Search Results for “MacRumors”

October 14, 2019
Catalin Cimpanu / ZDNet

Catalin Cimpanu / ZDNet  
Apple Clarifies, Defends Against Reports That It Sends User Traffic to China’s Tencent, Says It Never Sends Browsing Traffic to Tencent’s System

Following a series of reports that Apple’s Safari web browser was secretly sending user traffic to Chinese company Tencent, all of which reflected a recent discovery that Apple had implemented a second “safe browsing” system within Safari, Apple issued a statement clarifying the situation and defending its practices. Apple said it has used Google’s Safe Browsing API inside Safari to check for bad links, and this year also added Tencent’s safe browsing system to Apple as well. Despite earlier versions of safe browsing sending a URL to a safe browsing provider, most current safe browsing mechanisms, such as those managed by Google and Tencent, work by sending a copy of the database to a user’s browser and letting the browser check the URL against this local database. Apple said its developers have implemented Safari’s safe browsing mechanism in this manner and never sends the user’s internet browsing traffic to safe browsing providers. Tencent is not the default safe browsing provider and is only used on devices where the Chinese locale is enabled. Apple relies on Tencent to help keep its users safe because the Chinese government bans Google domains inside China.

Related: Cult of Mac, Z6 Mag, Softpedia News, CNET News,, NewsBytes App, TechNadu, Sensors Tech Forum, Apple Insider,, 9to5Mac,, Softpedia News, The Next Web, iPhone Hacks, MacRumorsTech Insider, The Hacker News, Ubergizmo, MacDailyNews, Techradar, MacRumors, The Loop, Digital Trends, Forbes, Sensors Tech Forum, SlashGear,, Threatpost, NDTV

Cult of Mac: Apple under fire for sending browsing data to China
Z6 Mag: Apple sends browser data to Chinese tech giant, Tencent
Softpedia News: New Apple Card Fraud Case Shows Cloning Might Not Be the Only Concern
CNET News: Apple defends the way it shares Safari browser data with Google or Tencent – CNET Safari caught sending some Safe Browsing data to Chinese internet giant Tencent
NewsBytes App: Safari caught sending browsing data to Chinese company: Details here
TechNadu: Apple’s Safari is Sending User Browsing Data to Chinese Company Tencent
Sensors Tech Forum: Apple Is Sharing Safe Browsing Data with Chinese Conglomerate Tencent
Apple Insider : Safari on iOS can be sending your browsing data to China’s Tencent [u]
9to5Mac: Apple responds to report on sending users’ browsing data to China-owned Tencent Apple Safari Can Send Your Browsing Data To China’s Tencent Raising Privacy Fears
Softpedia News: How to Block Your iPhone from Sending Browsing Data to Chinese Firm Tencent
The Next Web : Apple under scrutiny for sending Safari browsing data to China’s Tencent
iPhone Hacks: Apple Issues a Statement Regarding Safari Fraudulent Website Warning, Says It Uses Tencent Only for Mainland China
MacRumors: Apple Sending User Data to Chinese Company for Fraudulent Website Warnings in Safari
Tech Insider: An Apple feature that shares some data from websites you visit in Safari with Chinese tech giant Tencent is attracting attention amid mounting tensions between the US and China (AAPL)
The Hacker News: Apple Under Fire Over Sending Some Users Browsing Data to China’s Tencent
Ubergizmo: Apple Reportedly Sending User Browsing Data To Chinese Company Tencent
MacDailyNews: Apple under fire for sending web browsing data, including IP addresses, to China’s Tencent
Techradar: Safari on iOS could be sending tracking data to China
MacRumors: Apple Clarifies Tencent’s Role in Fraudulent Website Warnings, Says No URL Data is Shared and Checks are Limited to Mainland China
The Loop: On Apple sharing some portion of your web browsing history with Chinese conglomerate Tencent
Digital Trends: Safari is sending user browsing data to China’s Tencent
Forbes : Apple accused of sending data from 1billion iPhones and iPads to china
Sensors Tech Forum: Apple Is Sharing Safe Browsing Data with Chinese Conglomerate Tencent
SlashGear: iOS 13 Safari’s Safe Browsing reportedly sending some data to Tencent Apple’s Safari Now Protects Users From Fraudulent Websites Using “Tencent Safe Browsing”
Threatpost: Apple Shares Some Browsing History with Chinese Company
NDTV Apple’s Safari Browser on iOS Sends Browsing Information to China’s Tencent, Which May Log IP Addresses

