Skip to content
Thoughtful, detailed coverage of everything Apple for 29 years
and the TidBITS Content Network for Apple professionals

Category: Security

Adam Engst 7 comments

Social Engineering for Fun and Profit. And Other Stuff

A search engine marketing consultant has shown that it’s simple to use Google AdWords and YouTube videos to further a specific agenda. That might be a good thing, such as by encouraging suicidal people to call a hotline, but it could equally as easily be used for evil.

Adam Engst Josh Centers 7 comments

Capital One Data Breach Reveals Information on 106 Million

Capital One has announced a security breach that affects approximately 100 million people in the United States and 6 million in Canada.

Adam Engst No comments

Here We Go Again: GCHQ’s Ghost User Proposal to Circumvent Encryption

Security expert Jon Callas has written a four-part series for the ACLU on problems with the latest government proposal—this time from the UK’s GCHQ—to allow the government to listen in on encrypted communications. Spoiler: it won’t work.

Josh Centers 5 comments

Apple Workers May Be Listening to Your Siri Conversations

Apple has increasingly used its stance on privacy as a selling point, but The Guardian has revealed that, like Amazon, Apple lets contractors listen in on conversations held while Siri is active. The audio may be difficult or impossible to trace back to the individuals who are speaking, but Apple should still find a better way to improve Siri.

Josh Centers 3 comments

Amazon Using Police Departments to Sell Ring Cameras

Amazon subsidiary Ring is partnering with police departments around the United States to distribute security cameras to communities, but in return, police must agree to promote Ring’s products.

Josh Centers 29 comments

You May Be Entitled to $125 or More in the Equifax Breach Settlement

Equifax has reached a deal to pay up to $425 million to Americans in order to compensate them for the credit bureau’s massive data breach. But a large percentage of the fine will be paid only if its claimed by people whose data was exposed in the breach—learn how to get your share of the settlement.

Adam Engst 15 comments

Apple Releases macOS 10.14.6, iOS 12.4, watchOS 5.3, tvOS 12.4, and More

Apple has released macOS 10.14.6, iOS 12.4, watchOS 5.3, and tvOS 12.4. In a surprise move, the company also pushed out iOS 10.3.4 and iOS 9.3.6 for older iOS devices that can’t run iOS 12.

Josh Centers 4 comments

Most “Free” VPN Apps Secretly Owned by China

Lots of people trust Virtual Private Network apps to protect their privacy, but they seldom ask who made them—an investigation by Top10VPN.com suggests that they should.

Rich Mogull 12 comments

Apple Flexes Its Privacy Muscles

At WWDC 2019, Apple made numerous announcements that show both how important the company believes privacy to be and how far it’s willing to go to encourage privacy-protecting technologies in its own products. But these efforts will face challenges from all sides.

Josh Centers 25 comments

Zoom and RingCentral Exploits Allow Remote Webcam Access

Video conference systems Zoom and RingCentral have major vulnerabilities that could trigger your Web cam without permission. Here’s how to patch it yourself.

Glenn Fleishman 17 comments

How Apple’s New Find My Service Locates Missing Hardware That’s Offline

Apple’s updated Find My service crowdsources the location of a missing device by letting other Apple equipment identify its unique Bluetooth signals and transmit them to Apple anonymously and securely.

Adam Engst 5 comments

iOS App Trackers Are Watching You

Investigative journalist Geoffrey Fowler of the Washington Post has discovered that numerous iOS apps include trackers that constantly send information about you back to data brokers.

Adam Engst 4 comments

Apple Patches ZombieLoad Vulnerabilities

Security researchers have discovered a new class of vulnerabilities in Intel CPUs dating back to 2011 and beyond. Happily, Apple’s macOS 10.14.5 and Security Update 2019-003 provide fixes.

Adam Engst 37 comments

Was Your Data Included in Recent Security Breaches?

Billions of email addresses and other bits of data have been revealed in security breaches this year alone. There’s nothing you can do about what’s already out there, but read on for advice on preventing future problems.

Josh Centers 5 comments

Amazon Workers May Be Listening to Your Alexa Conversations

Bloomberg has revealed that Amazon pays people to listen to a subset of Alexa recordings for the purpose of improving the technology. Do you trust Amazon with recordings of everything you say within an Echo’s earshot?