For Lifehacker, Jake Peterson wrote a reminder that under certain circumstances, Apple can theoretically access your iMessages.
Here’s the tricky thing; Messages in iCloud is end-to-end encrypted, just as you’d expect—that’s why there’s no way to access your messages on the web, such as by logging in to icloud.com. There’s one big problem, though: your iCloud Backup isn’t end-to-end encrypted—and Apple stores the key to unlock your encrypted messages within that backup.
Messages in iCloud has been a thing for a few years now, but you can turn it off.
The International Organization for Standardization has approved and published ISO/IEC 18013-5 for mobile driver’s licenses and mobile IDs.
The App Tracking Transparency privacy feature might indicate that Apple is looking to mount a challenge in online advertising.
Andrew Orr joins host Kelly Guimont to discuss Security Friday news including Mozilla’s product guide and an AirTag attack.
The Federal Trade Commission is weighing options to strengthen online privacy rules, especially with regard to protecting children.
1Password has teamed up with Fastmail to give users a way to create email aliases when signing up for accounts.
iOS 14’s App Tracking Transparency lets you disable app tracking, but these apps do it anyway, according to a recent investigation.
In a review of the privacy features of 21 popular video call apps, Mozilla said Apple’s FaceTime is safe, while WeChat, Houseparty, and Facebook Messenger are not.
Says Jen Caltrider, *Privacy Not Included Lead at Mozilla: Video call apps are now a routine part of millions of people’s lives. And even when the pandemic recedes, that won’t change. In this new world, people deserve to know if the apps they’re using everyday respect their privacy — or if they’re snooping on them. While video call apps may feel more intimate than social media platforms, there’s still a ton of data being collected, stored, and shared. For that reason, users should assume that anything they say on a video call app could be made public.
Apple has officially released iOS 15 for customers on Monday, bringing plenty of fresh new features and quality-of-life upgrades.
Jon Callas, the Electric Frontier Foundation’s director of technology projects, explained what data newer cars, especially Tesla, collect from you.
“All of these things are at least theoretically able to be logged,” cautioned Callas. “And there is a port that you can connect something to — and there’s lots of hardware and software that you can connect to your car and get all sorts of telemetry information about how the car is running — and just like there are people who hack their computers there are people who hack their cars.”
PrivacyTools.io is a website I’ve long used to learn about different types of private software. The team announced that it will rebrand as Privacy Guides.
Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder.
This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.
Update: It appears there is some contention or intra-politics. The official PrivacyTools Twitter account said it is a project split, not a rebrand.
On the eve of the 2021 Fall Apple Event on Tuesday, protests are being planned at various Apple stores to protest CSAM detection features.
Privacy advocates have delivered a petition to Apple over its plans to install a system on its devices to detect child sexual abuse material.
Macinstruct published a brief guide on protecting your privacy on Apple devices as a response to Apple’s CSAM detection plans.
We’re now encouraging readers to protect their privacy by disabling certain Apple features. In situations where privacy is a hard requirement, it may be necessary to consider using non-Apple hardware and software. This article provides an overview of our recommendations and your options.
It’s a decent guide except for the recommendation to disable iMessage in favor of SMS. iMessage is end-to-end encrypted, SMS is not. My advice for iMessage privacy is to prevent Messages from storing content in iCloud. When that happens, Apple has the capability to decrypt texts. On an iPhone or iPad, go to Settings > Profile Name > iCloud, and turn off the toggle for Messages. Then go to Settings > Messages > Keep Messages. Change it to auto-delete old messages after 30 days. Or, use a private messenger such as Signal.
The Irish Data Protection Commission has ordered Facebook-owned WhatsApp to pay a US$266 million fine over the way it handles user data.
U.S. District Judge Jeffrey White has given the green light to a lawsuit that claims Siri violates user privacy. He did dismiss part of the complaint.
On Wednesday Apple revealed which U.S. states are the first to support storage of IDs within Apple Wallet in iOS 15 and watchOS 8.
Zoe Schiffer, writing for The Verge, investigates Apple employees and “the blurring of personal and work accounts.”
This is how it starts: a new Apple employee is told during onboarding that collaborating with their colleagues will require them to make extensive use of iCloud storage, and their manager offers a two terabyte upgrade. This will link their personal Apple ID to their work account — in fact, the instructions for accessing this upgrade explicitly say “you must link your personal Apple ID with your AppleConnect work account.”
An AI company based in Berlin, Germany called Xayn has launched a web version of its private search engine app.
Both versions of Xayn use Masked Federated Learning to protect users’ data privacy while still providing them with an individually tailored web experience. They are created with the same code base in Flutter, a developing framework that’s designed to function both on mobile and web. The team transferred the AI to work directly in the respective browsers with high speed via WebAssembly so that all personal data stays privately within the browsers.
Looks like it doesn’t work yet on Safari.
Adblocking company AdGuard is the latest to offer commentary on Apple’s controversial decision to detect CSAM in iCloud Photos. The team ponders ways to block it using their AdGuard DNS technology.
We consider preventing uploading the safety voucher to iCloud and blocking CSAM detection within AdGuard DNS. How can it be done? It depends on the way CSAM detection is implemented, and before we understand it in details, we can promise nothing particular.
Who knows what this base can turn into if Apple starts cooperating with some third parties? The base goes in, the voucher goes out. Each of the processes can be obstructed, but right now we are not ready to claim which solution is better and whether it can be easily incorporated into AdGuard DNS. Research and testing are required.