October 10, 2019
Jack Nicas / New York Times

Jack Nicas / New York Times  
Apple Caves to Chinese State Criticism and Pulls App That Allowed Hong Kong Protesters to Track Police

In a move among several recent developments that shows the power of the Chinese state to dictate policies by American companies, Apple removed an app,, from its app store that enabled protesters in Hong Kong to track the police, a day after facing intense criticism from Chinese state media for it. Apple’s removal of the app followed an editorial by the People’s Daily, the flagship newspaper of the Chinese Communist Party, that accused Apple of aiding “rioters” in Hong Kong. Apple said it verified with the Hong Kong Cybersecurity and Technology Crime Bureau that the app has been used to target and ambush police, threaten public safety, and criminals have used it to victimize residents in areas where they know there is no law enforcement.

Related: The Next Web, Reuters, Forbes, ZDNet Security,, Apple Insider, Newsweek, Israel National News, South China Morning Post, The Korea Times News, Hong Kong Free Press HKFPPOLITICO, Financial Times, iMoreDaring FireballFortune, Security, Privacy & Tech Inquiries, EJ Insight, The New Daily, RT News, Local, WRAL Tech Wire, MacRumors, TechCrunch, Tech Insider, iPhone Hacks, MacRumors, Silicon Republic, Tech Insider, Z6 Mag, Global Voices, ReutersFortune  iMore, Tech Insider, WRAL Tech Wire, Fortune, Z6 Mag, BBC News, CRN, NDTV, Telegraph, QuartzNaked Security, EFF, Threatpost

Tweets:@juhasaarinen @Pinboard @thegrugq @jpwarren @jeffstone500

The Next Web : Apple bans app that warns Hong Kong citizens about police activity, again
Reuters : Apple pulls police-tracking app used by Hong Kong protestors after consulting authorities
Forbes : Apple Removes App Used To Track Hong Kong Police After Pressure From China
ZDNet Security: Apple pulls from app store : Apple bans app after China threat
Apple Insider : Apple again pulls police monitoring app from Hong Kong app store
Newsweek: What is HKmap? Apple’s Removal of App Used by Hong Kong Protesters is ‘Political Decision to Suppress Freedom,’ Devs Say
Israel National News : Apple withdraws Hong Kong police-tracking app
South China Morning Post: Swedish tech firm Yubico hands Hong Kong protesters free security keys amid fears over police tactics online
The Korea Times News: Swedish firm gives Hong Kong protesters security keys amid police hacking fear
Hong Kong Free Press HKFP: ‘You’re not alone’: Hong Kong activists united over raising awareness about gender-based violence
POLITICO: U.S. passing Hong Kong human rights and democracy act will ‘punish the wrong people,’ says ex-Trump envoy
Financial Times: Apple pulls Hong Kong map used by protesters from App Store
iMore : Hong Kong mapping app removed from App Store
Daring Fireball: Apple Removes From App Store
Fortune: Apple Removes Hong Kong Protest Map From App Store The Day After Beijing Complains
Security, Privacy & Tech Inquiries: Censorship-resilient apps with Progressive Web Applications
EJ Insight: Apple pulls HK police-tracking app after China criticism
The New Daily: Apple removes Hong Kong police tracker app
RT News: Apple removes app that Hong Kong protesters used to track police movements following vandalism, attacks on officers Local: Apple pulls HK protester app after Beijing warning
WRAL Tech Wire: Apple drops Hong Kong activists app; Huawei may be able to buy some US goods
MacRumors: Apple Pulls Hong Kong Protest App From App Store Following Chinese Criticism
TechCrunch: Apple pulls HKmap from App Store, the day after Chinese state media criticized its “unwise and reckless decision” to approve it
Tech Insider: China’s grip on Apple tightens as it boots a Hong Kong police-tracking app and news app Quartz
iPhone Hacks: Tim Cook Explains Why Apple Removed the Controversial Hong Kong Protest App
MacRumors: Tim Cook Defends Removal of Hong Kong Mapping App From App Store in Leaked Memo
Silicon Republic: Apple accused of bowing to political pressure amid Hong Kong app removal
Tech Insider: Hong Kong lawmaker who relied on the banned HKMap Live app warns Apple from becoming an ‘accomplice for Chinese censorship’
Z6 Mag: Apple CEO Tim Cook justifies removal of Hong Kong maps app from App Store
Global Voices: Google removes Hong Kong protester role-playing game from its Play Store
Reuters : Apple pulls app used to track Hong Kong police, Cook defends move
Fortune: Apple CEO Tim Cook Defends Decision to Drop Hong Kong Protest Map From App Store After China Complaint
iMore: Read Charles Mok’s open letter to Tim Cook about Hong Kong
Tech Insider: Hong Kong lawmaker who relied on the banned HKMap Live app warns Apple from becoming an ‘accomplice for Chinese censorship’
WRAL Tech Wire: Tim Cook’s choice: Apple kowtows to China or face punishing costs
Fortune: Apple CEO Tim Cook Defends Decision to Drop Hong Kong Protest Map From App Store After China Complaint
Z6 Mag: Apple CEO Tim Cook justifies removal of Hong Kong maps app from App Store
BBC News : Few convinced by Apple’s case for Hong Kong app removal – BBC News
CRN : Apple criticised for pulling app that tracks Hong Kong police
NDTV : Apple Removes Quartz News App From China App Store Over Hong Kong Protest Coverage
Telegraph : Fury as Apple pulls US news app Quartz from China ‘over Hong Kong coverage’
Quartz: Tim Cook doesn’t seem to know how the Hong Kong app Apple removed actually works
Naked Security: Apple removes app that tracks Hong Kong police and protestors
EFF: China’s Global Reach: Surveillance and Censorship Beyond the Great Firewall
Threatpost: China’s Sway Over Tech Companies Tested with Apple, Blizzard

