Security

In honor of Safer Internet Day, Apple has shared a list of features and tips to provide a more secure and private experience for kids on devices like iPhone and iPad. Along with 8 ways to stay safer, Apple has highlighted its dedicated educational hub for parents and families plus a new free Today at Apple session called “Your Kids and Their Devices.”

Pegasus spyware journalists Laurent Richard and Sandrine Rigaud were the first to discover an extensive list of specific people being targeted by NSO’s clients. In working on the story, they said they had to take extreme privacy precautions to avoid their own devices being compromised.

One of the major uses of Pegasus has been to silence journalists working on revealing abuses by tyrannical governments, so the risk of their own devices being hacked without their knowledge was very real …

Apple rolled out hardware security key support in iOS 16.3, but what are they, and should you consider using them? Watch my hands-on video walkthrough as I explain why Apple added hardware security key support for Apple IDs, showcase how to use hardware security keys, and answer some frequently asked questions.

This written walkthrough explains a lot about security keys, but the video walkthrough embedded in this post is more in-depth, touches on additional platforms like macOS, and showcases features that I don’t touch on here. If you’re keenly interested in security keys, be sure to give it a watch, and perhaps consider subscribing to the channel for more in-depth analysis.

A member of the Senate Intelligence Committee has called on both Apple and Google to remove TikTok from their respective app stores.

The demand follows growing concerns about the Chinese-owned app, with the video sharing app already banned from US federal government devices, along with those in more than half of US states …

Anker has admitted that its statements about Eufy security camera encryption were not accurate. The smart home brand had previously stated that all video footage is end-to-end encrypted, but has now admitted there was an exception to this (which it has now fixed).

The company only finally came clean about the privacy breach after The Verge threatened to post a story about the company’s failure to answer its questions …

An Apple Maps privacy bug fixed in iOS 16.3 may have allowed apps to collect user location data without permission.

At least one app appears to have done so, and a security reporter has speculated that the same privacy bug could have been exploited by countless apps over an unknown time period …

Apple debuted physical security key support with iOS 16.3 and macOS 13.2. While they work across iPhone, iPad, Mac, and the web, there are some instances when they are not supported, even if successfully set up with one device. Here are 5 ways security keys don’t work with Apple ID.

The main new feature that arrived with iOS 16.3 and macOS 13.2 is support for physical security keys. For those that want to take security up a notch, you’ll need to pick up at least two hardware keys, but which ones to choose? Here are the security keys Apple recommends for iPhone, iPad, and Mac.

Pegasus spyware – a zero-click way of remotely hacking an iPhone, and gaining access to all the personal data stored on it – has been defended by the company’s CEO. NSO chief exec said that the company had made “mistakes” in selling it to repressive governments, but claimed that it now sells Pegasus only to countries to whom the US sells weapons.

A security researcher said that the comparison was bogus, stating that a more reasonable comparison would be selling long-range nuclear missiles …

Earlier this week Apple officially released iOS 16.3 updates for iOS, iPadOS, and HomePod. The update brings several noteworthy changes and enhancements to these devices, headlined by support for hardware security keys for Apple IDs and the global rollout of Advanced Data Protection.

iOS 16.3 also paves the way for the new second-generation HomePod, which is scheduled to be released on February 3. But even if you don’t plan on dropping $299 for Apple’s newest smart speaker, you’ll be pleased to learn that iOS 16.3 includes enhancements for the first-generation HomePod and the HomePod mini. Watch my hands-on video walkthroughs for a visual breakdown of what’s new.

A GoTo hack related to the LastPass security breach was far worse than initially disclosed. The company, formerly known as LogMeIn, has revealed that attackers obtained not only encrypted backups of customer data, but also an encryption key for at least some of that data.

It’s a similar tale to the LastPass hack, which followed a similar path from low-key initial announcement to revelations that it was significantly worse than initially feared …

Twitter GodMode – an internal tool that hackers used to tweet from high-profile accounts, including Apple, back in 2020 – remains available to all of the company’s engineers, according to a new report today.

Twitter had previously said that the security hole had been fixed, but a whistleblower said that aside from changing the name of the tool from GodMode to PrivilegedMode, the company had made only one change – and that still allowed any Twitter engineer to trivially gain uncontrolled access to it …

There have been numerous examples of people losing a lifetime’s worth of photos after being locked out of their iCloud account. The Apple account recovery process often proves impossible, especially in cases where an iPhone has been stolen and its owner forced to unlock it.

Just yesterday there was a fresh example, where an unlocked iPhone was stolen at gunpoint by seemingly tech-savvy thieves …

Brand owner Anker has finally responded to proof of a major Eufy camera security breach, but its official statement still leaves a great many questions unanswered.

The company has now admitted that it lied to users about all footage and images being stored locally, and never sent to the cloud, after a security researcher proved that this was not true …

Apple launched a big security enhancement with iOS 16.2 that brings the long-requested feature of full encryption for iMessage in iCloud, iPhone backups, and eight other apps/categories. As part of the process, you’ll need to set up a recovery contact/key – here’s how to turn on iPhone end-to-end encryption for iMessage, iCloud, device backups, Notes, Safari, Photos, and more.