmail. It’s fake, but its use of breached passwords as “proof” points toward a concerning future.

Josh Centers 5 comments

Tim Cook Calls for GDPR-Like Laws around the World

During a speech in Brussels, Apple CEO Tim Cook reiterated Apple’s strong privacy stance and advocated for GDPR-like laws both in the United States and around the world.

Joe Kissell 6 comments

Inside iOS 12: Use Third-Party Password Managers to Simplify Logins

Among the password-related changes in iOS 12 is the much-anticipated support for integrating third-party password managers with Safari and other apps, almost—but not quite—as a peer to iCloud Keychain.

Josh Centers No comments

How Kids Are Circumventing iOS 12’s Screen Time Limits

Apple’s Screen Time feature is designed to help parents limit their kids’ device usage, but the little nippers are already finding ways to defeat it. Is anyone surprised?

Adam Engst 16 comments

Apple Categorically Denies Businessweek’s China Hack Report

Bloomberg Businessweek last week published a bombshell article that alleges that Chinese spies inserted a malicious chip into servers used by Apple and other technology companies. Apple has unequivocally denied everything. Who to believe?

Glenn Fleishman 29 comments

SMS Text Message Login Codes Autofill in iOS 12 and Mojave, but Remain Insecure

Apple streamlined two-factor login confirmations via text message in iOS 12 and macOS 10.14 Mojave. But using SMS to validate your login remains problematic because of phone number hijacking. Apple should lead the way to retire it.

Adam Engst 17 comments

Follow These Steps to Enable Backblaze for Mojave

The Backblaze Mac client can’t back up all your data in macOS 10.14 Mojave unless you give it full disk access, and its companion menu bar utility also needs automation permissions. Follow Backblaze’s instructions to restore full functionality.

Adam Engst 8 comments

50 Million Facebook Accounts Hacked

Facebook has acknowledged that attackers took advantage of the platform’s View As feature to breach the security of at least 50 million accounts. If you’re forced to log in again, you might be among the affected users.

Adam Engst 2 comments

Trend Micro Mac Apps Stole Users’ Browser Histories

A number of Mac apps from Trend Micro have been discovered to be collecting users’ browsing histories and have been removed from the Mac App Store.

Rich Mogull 20 comments

Mojave’s New Security and Privacy Protections Face Usability Challenges

macOS 10.14 Mojave brings important security and privacy improvements to the Mac, but both Apple and developers need to work harder to avoid overwhelming users with a cacophony of alerts.

Josh Centers 10 comments

Popular Mac App Store Utility Turned Out to Be Spyware

A paid utility that was secretly spying on users’ Web browsing histories somehow made it past both Apple’s review process and macOS’s application sandboxing.

Josh Centers 2 comments

Hackers Steal T-Mobile Customer Data, Including Passwords

There has been yet another big data theft. This time, attackers stole the personal data and encrypted passwords of two million T-Mobile customers. If you use T-Mobile, change your password immediately.