@juhasaarinen: Apple pulls from app store via @ZDNet & @dobes
@Pinboard: This is important. Note the hypothetical language used here by Hong Kong police—they contacted "several app stores" (presumably including Apple) with the complaint that @hkmaplive "could leak the officers' whereabouts, which could facilitate the criminals to ambush our officers."
@thegrugq: This pure information warfare attack surface is brilliant. Blizzard punished a player for being pro Hong Kong. Players are attempting to get Blizzard games banned by Chinese censors. Winnie the Pooh is already censored due to memes about Xi, so this isn’t too unrealistic a goal.
@jpwarren: I am doubling my order of @Yubico keys and telling everyone I know to do the same, because of their principled stance on Hong Kong. And so should you. Please RT.
@jeffstone500: Censorship is just the beginning. China is using powerful DDoS attacks to knock foreign websites offline, per @EFF @Mala. Recent victims include Telegram, a Hong Kong protest forum, and social media outside government control.

October 4, 2019
Robert McMillan, Jeff Horwitz, Dustin Volz / Wall Street Journal

Robert McMillan, Jeff Horwitz, Dustin Volz / Wall Street Journal  
Barr’s Request for Facebook to Postpone End-To-End Messaging Encryption, New Data-Sharing Pact With UK Revive Encryption Backdoor Fight

Reigniting a long-standing fight between the government and the tech community, U.S. Attorney General William Barr has asked Facebook to hold off on plans to add encryption throughout its messaging services until it figures out a way to provide government access to the services for investigative purposes. Barr also signed an agreement with the U.K. that would make it quicker for British police to request data from internet companies by circumventing the Justice Department and going to firms directly. Both of these moves promise another high-stakes clash over encryption, a battleground that has been relatively calm since James Comey high-stakes fight with Apple’s refusal to decrypt an iPhone used by the San Bernardino shooter in 2016. Tech companies have long argued that any technique that would give the government access to encryption systems would undermine their overall security. The government says that as more criminals flock to encrypted communications, law enforcement is in the dark regarding criminal activities.

Related: Security – Computing, TechdirtZDNet SecurityRTT – Technology, MacRumors, San Francisco Chronicle, New Statesman Contents, Geek News Central, MobileSyrup.comTrusted Reviews, MacRumors, Computer Business Review, Voice of America, TechNadu, WRAL Tech Wire, NS Tech, diginomica government, Silicon UK, The Mac Observer, iMore, Android Central , iMore, Infosecurity Magazine, ReutersRAPPLER, NDTV, San Francisco Chronicle, fossBytes, USA Today,, The Crime Report,, Wall Street Journal, The Next Web, SecurityWeek, New on MIT Technology Review,,, Courthouse News Service

