Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
Pressure is growing on Apple and Google to remove Absher, a controversial Saudi app which can be used by male family members to track the movements of women and even bar them from travelling. Some 14 members of Congress have accused the two companies of being ‘accomplices in the oppression of Saudi women’ …
A new investigative report from The Wall Street Journal today looks into the controversial practice of popular third-party iOS and Android apps sending very personal user data to Facebook. In some cases, this happened immediately after an app recorded new data, even if the user wasn’t logged into Facebook or wasn’t a Facebook user at all. Notably, the report highlights that Apple and Google don’t require apps to divulge all the partners that user data is shared with.
After Apple forced Facebook to pull Onavo Protect from the iOS App Store, and to cease using Facebook Research, the social network seems to be finally taking the hint about its spyware …
A WhatsApp security vulnerability has been discovered in a new feature introduced earlier this month …
Yesterday, 9to5Mac was alerted to a flaw in a third-party utility app for Instagram, called Exposure. The app helps brands connect with Instagram posters, automating the collection of agreements to use imagery for commercial purposes.
It just so happens that Apple was using this tool for its Shot on iPhone campaign. 9to5Mac contacted Apple to report the security issue. Following an investigation, a few hours later, Apple cut ties with the Exposure service. (Update: Statement from the parent company of Exposure below)
An attempt by Apple to protect your Safari browsing history in macOS Mojave has a security hole which allows full access by a rogue app, says a Mac and iOS developer.
Prior to Mojave, your browsing history was freely available to any app that looked inside ~/Library/Safari. In macOS 10.14, however, Apple locked down access so tightly that you can’t even list the contents in Terminal – in theory …
Stolen account details from 16 hacked websites have gone on sale on the dark web. In all, 617 million records are available, with data including account holder names, email addresses and hashed passwords …
Tim Cook says that he was unaware of the Absher app, a Saudi-based government app which allows men to track female family members, and even prevent them from travelling, but will investigate.
It follows Oregon Senator Ron Wyden writing to both Cook and Google’s Sundar Pichai, calling on them to ‘immediately remove’ the app from their App Stores …
After Facebook and Google had their Enterprise Certificates revoked by Apple, a new investigation by TechCrunch has revealed more companies exploiting the program for uses outside of the terms and conditions. Specifically, TC verified over two dozen gambling and porn apps that use the Enterprise Certificates to distribute their apps to non-employees, with thousands more likely doing the same. The publication also discovered just how easy it is to gain access to an Enterprise Certificate.
Both Apple and Google have come under fire this month for hosting a Saudi-based app called Absher on their mobile platforms. Among other uses, the app is designed to let Saudi men track and control Saudi women. Now, Oregon Senator Ron Wyden has formally written to both Apple and Google urging them to remove the app from iOS and Android.
A judge has ruled that the public cannot know the details of a battle between the US government and Facebook on whether or not the social network could be forced to decrypt Facebook Messenger calls …
A new Apple patent application suggests that the company has boosted the security of Face ID in order to defeat the attack method demonstrated in 2017, when a specially-designed 3D-printed mask was able to unlock an iPhone X.
The attack was a sophisticated one, meaning that ordinary users didn’t have much to fear, but the security researchers did suggest that high-profile targets – like company CEOs – might want to avoid using Face ID …
A new report from Motherboard today takes a look into the practices of US wireless carriers selling user location data to third-parties. While it’s often credit card and other financial companies buying the location data for fraud detection and more, Motherboard says some rogue third-parties have access to user location data and it’s landing the hands of bounty hunters and the black market.
A new report from Motherboard today looks into the world of hacking iCloud-locked iPhones. While turning on Find My iPhone (which enables the iCloud lock) is generally thought to be quite secure, Motherboard highlights several ways that thieves, hackers, and coders are getting around the security feature to sell stolen (and non-stolen) devices.
Facebook has followed through on giving all users the option to unsend messages after it was discovered that CEO Mark Zuckerberg had access to the exclusive option last year. Here’s how the new feature with a limited time window works…
A somewhat odd privacy decision made by Apple in iOS 12.2 is set to break many iPhone AR and VR experiences created by film studios and advertisers – including one made by Apple itself …
Britain’s Government Communications Headquarters (GCHQ) – the UK equivalent of the NSA – is calling on Apple and other tech companies to secretly add law enforcement agents to Messages chats, FaceTime calls and other forms of encrypted chat on demand.
The American Civil Liberties Union (ACLU) has said this would be like the recently-discovered FaceTime bug, only worse …
Earlier this month we saw what was considered to be the largest ever dump of stolen internet accounts with 773 million email addresses and 21 million passwords. The dump of compromised accounts was called “Collection #1”. Now, Collections #2-5 have been dumped and the numbers are staggering: 845GB of stolen data that includes 25 billion total records and 2.2 billion unique usernames and passwords.
Facebook has said that it is shutting down its controversial ‘Facebook Research’ iPhone app, after it was disclosed that the company had repackaged its banned Onavo VPN app and was paying teens and adults $20/month to install it.
Update: It turns out it wasn’t even Facebook’s decision to shutdown the iOS app – it was Apple. Apple PR via Recode:
We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.
Update 2: Many of Facebook’s internal iOS apps have been disabled after Apple revoked its enterprise certificate.
More details surrounding the major FaceTime eavesdropping bug that 9to5Mac exclusively reported on yesterday are emerging. A woman has claimed that her teenage son discovered the flaw and warned Apple about it last week. Now a video has surfaced as evidence for the teenager’s discovery dated January 23rd.
The revelation that a major FaceTime bug can effectively turn your Apple devices into a hot mic, allowing a caller to hear or even see you before you pick up, would be a massive embarrassment no matter which company was involved. It’s an absolutely crazy security fail.
But when that company is Apple – which has been ceaselessly pushing privacy of late – it becomes so cringeworthy we’re going to have to invent a whole new scale just to measure it …
UPDATE: Apple has taken Group FaceTime offline in an attempt to address the issue in the interim.
A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call. Apple says the issue will be addressed in a software update “later this week”.
Naturally, this poses a pretty big privacy problem as you can essentially listen in on any iOS user, although it still rings like normal, so you can’t be 100% covert about it. Nevertheless, there is no indication on the recipient’s side that you could hear any of their audio. There’s a second part to this which can expose video too …
GDPR regulations give European citizens a legal right to see all the personal data held on them, among other rights. But a tech writer requesting data from Apple, Amazon, Facebook and Google found that the data isn’t as easy to understand as it should be …