Security News

A new as-yet unpatched weakness in Apple's iCloud Private Relay feature could be circumvented to leak users' true IP addresses from iOS devices running the latest version of the operating system. Introduced with iOS 15, which was officially released this week, iCloud Private Relay aims to improve anonymity on the web by employing a dual-hop architecture that effectively shields users' IP address, location, and DNS requests from websites and network service providers.

Facebook's WhatsApp on Friday said users will soon be able to store end-to-end encrypted backups of their chat history on Google Drive in Android or Apple iCloud in iOS, with an option to self-manage the encryption key. "We're adding another layer of privacy and security to WhatsApp: an end-to-end encryption option for the backups people choose to store in Google Drive or iCloud," said Facebook supremo Mark Zuckerberg in a missive on his platform.

A California man impersonated an Apple customer support technician in a socially engineered email campaign that stole people's iCloud passwords to break into accounts and collected upwards of 620,000 private photos and videos. Hao Kuo Chi, 40, of La Puente, has agreed to plead guilty to four felonies, including conspiracy to gain unauthorized access to a computer, in a scam that ultimately aimed to steal and share nude images of young women, according to court records and a report by the Los Angeles Times.

A California man this month admitted he stole hundreds of thousands of photos and videos from strangers' Apple iCloud accounts to find and share images of nude young women. Chi, using the online name "Icloudripper4you," worked with other unidentified miscreants to obtain files from Apple customers' iCloud accounts by impersonating Apple customer support representatives in email messages.

There are two main features that the company is planning to install in every Apple device. One is a scanning feature that will scan all photos as they get uploaded into iCloud Photos to see if they match a photo in the database of known child sexual abuse material maintained by the National Center for Missing & Exploited Children.

Using iCloud Private Relay in iOS 15, you can easily obscure your internet traffic and ensure that network providers cannot spy on your activity. With any paid iCloud plan in iOS 15, you will get access to a new service called iCloud Private Relay, which routes your web traffic in Safari anonymously through Apple's relay service, obscuring your location and IP address.

At this year's Apple Worldwide Developer Conference, Apple announced something called "iCloud Private Relay." That's basically its private version of onion routing, which is what Tor does. Privacy Relay is built into both the forthcoming iOS and MacOS versions, but it will only work if you're an iCloud Plus subscriber and you have it enabled from within your iCloud settings.

A security researcher claims he discovered a critical vulnerability in Apple's password reset feature that could have been used to take over any iCloud account, but Apple has downplayed the impact of the flaw. The issue, researcher Laxman Muthiyah says, was a bypass of the various security measures Apple has in place to prevent attempts to brute force the 'forgot password' functionality for Apple accounts.

WWDC Apple on Monday opened its 2021 Worldwide Developer Conference by promising a raft of operating system and privacy improvements - including a relay system to anonymize Safari connections, and randomized email addresses for online account signups. Apple pundits had anticipated an Arm-based MacBook Pro, yet no word of next-generation Apple Silicon machines surfaced.

Apple is once again demonstrating that it's all in on privacy with new user-protecting features for Mail, Siri, iCloud and additional app-tracking metrics. While there wasn't a single hardware announcement, as was hoped and predicted, the software announcements that Apple made at WWDC 2021 were extensive and are likely to be well-received by iPhone, iPad and Mac users, and privacy stands out as a central theme.