Tweets:@joeuchill @gregotto @shanvav

Security – Computing: US, UK and Australia demand that Facebook stop plan to introduce end-to-end encryption for WhatsApp
Techdirt: DOJ Boss Joins UK, Australian Gov’t In Asking Facebook To Ditch Its End-To-End Encryption Plan
ZDNet Security: US, UK, and Australia jointly request for Facebook to stop end-to-end encryption plans
RTT – Technology: DoJ Requests Facebook To Address Concerns About End-to-end Encryption Plan
MacRumors: US, UK, and Australia Urge Zuckerberg Not to Extend Encrypted Messaging to Facebook and Instagram
San Francisco Chronicle: Feds, Facebook in renewed fight over encryption
New Statesman Contents: Five things you need to know today: Patel’s letter and Banksy’s bonanza
Geek News Central: Officials Want Facebook to Halt End-to-End Encryption Plans Zuckerberg defends end-to-end encryption, responds to government letter
Geek News Central: Officials Want Facebook to Halt End-to-End Encryption Plans
Trusted Reviews: The DoJ has formally asked Facebook to kill end-to-end encryption
MacRumors: US, UK, and Australia Urge Zuckerberg Not to Extend Encrypted Messaging to Facebook and Instagram
Computer Business Review: Read the Home Secretary’s Startling Letter to Zuckerberg on Encryption
Voice of America: US, UK Seizing on Facebook Inc’s Plan to Apply End-to-End Encryption
TechNadu: The Trump Administration is Still Pushing for the Banning of End-to-End Encryption
WRAL Tech Wire: US authorities pressing Facebook to get access to encrypted messages
NS Tech: The US and UK’s attack on WhatsApp encryption is deeply unsettling
diginomica government: Facebook is right for once as the US, UK and Australia gang up on it over encryption
Silicon UK: Zuckerberg Hits Back Against Encryption Backdoor Request
The Mac Observer: Governments Urge Facebook to Give Backdoor to End-to-End Encryption
iMore: Facebook faces call to halt end-to-end encryption rollout
Android Central : Facebook faces call to halt end-to-end encryption rollout
Infosecurity Magazine: Experts Slam US, Australia and UK’s Facebook Encryption Demands
CERT-EU : Experts Slam US, Australia and UK’s Facebook Encryption Demands
Reuters: U.S., allies urge Facebook for backdoor to encryption as they fight child abuse
RAPPLER: U.S., allies push Facebook for access to encrypted messages
NDTV US, Allies Ask Facebook Not to Expand Encryption on Its Services
San Francisco Chronicle: Feds, Facebook in renewed fight over encryption
fossBytes: US And UK Ask Facebook To Create A “Backdoor” To Access Encrypted Texts
USA Today: The government doesn’t want Facebook to encrypt your messages: Here’s why U.S., Britain, Australia press Facebook for back door to encrypted messages
The Crime Report: Barr Seeks ‘Back Door’ DOJ Access to WhatsApp US Attorney General
The Next Web: US and UK pressure Facebook for backdoor access to WhatsApp messages
SecurityWeek: Officials Push Facebook for Way to Peek at Encrypted Messages
New on MIT Technology Review: Facebook is being asked to give access to encrypted messages. It’s a bad idea. Facebook Pressured Over Encrypted Messaging Plans U.S. authorities seek access to Facebook encrypted messaging
Courthouse News Service: Barr Seeks Access to Encrypted Facebook Messages

@joeuchill: FBI Director Wray leads off the DOJ's backdooring encryption conference saying we'll hear a number of stories today about child exploitation.He then praises Facebook for maintaining visibility on users.It appears we're being set up for a day-long emotional appeal to Facebook.
@gregotto: Here's the letter AG Barr sent to Facebook asking the company to delay its encryption efforts
@shanvav: US, UK, and Australia have asked Mark Zuckerberg/Facebook to delay encryption for messaging over law enforcement concerns it can hamper investigations into child sex exploitation. Today the nations are at a summit on the issue. Read their request here:

August 16, 2019
Susan Decker / Bloomberg

Susan Decker / Bloomberg  
Apple Files Copyright Lawsuit Against Software Startup Corellium Accusing the Security Vulnerability Tool Company of Illegally Selling Virtual Copies of iPhone, iPad Operating Systems

In a copyright infringement lawsuit filed in West Palm Beach, FL, Apple has accused upstart Corellium of illegally selling virtual copies of the iPhone and iPad operating systems under the guise of helping discover security flaws. Corellium provides a research tool for those trying to discover security vulnerabilities and other flaws in Apple’s software. Apple alleges that the software company has copied the operating system, graphical user interface and other aspects of the devices without permission, and wants a federal judge to stop the violations. Apple further argues that Corellium allows the creation of a virtual Apple device, copies new versions of Apple works as soon as they are announced and doesn’t require users to disclose flaws to Apple. In its suit, Apple is further asking for a court order forcing Corellium to notify its customers that they are in violation of Apple’s rights, destruction of any products using Apple copyrights, and cash compensation.

