Privacy

Apple Intelligence is launching later this month, bringing a first wave of AI features to your iPhone, iPad, and Mac. But as with all AI technology, the matter of privacy is a key one to pay attention to. How does Apple Intelligence handle user privacy? Here’s what you should know.

One of the new features of iOS 18 and macOS Sequoia is iPhone Mirroring – but using this with a personal iPhone on a work Mac currently creates a privacy risk for employees, and a legal risk for businesses.

The problem, as cybersecurity company Sevco discovered, is that apps on the iPhone get treated as Mac apps, and that means their presence is included in corporate IT audits …

It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US.

What’s notable about the attack is that it compromised security backdoors deliberately created to allow for wiretaps by US law enforcement …

A MoneyGram hack has seen an attacker obtain the personal data of an unknown number of the company’s 50 million money transfer users.

A separate hack of a debt collection company has seen personal data obtained for more than 200,000 Comcast customers, despite previous assurances that this was not the case …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

I’m in the midst of traveling to Ukraine this week for OFTWv2.0, and I can’t help but think about the comments on last week’s edition of Security Bite defending the VPN apps that still exist on the App Store in Russia. While almost every app from legitimate providers in the country has been removed, Russian users can still find a surplus of VPN options claiming to offer secure encryption and private browsing. The only question being–really?

Some developers yesterday argued that a change to iPhone contact privacy in iOS 18 made it harder for new social media apps to compete.

But I think they’re wrong, and that the more granular privacy control offered in iOS 18 actually makes it more likely that we’ll be willing to grant contacts access to apps …

iOS 18 is full of big, headline changes like new customization tools, upgrades to Photos, Notes, and Messages, and the forthcoming Apple Intelligence features. But one smaller update is causing a lot of concern for social apps, and it’s a change designed to protect user privacy.

A succession of T-Mobile data breaches saw millions of customers have their personal data exposed. The company has now been fined $15.75M, and has agreed to spend the same amount again on upgrading its security.

The Federal Communications Commission (FCC) says that the combination of fine and promised security enhancements represents a model for future handling of such incidents …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

Since Russia’s full-scale assault on Ukraine, Apple has significantly scaled back its operations in the country. It has since suspended all product sales and limited certain services, such as Apple Pay. Despite this, Apple continues to operate a full-fledged App Store in Russia. However, it’s now facing worthy criticism for complying with Russian government requests to remove VPN apps to adhere to local regulations–censorship.

Apple has improved iPhone security and privacy with iOS 18. One of the valuable new features is the ability to require Face ID for individual apps as well as putting them in a hidden folder. Read along for how to lock and hide apps on iPhone in iOS 18.

Discord end-to-end encryption (E2EE) is rolling out today for both audio and video calls. You can update to the latest mobile and desktop apps to get access to the privacy protection today.

There are, however, some exceptions to strong encryption, which result from a mix of technical limitations and Discord policy …

Security researchers came up with a pretty wild Vision Pro exploit. Dubbed GAZEploit, it’s a method of working out the passwords of Vision Pro users by watching the eye movements of their avatars during video calls.

They’ve put together a YouTube video (below) to demonstrate how tracking the avatar’s eye movements accurately detects the virtual keys the Vision Pro user is looking at when typing …

Apple software SVP Craig Federighi says that the Private Cloud Compute servers used for Apple Intelligence features are really basic – and with good reason.

The exec says it’s one of a number of decisions the company made to ensure that it’s AI cloud servers form a “hermetically sealed privacy bubble” with your iPhone …

When Apple introduced the M4 iPad Pro earlier this year, the company quietly added a new privacy feature to it, which is called “Secure Exclave.” Now the company is bringing the same new privacy technology to the iPhone 16 models, which are powered by the A18 chip.

Meta has admitted to scraping all public Facebook and Instagram posts made since 2007 in order to train its generative AI model, adding to the privacy contrast with Apple Intelligence.

While the admission was made during a public enquiry in Australia, the company’s statement applies globally …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

The privacy implications of Notification Center popups are well-known in the security forensics community. Whether a user likes it or not, macOS temporarily keeps a log of every notification received in a single plaintext database. This can include messages from applications like iMessage, Slack, Teams, and virtually anything else.

However, it now appears Apple has moved the Notification Center database in macOS Sequoia to address concerns.

Hard as it may be to imagine, the massive data leak – which appears to include the personal data of everyone in the US, UK, and Canada – was even worse than we thought.

In a truly epic security fail, the same data was hosted by a partner company which managed to publish its own passwords, enabling absolutely anyone to access the data …

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.

When Apple unveiled iOS 18 earlier this summer, I was somewhat disappointed by the lack of significant new security and privacy features. I still feel that way to some extent. However, after running the iOS 18 beta for over a month now, I want to highlight some of my favorite and noteworthy features. So, here’s my ranking in ascending order. If your #1 favorite is different, comment it below, and I’ll tell you why you’re wrong 😉

T-Mobile has been fined $60M for failing to prevent unauthorized access to sensitive data, and for further failing to report the failure.

Unusually, the fine was levied by the Committee on Foreign Investment in the US (CFIUS), and is the largest fine it has ever issued …

A massive data leak of some 2.7 billion records may include sensitive personal data for every person in the US, UK, and Canada. For the US, the data includes social security numbers.

The data is said to have come from a company known as National Public Data, which collects and sells personal data for use in background checks by private investigators and others …

A new regime of repeating macOS Sequoia permission prompts have been described as “a subscription you didn’t buy and can’t cancel.”

An Apple ad once made fun of the endless stream of permission requests in Windows Vista, but some are suggesting that Sequoia is now every bit as bad …