The security updates that Apple released today have fixed the zero-click iMessage exploit that NSO Group used for its Pegasus spyware.
What this really highlights is that popular chat programs like iMessage are currently the royal road for nation state groups, and mercenary hackers to target phones. Ubiquitous chat and messaging apps are a serious attack surface. And it’s time for them to get a lot more secure.
Macinstruct published a brief guide on protecting your privacy on Apple devices as a response to Apple’s CSAM detection plans.
We’re now encouraging readers to protect their privacy by disabling certain Apple features. In situations where privacy is a hard requirement, it may be necessary to consider using non-Apple hardware and software. This article provides an overview of our recommendations and your options.
It’s a decent guide except for the recommendation to disable iMessage in favor of SMS. iMessage is end-to-end encrypted, SMS is not. My advice for iMessage privacy is to prevent Messages from storing content in iCloud. When that happens, Apple has the capability to decrypt texts. On an iPhone or iPad, go to Settings > Profile Name > iCloud, and turn off the toggle for Messages. Then go to Settings > Messages > Keep Messages. Change it to auto-delete old messages after 30 days. Or, use a private messenger such as Signal.
Today’s show is bursting with guests and info as Bryan Chaffin, Charlotte Henry, AND Andrew Orr join host Kelly Guimont to discuss Apple’s CSAM changes and how this affects current iOS users.
Best Buy is the latest company to join Apple’s Business Chat, letting people talk to customer support through iMessage.
Instagram links shared via iMessage have not been showing the link preview. An Instagram spokesperson confirmed this was a bug.
Project Zero, Google’s security team, reverse-engineered iMessage to see how Apple improved it in its latest OS 14 releases. Specially, how it has gained new protections against zero-day attacks using BlastDoor, resliding of the shared cache, and exponential throttling.
One of the major changes in iOS 14 is the introduction of a new, tightly sandboxed “BlastDoor” service which is now responsible for almost all parsing of untrusted data in iMessages (for example, NSKeyedArchiver payloads). Furthermore, this service is written in Swift, a (mostly) memory safe language which makes it significantly harder to introduce classic memory corruption vulnerabilities into the code base.
Mark Zuckerberg has once again criticized Apple for its privacy, saying that the company is anti-competitive because of iMessage (among other things).
We increasingly see Apple as one of our biggest competitors,” Zuckerberg said, noting that Apple’s iMessage software is preinstalled on iPhones — enabling it to become the most widely used messaging service in the United States, as opposed to Facebook’s WhatsApp — and that Apple’s growing investment in services also enables it to compete with Facebook and other apps that use its iOS software platform.
Beeper is a new chat app that combines 15 different messaging platforms into one interface. One of those messaging apps includes iMessage and there’s “some trickery” involved, as Eric Migicovsky says. You can install the Beeper Mac app to act as a bridge for iMessage. If you don’t have a Mac, Beeper will send you a jailbroken iPhone with the Beeper app installed to act as a bridge. “Just in case you thought Beeper was joking, in a followup tweet, Migicovsky said that he currently has 50 old iPhone 4S’s at his desk, ready to be upcycled for use with Beeper.”
Andrew Orr and Charlotte Henry join host Kelly Guimont to discuss how to add (or remove) your other Apple devices from the mix of messages/calls.
Message effects have been around for some time, letting iPhone users send cool messages to each other. Here are all of them.
EZ Contact Share is a small app that launches within iMessage. It lets you quickly share your contacts in a message without having to open the Contacts app. The recipient of the contact doesn’t need to download EZ Contact Share. They just have to tap on the message to import it. App Store: US$0.99
A patent filed in December reveals a method to let Apple customers edit iMessages as a method of correction. The edit history would also be available so everyone can see what the sender originally wrote.
The patent filing has an example to demonstrate Apple’s system for editing previously-sent texts. Two people are discussing a trip, and one of them accidentally writes and sends “Can I get a ridiculous up with you?”
They then press and hold on that text to bring up a windows with “Edit” as an option. They make the change so the text reads “Can I get a ride up with you?”
This is a great feature and I hope Apple adds it to iOS. Memojis and Animojis are fun, but Messages needs features like this that are actually useful to people.
John Martellaro and Andrew Orr join host Kelly Guimont to discuss blocking unwanted messages on your Mac, and some private alternatives to the iOS apps Apple gives you.
Charlotte Henry joins host Kelly Guimont to discuss Apple’s (lacking) Messages app and what rumors say could make it an Apple-level product in iOS 14.
Book retailer Barnes and Noble has added Apple Business Chat. This lets Apple customers connect to businesses through iMessage.
Dave Hamilton and Andrew Orr join host Kelly Guimont to discuss some hints for iMessage in iOS 13, and we start talking Catalina prep.
Gone are the days of manually adding photos to contacts. Instead use the iOS 13 feature to add an iMessage name and photo.
In iOS 13 you can use Animoji and Memoji camera effects in iMessage and FaceTime. Here’s where to find the setting.
Andy Greenberg writes about security problems in iMessage and Safari, saying that these products make iPhone less secure.
“If you want to compromise an iPhone, these are the best ways to do it,” says independent security researcher Linus Henze of the two apps…He and other iOS researchers argue that when it comes to the security of both iMessage and WebKit—the browser engine that serves as the foundation not just of Safari but all iOS browsers—iOS suffers from Apple’s preference for its own code above that of other companies.
Apple is in a tough position. If a company isn’t great at security, they could get a third-party to audit its software. But that would create a huge target.
The iPhone is the most popular device with Gen Z, the generation coming after millennials. Specifically, teens these days use iPhones so that no one is left out of iMessage group chats. Business Insider also found that iPhone ownership has created a “culture of multitasking” which I agree with, but I don’t think it’s limited to iPhones.
Some experts blame the rise of smartphones — and especially the iPhone — for fueling a pervasive culture of multitasking. Teens who spoke with Business Insider said they recognized that multitasking was not efficient. “It doesn’t really work out that well,” Jimenez said, acknowledging that she does it anyway. Experts say that trying to process two or more things at once may not even really be possible.
Ever get a beachball in Messages on your Mac? Want to re-arrange your CarPlay icons? Need an easy way to find files on your Mac, but the Finder’s not cutting it? These are just a few of the ways John and Dave start Mac Geek Gab this week, and then it’s time to dive into the harder questions! Press play and enjoy learning at least five new things!
Apple dropped iOS 12.3.1 today with bug fixes for VoLTE and the Messages app.
Will Marzipan be locked to the Mac App Store, and what effect will it have on the Mac experience? Bryan Chaffin is joined by Andrew Orr to discuss this, as well as the idea that iMessage is slowly backing its way to being Apple’s first successful social media play. They cap the show with a look at recent WWDC spoilers.
Apple Support version 3.1, updated today, adds iMessage integration into the app for customers in the United States.
Apple says that this feature is limited to the United States and is available for select topics only. Today’s update also introduces an improved experience for scheduling reservations at the Genius Bar and Authorized Service Providers, and it includes other unspecified bug fixes and performance improvements.