Related: Tech Insider, Slashdot, Z6 Mag, TechCrunch, MacRumors, PCMag, ZDNet, iMore, AppleInsider, 9to5Mac, SecurityWeek, Economic Times,ZDNet Security, The Register, Computer Business Review,, Slashdot, MacDailyNews

Tweets:@pwnallthethings @riskybusiness @MalwareJake @runasand @LorenzoFB @LorenzoFB @LorenzoFB @dcuthbert @ryanaraine @hackerfantastic @Bing_Chris

Tech Insider: ‘Enough is enough’: Apple is suing a company that claims it creates ‘perfect’ replicas of iOS
Slashdot: Apple Files Lawsuit Against Corellium For iOS Emulation
Z6 Mag: Apple sues Corellium, saying that they are profiteering from supposedly good-faith security research
TechCrunch: Apple is suing Corellium
MacRumors: Apple Files Lawsuit Against Virtualization Company Corellium for Illegally Replicating iOS and Apple Apps
PCMag: Apple Sues Corellium Over ‘Illegal Replication’ of iOS
ZDNet: Apple files lawsuit against Corellium for flogging virtual iOS copies for security tests
iMore: Apple accuses software company Corellium of selling replicas of iOS in new lawsuit
Apple Insider: Apple sues virtualization firm Corellium for selling iOS and iTunes knockoffs
9to5Mac: Apple files lawsuit against virtualization company Corellium for selling ‘perfect replicas’ of iOS
SecurityWeek: Apple Sues Corellium Over Security Research Tool
Economic times : Here’s why Apple is suing this cybersecurity startup
ZDNet Security: Apple files lawsuit against Corellium for flogging virtual iOS copies for security tests
The Register: Apple fires legal salvo at Corellium claiming the virtual iPhone flinger is infringing copyright
Computer Business Review: Apple Sues Virtualisation Firm Corellium for “Perfect Digital Facsimile” of iOS Apple suing company that creates browser-based replica of iOS
Slashdot: Apple Files Lawsuit Against Corellium For iOS Emulation
MacDailyNews: Apple seeks to shut down Corellium’s unauthorized ‘perfect replicas’ of iOS

@pwnallthethings: Interesting case to watch here @Apple v @CorelliumHQ -- another example of big tech companies using legal pretexts as proxy fights in cybersecurity
@riskybusiness: Tfw your podcast is named in Apple’s lawsuit against @CorelliumHQ . At least I’m in good company with @mdowd and @lorenzofb .
@MalwareJake: This reminds me of when Oracle signaled it would take legal action against Sun Microsystems because dtrace would expose the inner workings of their DBMS. Bugs happen. Apple obviously wants these bugs exposed, but only to them. 1/
@runasand: "Apple said the software company Corellium has copied the operating system, graphical user interface and other aspects of the devices without permission, and wants a federal judge to stop the violations."
@LorenzoFB: I wonder if Apple will go after Corellium users now.
@LorenzoFB: Here's the full Apple v. Corellium complaint.
@LorenzoFB: I'm not a copyright lawyer but this lawsuit is fascinating. Apple is essentially arguing that Corellium has copied iOS and is offering unlicensed copies to customers.Apple is also arguing that these customers use Corellium to find vulns that they don't then report to Apple.
@dcuthbert: And this is a seemingly poor move by @apple tech allows us to streamline and modernise the entire testing approach. No more clunky physical phone testing farms. It allows rapid dev across multiple devices. Something Apple hasn't made easy
@ryanaraine: “For a million dollars a year, Corellium will even deliver a ‘private’ installation of its product to any buyer,” Apple said.
@hackerfantastic: "Corellium paints itself as a research tool for discover security vulnerabilities and other flaws in Apple’s software"...“Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder" ??
@Bing_Chris: Very interesting case... I recently spoke to someone in the offensive cyber industry and they (unprompted) explained how this company’s software is extremely important nowadays in finding 0 days. I am curious though, what was the option before Corellium?

September 2, 2019
Zack Whittaker / TechCrunch

Zack Whittaker / TechCrunch  
Malicious Websites Used to Hack Into iPhones Were Targeting Uyghur Muslims in China in Likely State-Backed Attack, Same Websites Used to Target Android and Windows Users, Sources

A number of malicious websites used to hack into iPhones over a two-year period were targeting Uyghur Muslims in China’s Xinjiang state as part of a state-backed attacked, likely China, according to sources. Google Project Zero researchers discovered the malicious websites but did not disclose who the sites were targeting. Apple fixed the vulnerabilities in February in iOS 12.1.4, days after Google privately disclosed the flaws. Separately, Forbes said the same websites targeting iPhones were also used to target Android and Windows users. The websites also infected non-Uygurs who inadvertently accessed these domains because they were indexed in Google search, prompting the FBI to alert Google to ask for the site to be removed from its index to prevent infections.

