Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
Update: T-Mobile has confirmed a security breach, but says it doesn’t yet know the extent of it. Statement below.
A hacker is selling what they claim is personal data from 100 million T-Mobile customers in the US, stating that this means full records for each customer, including social security numbers…
Expand Expanding Close
Update: This bill did not get as far as a vote.
This bill was introduced on June 23, 2020, in a previous session of Congress, but it did not receive a vote.
Although this bill was not enacted, its provisions could have become law by being included in another bill. It is common for legislative text to be introduced concurrently in multiple bills (called companion bills), re-introduced in subsequent sessions of Congress in new bills, or added to larger bills (sometimes called omnibus bills).
A bill proposed in the US Senate would effectively make it a legal requirement for Apple to build a backdoor into iPhones. It would make it illegal for Apple and other tech giants to use strong encryption for either devices or cloud services …
Expand Expanding Close
Update: Within minutes of writing this piece, an interview was posted where Craig Federighi admitted that Apple should have handled things differently.
One thing about the CSAM scanning controversy is now abundantly clear: It took Apple completely by surprise. Which is a surprise.
Ever since the original announcement, Apple has been on a PR blitz to correct misapprehensions, and to try to address the very real privacy and human rights concerns raised by the move …
Expand Expanding Close
Apple has been facing a lot of criticism following the announcement of a new system that will scan users’ photos for CSAM (child sexual abuse material) content. However, not only regular iOS users are worried about this, but also Apple’s own employees.
Expand Expanding Close
While most of the concerns about governments misusing CSAM scanning to detect things like political opposition have related to foreign governments, some have suggested that it could become an issue in the US, too.
Matt Tait, COO of security company Corellium, and a former analyst at British NSA equivalent GCHQ, says the Fourth Amendment means that this could not happen in the US …
Expand Expanding Close
Five days after Apple’s child protection measures were announced, there has been no let-up in the controversy surrounding the upcoming new features. Latest to comment is Facebook’s former security chief and now Stanford cybersecurity professor Alex Stamos.
Stamos says that there are no easy answers here, and calls for more nuanced discussion than the prevailing narratives that this is either a great move or an unacceptable one …
Expand Expanding Close
Home-based Apple call center workers in Colombia have expressed privacy concerns over plans to install AI-powered cameras in their homes, to monitor their performance. The same issue has arisen over Apple UK workers based in Albania.
Apple outsources some of its call center work around the world to Teleperformance, and employees say they are being pressured to sign a contract agreeing to the cameras, despite an Apple policy prohibiting it …
Expand Expanding Close
Apple has responded to misconceptions and concerns about its photo scanning announcements by publishing a CSAM FAQ – answering frequently asked questions about the features.
While child safety organizations welcomed Apple’s plans to help detect possession of child sexual abuse materials (CSAM), and to protect children from predators, there has been a mix of informed and uninformed criticism …
Expand Expanding Close
The announcement yesterday of Apple’s child protection measures confirmed an earlier report that the company would begin scanning for child abuse photos on iPhones. The news has seen mixed reactions from experts in both cybersecurity and child safety.
Four concerns had already been raised before the details were known, and Apple’s announcement addressed two of them …
Expand Expanding Close
A report this morning said that Apple is set to announce that it will begin scanning for child abuse images on iPhones. Update: Apple later confirmed the report.
The method Apple is expected to use is one that maximizes privacy, but we noted earlier that there are still a number of ways in which this could go badly wrong …
Expand Expanding Close
NSO has blocked more clients from using its Pegasus spyware, according to a source within the company, while it investigates reports of misuse.
The Israeli company was reported to have previously blocked five governments from using the malware after conducting a “human rights audit,” and has now suspended access to others …
Expand Expanding Close
Hundreds of thousands of police officers are unofficially using apps for face recognition, and gaining access to a wide range of databases, from credit checks to medical records, according to a new report today.
The report says that companies aiming to sell these apps to police departments are first offering them to individual cops, hoping that this will then create the demand for official purchases. This approach means there is no oversight to ensure civil rights are protected …
Expand Expanding Close
XLoader malware has now migrated from Windows machines to attack Macs too. An evolution of the malware known as Formbook, it lets an attacker log keystrokes, take screenshots, and access other private information.
Worryingly, the malware is sold on the dark web for $49, enabling anyone to deploy it against both Windows and Mac users …
Expand Expanding Close
An associate professor at the Johns Hopkins Information Security Institute has said that Apple can and must do more to prevent NSO attacks.
He argues that while it’s true that it is impossible to completely prevent exploits based on zero-day vulnerabilities, there are two steps that the iPhone maker can take to make NSO’s job much harder …
Expand Expanding Close
It’s extremely unlikely that your phone has been hacked using NSO software, but there is now a way to check your iPhone for Pegasus spyware – or, at least, some tell-tale signs.
The spyware was used to target human rights activists, lawyers, journalists, and politicians, and has been linked to assaults and murder of dissidents, so the chances of a random iPhone user being impacted are exceedingly low …
Expand Expanding Close
Last month we reported a LinkedIn scraping that exposed the data of 700 million users – some 92% of all those on the service. The data included location, phone numbers, and inferred salaries.
The man behind it has now been identified, and says that he did it “for fun” – though he is also selling the data …
Expand Expanding Close
One of the new features announced at WWDC 2021 with iOS 15 and macOS Monterey is iCloud Private Relay, which basically functions as an extra layer of security that ensures users’ privacy while browsing the web. Meanwhile, advertising companies are concerned about how Private Relay could put an end to fingerprinting.
Expand Expanding Close
A couple of disturbing reports revealed the comparative ease with which criminal gangs were able to use stolen iPhones to access the owner’s bank accounts. The initial report didn’t explain the method used, but a subsequent one did: swapping the SIM to a new device in order to reset the Apple ID password.
Apple is already working on one security measure – making it easier for users to remotely wipe data from a stolen iPhone – but the reports also highlight a security weakness that seems worryingly common among non-techies: using the Notes app to store passwords …
Expand Expanding Close
A well-intentioned law to allow digital platforms to detect and report child abuse is likely to itself break European privacy law …
Expand Expanding Close
If you’ve been using Kaspersky Password Manager (KPM) on your iPhone for a while, you may need to generate some new passwords. A security researcher has discovered two flaws that could result in an attacker having to try as few as 100 passwords to find yours …
Update: Kaspersky has shared an official statement on the flaws:
Expand Expanding Close
An AI system is being used to measure how much time politicians spend on their phones during debates and other televised government meetings …
Expand Expanding Close
Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.
NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …
Expand Expanding Close
Since its first release in 2000, Audacity has served as a useful audio editing tool for both Windows and Mac. Audacity grew in popularity fast thanks to being both free and open-source. Earlier this year, Muse Group acquired the development project and would be continuing the main fork. There weren’t many issues with that change until now.
Expand Expanding Close
Apple has successfully defeated an attempt by TikTok and others to bypass App Tracking Transparency in China.
Chinese tech giants believed that Apple wouldn’t dare to block popular apps like TikTok and QQ, but Apple apparently called their bluff …
Expand Expanding Close