security

Read Cult of Mac’s latest posts on security:

Use your iPhone to find and change passwords that hackers stole

By

Use your iPhone to find and fix website passwords that hackers have stolen
If hackers steal the passwords you use to log into websites, your Apple device can warn you and help you change them.
Graphic: Ed Hardy/Cult of Mac

It’s World Password Day, and that’s a good opportunity to do something you’ve probably been procrastinating about: Replace your website passwords that hackers stole because of some company’s lax security. Fortunately, your Apple devices make it easy to find out which of your passwords leaked so you can change them.

Fix a potentially serious problem now, before something bad happens..

How and why to use iPhone Stolen Device Protection

By

How and why to use iPhone Stolen Device Protection
Activate Stolen Device Protection to make your iPhone less valuable to criminals.
Graphic: Ed Hardy/Cult of Mac

iPhone Stolen Device Protection offers increased safety for your accounts and financial information if someone steals your handset and its passcode.

Here’s how to activate the security feature that debuted in iOS 17.3, and — more importantly — why you should do it now.

Google beefs up Chrome browser security for Mac and iOS devices

By

Google Safe Browsing update in Chrome for macOS and iOS
These security updates come to macOS and iOS users first and to Android users later in the month.
Photo: Google

Privacy-preserving URL protection and beefed-up password protection are coming to Google Safe Browsing for the popular Chrome browser for macOS and iOS, Google said Thursday. The Chrome security update comes to Macs, iPhones and iPads first. Android devices will see them later in March.

How Apple plans to ramp up iOS security for stolen iPhones

By

Stolen Device Protection in iOS 17.3 beta
Your iPhone can better protect itself from data thieves with a new iOS 17.3 feature.
Image: Ed Hardy/Cult of Mac

The just-released iOS 17.3 beta 1 includes a surprise feature: Stolen Device Protection. The option makes it harder to reset the passcode on a stolen device if the thief already knows the current passcode. There are also new password protections.

Apple also seeded the initial betas of macOS 14.3, iPadOS 17.3, watchOS 10.3 and tvOS 17.3.

Simple security hack keeps your iCloud account safe from iPhone thieves

By

Can’t touch this (iCloud account)
Is this what the prolific Mr. Hammer was singing about? No.
Image: Jonathan Cutrer/Flickr/D. Griffin Jones/Cult of Mac

Taking a moment to add an extra passcode to your iCloud account might save your skin if your iPhone is ever stolen by a shady character who’s eyeing you like a hawk. By default, your iPhone passcode is all someone needs to lock you out of your devices and wreak financial havoc on your life. And it’s not that difficult to capture your passcode if you tap into your phone in a public place.

In fact, a recent spate of coordinated scams have played out like this: A spy watches for anyone entering their iPhone passcode in a bar or other public place. Then, the device is yoinked out of the victim’s hands. And before they can do anything, they find themselves locked out of their own iCloud account. Soon, the criminals who stole the iPhone proceed to make unauthorized purchases, empty bank accounts and generally wreak havoc on the victim’s finances and personal life.

Luckily, setting up a second passcode just for iCloud can protect you from this type of criminal operation. I’ll show you how to keep these thieves at bay — and offer some additional advice for keeping your account secure.

How to control what your iPhone backs up to iCloud

By

icloud backup
Keep things safe with iCloud backup.
Photo: Gabriel Wasylko/Unsplash

It’s World Backup Day, a good opportunity to take a close look at the backups your iPhone makes to iCloud. Are you running out of iCloud storage space? Living with a slow internet connection? Worried about privacy? In any of these cases, you might want to exclude some apps from your iCloud backups. Doing so will save iCloud storage space and conserve bandwidth.

The good news is that it’s easy to exclude pretty much anything you like from your iCloud backups in iOS. Here’s how.

Fix the mess caused by Sign in with Apple and Hide My Email

By

Silence the spam
Apple’s privacy-focused features in Mail are really handy at keeping spam at bay, but you might still need to find that secret email address or delete an account after a while.
Image: Ascánder/Wikimedia Commons/D. Griffin Jones/Cult of Mac

I always use Apple’s privacy-focused Sign in with Apple and Hide My Email services whenever I get the option.