Related: Forbes, Forbes, Digital Journal,,, USA Today, CRN, Newser, Daily Dot, 9to5Mac, MacRumors, Economic Times, Cult of Mac, TechSpot, The Guardian, MSPoweruser, Techradar, Tech InsiderfossBytes, Gizmodo, Telecompaper Headlines, MacRumors, TechNadu, Daily Dot, Slashdot, The Loop, 9to5 Mac, The Next Web, Engadget, AppleInsider, Softpedia

Tweets:@iblametom @HowellONeill @zackwhittaker

Forbes : Apple Just Gave 1.4 Billion Users A Reason To Quit Their iPads, iPhones
Forbes : New iPhone Hack Shock For 1 Billion Apple Users As Attacker Is Revealed
Digital Journal: iPhone flaw shows ongoing concerns with mobile devices : Apple iPhone users exposed to spyware through tainted websites, Google researchers say – ABC News Google Says 1B Apple Users Could Be At Risk Of Hack Attacks
USA Today : Google found iPhone security flaws that allowed websites to hack iOS users ‘en masse’
CRN : iPhone hacking ‘implants’ outed by Google Two-year campaign targeted private data.
Newser : Until Recently, Websites Were Hacking iPhones – Newser
Daily Dot: How China targeted Uyghur Muslims with iPhone-hacking websites
9ot5Mac: Report: China used iPhone website exploit attacks to target Uyghur Muslims
MacRumors: China Reportedly Used iPhone Exploits to Target Uyghur Muslims
Economic Times: Apple iPhone ‘hacking’ websites found by Google also affected Android and Windows devices
Cult of Mac: iPhone security exploit allegedly used to target Uyghur Muslims
TechSpot: iPhone-hacking websites also targeted Google and Windows users
The Guardian: Uighurs in China were target of two-year iOS malware attack – reports
MSPoweruser: Along with iOS, Android and Windows users were also targeted by Chinese government
Techradar: iPhone hack also hit Windows and Android devices
Tech Insider: China may have used a recent massive iPhone hack to target Uighur Muslims
fossBytes: iPhone Hack Uncovered By Google Even Targeted Android And Windows
Gizmodo: The iPhone-Hacking Sites Google Found Apparently Went After Android and Windows Users Too
Telecompaper Headlines: Google reveals two-year-long iOS hacking operation
MacRumors: China Reportedly Used iPhone Exploits to Target Uyghur Muslims
TechNadu: China Was Using the iPhone ‘Watering Hole’ Websites to Spy on Uyghur Muslims
Daily Dot: How China targeted Uyghur Muslims with iPhone-hacking websites
Slashdot: iPhone-Monitoring Crackers Also Targeted Android and Windows, Targeted Ethnic Group in China
The Loop: Sources say China used iPhone hacks to target Uyghur Muslims
9to5Mac : Report: China used iPhone website exploit attacks to target Uyghur Muslims
The Next Web: iPhone spyware campaign reportedly targeted Uyghur Muslims for 2 years
Engadget : Sites stealing iPhone data reportedly targeted Uyghur Muslims – Engadget
AppleInsider: China believed to have used iPhone exploits to track Uyghur Muslims
Softpedia News: iPhone Hackers Going After Windows and Android Users Too

@iblametom: New - iPhone Hackers Caught By Google Also Targeted Android And Microsoft Windows, Say Sources
@HowellONeill: The hackers behind the iPhone watering hole attack also targeted Android and Windows
@zackwhittaker: New: @iblametom has confirmed that Android and Windows users were *also* targeted in the same watering hole attacks affecting iPhone users.

October 18, 2019
Chris Smith / BGR

Chris Smith / BGR  
Pixel 4’s 3D Face Unlock Allows Users to Unlock Phone Even If Their Eyes Are Closed

The Pixel 4’s 3D face unlock, Google’s response to Apple’s Face ID, forgot to replicate a key Face ID feature called Require Attention that verifies a user’s eyes are open and looking at the phone before performing the unlock. It, therefore, allows a user to unlock a phone even if their eyes are closed. This omission means that anyone can hold a locked phone up to a sleeping person’s face and unlock it. Google acknowledges this flaw but has indicated no plans to fix it in the future.

