How to enter Mac passwords with your Apple Watch

By

Apple Watch password
Is there anything the Apple Watch can’t do?
Photo: Jens Kreuter/Unsplash

You know how you can double-press the side button on your Apple Watch, and then wave it over a contactless terminal to pay with your credit card? Wouldn’t it be great if you could do the same with your Mac login password? Instead of having to type your password to authenticate yourself, you’d be able to double-tap the Apple Watch’s side button to do it instantly.

Well, now you can do exactly this — if you’re running macOS Catalina.

Apple patches iCloud, iTunes for Windows to plug malware hole

By

Apple iCloud for Windows app
Update today!
Photo: Microsoft/Cult ofMac

Apple’s latest patches for iTunes and iCloud for Windows are out to block potential ransomware attacks.

The software previously contained a vulnerability that allowed malware to piggyback on Apple’s digital signatures and go undetected by antivirus software.

And don’t assume you’re safe if you’ve already uninstalled Apple’s apps.

New York City uses Israeli tools to crack into locked iPhones

By

GrayKey can bypass iPhone security
iPhone security is no match for Cellebrite.
Photo: Ed Hardy/Cult of Mac

Law enforcement agents in New York City have been cracking into locked iPhones since January 2018, according to a new report.

Agencies are using a tool called Universal Forensic Extraction Device (UFED) that’s developed by Israeli firm Cellebrite. It is said to have cost at least $200,000 and allows a full file system extraction.

How to check (and block) apps that track you on iPhone and iPad

By

Protect iOS your privacy and data with a firewall app.
Protect iOS your privacy and data with a firewall app.
Photo: Capturing the Human Heart/Unsplash

Safari’s content blockers effectively block trackers and other Bad Stuff on the web, but that only works in Apple’s browser. Any other app you install on your iPhone or iPad can send all kinds of personal information to anyone, without you ever knowing. Your location, the details of your menstrual cycle, how long you spend asleep — pretty much anything.

So how do you stop this? Well, iOS 13 itself can help limit some abuses. But what you really need is an iOS firewall app that can detect and shut down any unauthorized connections.

How to control what your iPhone backs up to iCloud

By

icloud backup
Keep things safe with iCloud backup.
Photo: Gabriel Wasylko/Unsplash

Are you getting ready for a new iPhone? Running out of iCloud storage space? Living with a slow internet connection? Worried about privacy? In any of these cases, you might want to exclude some apps from your iCloud backups. Doing so will save iCloud storage space, conserve bandwidth and make sure your data does not go to Apple’s servers, where it may or may not be vulnerable to decryption.

The good news is that it’s easy to exclude pretty much anything you like from your iCloud backups in iOS. Here’s how.

iOS 13 flaw exposes all your contacts data

By

Find My Friends
Keep your iPhone close by.
Photo: Ed Hardy/Cult of Mac

A newly-discovered flaw in iOS 13 lets anyone access your contacts without your passcode.

It takes just a few simple steps to bypass your iPhone’s lockscreen and see every phone number, email address, and physical address you have saved. But a fix is already on the way.

Security researchers are flooding the market with iOS exploits

By

Zerodium
Here's how much you can make selling certain exploit chains.
Photo: Zerodium

One of the biggest buyers of iOS zero-day exploits says the market is flooded with new iPhone bugs due to weakened security components in Safari and iMessage.

Zerodium, which pays $2 million for iOS exploits, recently announced it’s increasing its payout for Android exploits to $2.5 million. iOS used to be the most locked-down mobile operating system, but the company says Android’s security has improved with every new OS release while iOS has been slacking, leading to a glut of new exploits.

iPhone security exploit allegedly used to target Uyghur Muslims

By

Apple Security Jacket
Security flaw made it possible to infect iPhones using malicious code.
Photo: Jim Merithew/Cult of Mac

An iPhone exploit which used malicious websites to hack iPhones was used to target Uyghur Muslims in China.

The security exploit was recently disclosed by Google researchers. It involved infecting users with malicious code, allowing an attacker to gain access to their phone. Apple fixed the vulnerability earlier this year, before the news was publicly shared.

Secure-erasing your Mac’s disks is no longer secure, Apple says

By

secure erase
Encrypting your disk is way safer than trying to 'secure' erase it.
Photo: Charlie Sorrel/Cult of Mac

In the olden days, when you wanted to replace your hard drive with a bigger one, you’d run a “secure erase” on it to completely remove any personal data. This would write zeros to the entire disk, overwriting anything already there.

But now, thanks to advances in storage tech, this no longer does the trick. (Not that you can change your own Mac SSDs now anyway.) The new secure-erase, says Apple, is to just encrypt your disk.