Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
Stolen account details from 16 hacked websites have gone on sale on the dark web. In all, 617 million records are available, with data including account holder names, email addresses and hashed passwords …
Tim Cook says that he was unaware of the Absher app, a Saudi-based government app which allows men to track female family members, and even prevent them from travelling, but will investigate.
It follows Oregon Senator Ron Wyden writing to both Cook and Google’s Sundar Pichai, calling on them to ‘immediately remove’ the app from their App Stores …
After Facebook and Google had their Enterprise Certificates revoked by Apple, a new investigation by TechCrunch has revealed more companies exploiting the program for uses outside of the terms and conditions. Specifically, TC verified over two dozen gambling and porn apps that use the Enterprise Certificates to distribute their apps to non-employees, with thousands more likely doing the same. The publication also discovered just how easy it is to gain access to an Enterprise Certificate.
Both Apple and Google have come under fire this month for hosting a Saudi-based app called Absher on their mobile platforms. Among other uses, the app is designed to let Saudi men track and control Saudi women. Now, Oregon Senator Ron Wyden has formally written to both Apple and Google urging them to remove the app from iOS and Android.
A judge has ruled that the public cannot know the details of a battle between the US government and Facebook on whether or not the social network could be forced to decrypt Facebook Messenger calls …
A new Apple patent application suggests that the company has boosted the security of Face ID in order to defeat the attack method demonstrated in 2017, when a specially-designed 3D-printed mask was able to unlock an iPhone X.
The attack was a sophisticated one, meaning that ordinary users didn’t have much to fear, but the security researchers did suggest that high-profile targets – like company CEOs – might want to avoid using Face ID …
A new report from Motherboard today takes a look into the practices of US wireless carriers selling user location data to third-parties. While it’s often credit card and other financial companies buying the location data for fraud detection and more, Motherboard says some rogue third-parties have access to user location data and it’s landing the hands of bounty hunters and the black market.
A new report from Motherboard today looks into the world of hacking iCloud-locked iPhones. While turning on Find My iPhone (which enables the iCloud lock) is generally thought to be quite secure, Motherboard highlights several ways that thieves, hackers, and coders are getting around the security feature to sell stolen (and non-stolen) devices.
Facebook has followed through on giving all users the option to unsend messages after it was discovered that CEO Mark Zuckerberg had access to the exclusive option last year. Here’s how the new feature with a limited time window works…
A somewhat odd privacy decision made by Apple in iOS 12.2 is set to break many iPhone AR and VR experiences created by film studios and advertisers – including one made by Apple itself …
Britain’s Government Communications Headquarters (GCHQ) – the UK equivalent of the NSA – is calling on Apple and other tech companies to secretly add law enforcement agents to Messages chats, FaceTime calls and other forms of encrypted chat on demand.
The American Civil Liberties Union (ACLU) has said this would be like the recently-discovered FaceTime bug, only worse …
Earlier this month we saw what was considered to be the largest ever dump of stolen internet accounts with 773 million email addresses and 21 million passwords. The dump of compromised accounts was called “Collection #1”. Now, Collections #2-5 have been dumped and the numbers are staggering: 845GB of stolen data that includes 25 billion total records and 2.2 billion unique usernames and passwords.
Facebook has said that it is shutting down its controversial ‘Facebook Research’ iPhone app, after it was disclosed that the company had repackaged its banned Onavo VPN app and was paying teens and adults $20/month to install it.
Update: It turns out it wasn’t even Facebook’s decision to shutdown the iOS app – it was Apple. Apple PR via Recode:
We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.
Update 2: Many of Facebook’s internal iOS apps have been disabled after Apple revoked its enterprise certificate.
More details surrounding the major FaceTime eavesdropping bug that 9to5Mac exclusively reported on yesterday are emerging. A woman has claimed that her teenage son discovered the flaw and warned Apple about it last week. Now a video has surfaced as evidence for the teenager’s discovery dated January 23rd.
The revelation that a major FaceTime bug can effectively turn your Apple devices into a hot mic, allowing a caller to hear or even see you before you pick up, would be a massive embarrassment no matter which company was involved. It’s an absolutely crazy security fail.
But when that company is Apple – which has been ceaselessly pushing privacy of late – it becomes so cringeworthy we’re going to have to invent a whole new scale just to measure it …
UPDATE: Apple has taken Group FaceTime offline in an attempt to address the issue in the interim.
A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call. Apple says the issue will be addressed in a software update “later this week”.
Naturally, this poses a pretty big privacy problem as you can essentially listen in on any iOS user, although it still rings like normal, so you can’t be 100% covert about it. Nevertheless, there is no indication on the recipient’s side that you could hear any of their audio. There’s a second part to this which can expose video too …
GDPR regulations give European citizens a legal right to see all the personal data held on them, among other rights. But a tech writer requesting data from Apple, Amazon, Facebook and Google found that the data isn’t as easy to understand as it should be …
It was last week claimed that Apple was one of a number of tech giants which was failing to fully comply with Europe’s privacy law, GDPR. Other companies may be deliberately defying GDPR, it is argued today.
A new piece suggests two reasons for companies not complying with one of the General Data Protection Regulation’s key requirements …
A complaint has been made to a European privacy watchdog that Apple does not fully comply with its GDPR obligations.
The General Data Protection Regulation requires companies to supply, on request, a copy of all the data they hold on you. Having tested this with ten users, an Austrian non-profit organization said that Apple failed to supply a complete set of data …
Earlier this morning, Tim Cook penned an op-ed in TIME Magazine to call for comprehensive federal privacy reform. Now, Acxiom, one of the largest data brokers, has come out in support of Cook’s call for GDPR-like regulation in the United States.
DuckDuckGo, the popular search engine alternative to Google has announced today that its address and map searches on mobile and desktop are now powered by Apple’s MapKit JS framework. DuckDuckGo is one of the first companies to rely on MapKit for its data and touts the privacy that the move brings to its users.
Update: AT&T now says it will also stop selling user location to aggregation services, according to CNET.
After Motherboard published details about a concerning investigation into how US wireless carriers are selling user location data to third-parties, T-Mobile and Sprint have made some fresh promises. They say they will end the practice of selling users’ data to third-party aggregators that often have little to no oversight.
Former Facebook privacy and policy employee Sandy Parakilas has been hired by Apple, according to a report by The Financial Times. Parakilas left Facebook six years ago following less than a year and a half with the company after his user privacy concerns fell on deaf ears internally.