Related: channelnews, MacDailyNews,, Gizmodo, ZDNet, The Verge, Business Insider, THE INQUIRER, iPhone Hacks, CNET, MacRumors


August 24, 2019
Jess Casey / Irish Examiner

Jess Casey / Irish Examiner  
An Estimated 300 Contractors in Cork, Ireland Were Expected to Listen to 1,000 Users’ Siri Recordings Every Shift Until Apple Suspended the Practice, Source

Following revelations that human third-party contractors worldwide were listening to Siri recordings on behalf of Apple without Apple users’ knowledge, an estimated 300 contractors at Globetech, a Cork, Ireland-firm headquartered at Cork Airport Business Park, were expected to each listen to more than 1,000 recordings from Siri every shift before Apple suspended the practice last month, according to an employee who had their contract abruptly terminated this week. The staff listened to, transcribed and ‘graded’ Siri recordings based on a number of different factors, including if the activation of Siri was accidental or if the query was something the voice assistant could or couldn’t assist with. Each Siri user’s details were kept anonymous, according to the employee.

Related: E-Commerce Times, Android Central , iMore, MacDailyNews, The Verge, iPhone Hacks, MacRumors, Pocket-lint


July 26, 2019
Alex Hern / The Guardian

Alex Hern / The Guardian  
Apple Contractors Regularly Hear Highly Confidential Siri Recordings, Including Drug Deals and Couples Having Sex, Whistleblower

Apple contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex, as part of their job providing quality control, or “grading”, the company’s Siri voice assistant, according to a whistleblower working for the firm who is concerned about the company’s lack of disclosure of these human reviews. Apple’s privacy policies do not explicitly state that a small proportion of Siri recordings are passed on to contractors working for the company around the world. Apple conceded that humans are reviewing Siri audio saying “a small portion of Siri requests are analyzed to improve Siri and dictation. User requests are not associated with the user’s Apple ID. Siri responses are analyzed in secure facilities and all reviewers are under the obligation to adhere to Apple’s strict confidentiality requirements.”

Related: Engadget, Fast Company, 9to5Mac, Tech Insider, Trusted Reviews, MacRumors, Slashdot, TechSpot, Engadget, SlashGear » security, iPhone Hacks

Tweets:@geoffreyfowler @donie

Engadget: Apple contractors frequently hear sensitive info in Siri recordings
Fast Company: Your conversations with Apple’s Siri may not be so confidential
9to5Mac: Apple responds to Guardian report about contractors hearing private conversations while ‘grading’ Siri
Tech Insider: Apple contractors working on Siri ‘regularly’ hear recordings of sex, drug deals, and private medical information, a new report says
Trusted Reviews: Apple’s Siri contractors hear people having sex, says whistleblower
MacRumors: Contractors Working on Siri ‘Regularly’ Hear Recordings of Drug Deals, Private Medical Info and More Claims Apple Employee
Slashdot: Apple Contractors ‘Regularly Hear Confidential Details’ on Siri Recordings, Report Says
TechSpot: Apple QC workers often hear bits of private conversations in Siri recordings
Engadget: Apple contractors frequently hear sensitive info in Siri recordings
SlashGear » security: Whistleblower claims Apple contractors hear ‘sensitive’ Siri recordings
iPhone Hacks: Apple Contractors Regularly Hear Confidential Medical Information, Drug Deals and More While Grading Siri

@geoffreyfowler: The HomePod in my living room activates Siri at the strangest times. But I can't say I've ever seen it activated by a zipper.A good reminder, though, that Apple keeps recordings of every time Siri *thinks* it is being activated -- and you can't stop it.
@donie: Apple contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex, as part of their job providing quality control, or “grading”, the company’s Siri voice assistant, the Guardian has learned.

August 2, 2019
Alex Hern / Guardian

Alex Hern / Guardian  
Apple Suspends Controversial Program That Allows Contractors to Listen to Siri Recordings

Apple has suspended its practice of having human contractors listen to users’ Siri recordings to “grade” them, and will not restart the program until it has conducted a thorough review of the practice following a Guardian report revealing the practice.  Apple also said it is committed to adding the ability for users to opt out of the quality assurance scheme altogether in a future software update. Contractors for Apple who conduct those reviews showed up for work on Friday in Ireland but were told to go home for the weekend. The Guardian broke the news that Apple contractors regularly hear confidential and private information while carrying out the grading process, including in-progress drug deals, medical details and people having sex.