The Sign in with Apple feature, which lets you log into third-party accounts using your Apple ID while keeping your personal info private, is so easy to use that I utilize it everywhere. But that also means my disguised logins pile up, accumulating in the digital junk drawer that is iCloud Settings.

I’ll show you where you can find, manage or delete these accounts. Perhaps you’re jumping ship from iPhone to Android, and you want to make sure you still have another way of signing into your Chipotle account.

The Hide My Email service is similar. It creates a temporary email address that forwards to your real one — handy if you’re signing up for a shady website, or if you need a public contact email. I’ll show you where you can create new ones and delete the old ones.

Apple tests iPhone bug-fix system that doesn’t require full iOS updates

By

Apple tests iPhone bug-fix system that doesn't require iOS updates
In the future, expect Rapid Security Responses from Apple for iOS, macOS and iPadOS.
Photo: Ed Hardy/Cult of Mac

A second round of ‘Rapid Security Response’ bug patches for the iOS 16.2 and iPadOS 16.2 betas were seeded to developers and other beta testers on Monday. At this point, Apple is testing the system for distributing these by releasing them for beta versions of the operating systems.

Once testing is over, these will allow Apple to fix security problems without releasing a full OS update.

PayPal teams up with Apple to kill the password

By

PayPal teams up with Apple to kill the password
PayPal introduces passkeys as an alternative to passwords.
Photo: PayPal

PayPal just adopted passkeys as an easy and secure log in method for user accounts. Users with an iPhone, iPad or Mac will be the first able to take advantage of the passwordless biometric security system because Apple built support for it into its devices.

Passkeys are an improvement over passwords, as they can’t be phished, stolen or guessed.

Be careful using browser built into TikTok

By

Be careful using browser built onto TikTok
Be careful you're not revealing more to TikTok than you mean to.
Photo: TikTok

The web browser built into the TikTok iPhone app can monitor your keystrokes. A developer who researched the software called it “the equivalent of installing a keylogger,” and warns that it can potentially grab passwords and credit card info.

A similar warning went out recently about the browsers built into Facebook and Instagram.

macOS users need to update to Safari 15.6.1 to close a security hole

By

Safari now has more than 1 billion users.
macOS Big Sur or macOS Catalina users really need Safari 15.6.1.
Photo: Apple

A recent macOS Monterey update deals with a nasty security problem in WebKit. But Apple is aware many users don’t upgrade to the latest operating system versions, so it also released Safari 15.6.1. The web browser update allows anyone using older macOS versions to avoid the vulnerability.

The browser update is free and available now.

Apple’s Automatic Verification will help us escape from annoying CAPTCHAs

By

Apple Automatic Verification will help save us from CAPTCHA hassles
Apple users may be freed from CAPTCHA.
Image: Ed Hardy/Cult of Mac

Apple developed Automatic Verification to let iPhone, Mac and iPad users bypass those irritating CAPTCHA image tests that websites use to confirm that someone is a human and not a bot.

Cloudflare and Fastly, big cloud computing companies that power tons of websites, are already on board to adopt the new system.

Make your data practically unhackable with this decentralized VPN

By

This firewall VPN is incredible.
This hardware VPN is also a firewall.
Photo: Cult of Mac Deals

Cybersecurity is no joke, even if you only use the internet to browse social media and shop online. Without thorough security in place, your personal information is at risk and could be sold or used against you. And targeted ads are just annoying.

The Deeper Connect Mini decentralized VPN and firewall is a simple-to-use hardware virtual private network that can protect your identity online and shield you from threats. And for a limited time, it’s on sale for $349.

Apple boosts AirTag privacy after criminal incidents

By

AirTags seemed so innocent and helpful at first.
AirTags seemed so innocent and helpful at first.
Photo: Apple

Apple said in a statement Thursday it will update AirTags item trackers with new privacy warnings, better warning sounds and smarter Find My tracking. The efforts comes as the company tries to improve security in the wake of criminal activity involving the devices, such as theft and stalking.

It’s the latest of several privacy updates Cupertino announced for AirTags since releasing them last year.

This password manager will protect all your accounts, on all your devices — and it’s 50% off

By

Keep all your accounts protected with this award-winning password manager.
Get 50% off military-grade password manager Dashlane.
Photo: Cult of Mac Deals

If you’ve been reusing the same old password across multiple websites and accounts, you need to stop what you’re doing and get a password manager immediately. Cybersecurity experts recommend password managers as the best way to protect yourself and your private data.

And right now, you can grab a year’s premium subscription to the top-rated Dashlane — the official password manager of Cult of Mac — while it’s on sale for just $29.99. That’s 50% off the regular price of $59. Or, boost your savings even further by grabbing a one-year subscription to the Dashlane Password Manager Family Plan, which lets you create six premium accounts, on sale for 64% off.

Apple: Ability to skip iOS 15 updates was never meant to be permanent

By

iOS 15
It's iOS 15 or it's nothing now.
Image: Killian Bell/Cult of Mac

Apple has confirmed that giving users the option to skip iOS 15 updates and stick with iOS 14 was always intended to be temporary.

Its clarification comes after it last week stopped delivering security updates to those who have chosen not to update their devices since iOS 15 made its debut last September. iOS 15.2.1 is now the only upgrade option.

Manage your company’s hardware easily and affordably with Desktop Central

By

Manage your company's devices across the workforce and various platforms with Desktop Central from ManageEngine.
Manage your company's devices across the workforce and various platforms with Desktop Central.
Image: ManageEngine

This UEM post is brought to you by ManageEngine.

If you manage technology for a company, you need all the help you can get. Not every business has the resources for a big, well-equipped IT department. Yet you might still need to manage, automate and secure all sorts of devices across a workforce and varied systems.

That’s where ManageEngine’s Desktop Central comes in. Its unified endpoint management system is affordable, feature-rich and easy to use, thanks to a clean, intuitive design.

WhatsApp rolls out encrypted chat backups on iPhone

By

WhatsApp encrypted chat backup
Ensuring only you have access to your chat data.
Image: WhatsApp

WhatsApp’s encrypted backups features is now rolling out on iPhone. Users can create a password to prevent unauthorized access to their chat data, while still uploading it to iCloud or Google Drive for their convenience.

The feature ensures that your WhatsApp chats are protected, even if the backup file itself somehow makes it into the wrong hands.

Apple says sideloading apps on iPhone would ‘cripple privacy and security’

By

iPhone sideloading isn't safe, Apple says
iOS restrictions make it safer than Android, Apple says.
Image: Apple

iOS is safer than Android because you cannot sideload apps onto an iPhone, Apple says. The company this week published a document in response to the European Commission’s proposal that could force Apple to allow third-party app marketplaces, which points out the many risks (as Apple sees it) with that plan.

Titled “Building a Trusted Ecosystem for Millions of Apps,” the 31-page PDF argues that allowing the sideloading of apps on iPhone “would cripple the privacy and security protections that have made iPhone so secure.”

High-end Zorachka Homam camera ups your HomeKit video quality

By

Mount this space-helmet-looking cam in your house and the burglars will know you mean business.
Mount this space-helmet-looking cam in your house and the burglars will know you mean business.
Photo: Zorachka

Not too long ago you didn’t have a whole lot of choices for high-quality cameras to run with Apple’s HomeKit system, but that’s changing all the time. For example, Zorachka has released its new, high-end Homam 64GB camera. It joins recent offerings from the likes of Aquara, Eufy, Eve and others.

Apple issues surprise iOS 14.8 update to fix severe security threats

By

Surprise! Apple releases iOS 14.8
Just when you thought Apple’s next software release would be iOS 15…
Graphic: Ed Hardy/Lewis Wallace/Cult of Mac

Apple rushed out updates for iPhones, iPads, Macs and Apple Watches on Monday to patch a pair of critical security vulnerabilities. The updates protect users from arbitrary code execution that can be triggered by maliciously crafted PDFs or web content, Apple said in its release notes.

In both cases, “Apple is aware of a report that this issue may have been actively exploited,” the company said.

The updates include iOS 14.8, iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2 and security patches for Safari and macOS Catalina.