Related: AppleInsider, iClarified, Mashable, Paul Thurrott –, Tech Insider, Reuters, The Next Web, PhoneArena, ZDNet Security, The Verge, Cult of Mac, MacRumors, Axios, Techradar, BetaNews, Pocket-lint, Slashdot

Tweets:@inafried @gcluley @markwilsonwords

AppleInsider: Apple suspends Siri quality control program, will let users opt out in update
iClarified: Tim Cook Announces Apple Card Will Launch in August
Mashable: Apple suspends program that let humans listen in to Siri conversations
Paul Thurrott – Apple Suspends Siri Grading Program
Tech Insider: Three ways brands can benefit from adopting voice technology (AAPL, AMZN, GOOGL, MSFT)
Reuters: Apple halts Siri response grading program after privacy concerns
The Next Web: Apple and Google suspend monitoring of voice recordings by humans
PhoneArena: With privacy cred under fire, Apple to offer opt-out feature for Siri recordings access
ZDNet Security: Apple, Google: We’ve stopped listening to your private Siri, Assistant chat, for now
The Verge: Apple stops letting contractors listen to Siri voice recordings
Cult of Mac: Apple stops listening to users’ Siri queries
MacRumors: Apple Suspends Program That Lets Employees Listen to Siri Recordings for Quality Control, Opt Out Option Coming
Axios: Apple suspends program in which humans review users’ Siri queries
Techradar: Apple has stopped sending Siri chats to third parties… for now
BetaNews: Privacy: Google stops transcribing Assistant recordings and Apple stops listening to Siri recordings
Pocket-lint: Apple is suspending Siri quality control due to recent privacy concerns
Slashdot: Apple Stops Letting Contractors Listen To Siri Voice Recordings, Will Offer Opt-Out Later

@inafried: Breaking: Apple suspends program in which humans review users' Siri queries (link:…
@gcluley: Apple suspends Siri response grading in response to privacy concerns (link:…
@markwilsonwords: Privacy: Google stops transcribing Assistant recordings and Apple stops listening to Siri recordings

August 6, 2019
Thomas Brewster / Forbes

Thomas Brewster / Forbes  
Apple Plans to Give Infosec Rockstars Who Participate in Bug Bounty Program Special iPhones for Testing, Will Launch Mac Bug Bounty Program, Report

Apple reportedly plans to announce plans to give infosec rockstar security researchers who participate in its invite-only bug bounty program special iPhones that will make it easier for them to find weaknesses in the smartphone. The special iPhones will essentially be “dev devices” that allow users to do a lot more than do locked-down iPhones and will be”lite” versions of the phones, without the same level of openness as enjoyed by Apple’s security team. Apple also plans to announce a Mac bug bounty program so that anyone who can find security issues in macOS will get rewarded with bug bounty payments that can run as high as $200,000.

Related: TechSpot, iDownloadBlog, MacDailyNews, Trusted Reviews, Engadget, The Mac Observer, MacDailyNews, BleepingComputer.comSoftpedia News, MacRumors, Apple Insider,iPhone Hacks


TechSpot: Apple to launch macOS Bug Bounty program, will also give ‘special’ iPhones to researchers
iDownload Blog : Apple will supply security researchers with special iPhone variants for bug hunting
MacDailyNews: Apple hands hackers secret iPhones in a bid to boost security; to offer Apple Mac bug bounty
Trusted Reviews: Apple is giving jailbroken iPhones to hackers to tighten iOS security
Engadget : Apple may soon hand special iPhones to security researchers
The Mac Observer: Apple Bug Bounty Program Coming This Month
MacDailyNews: Apple hands hackers secret iPhones in a bid to boost security; to offer Apple Mac bug bounty AT&T Launches Public Bug Bounty Program on HackerOne
Softpedia News: Apple to Give Away Special iPhones to Security Researchers
MacRumors: Apple to Give Security Researchers ‘Special’ iPhones for Bug Testing, macOS Bug Bounty Program Coming
Apple Insider: Apple to reportedly provide ‘dev device’ iPhones for bug hunting, introduce Mac bounty
iPhone Hacks : Apple to Reportedly Provide Security Researchers with Jailbroken iPhones

@radian: Very excited to return to the Black Hat stage this year to talk about some world-class Apple security features! iOS code integrity and Pointer Authentication Codes, Mac secure boot with the T2 Security Chip, the crypto behind the Find My feature, and more: (link:…