Security News
Apple's latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution. The fixes address vulnerabilities in Apple's Xcode, watchOS, Safari, iTunes for Windows, iOS, iPadOS, macOS and tvOS. The most severe of the bugs include four RCE flaws in Apple TV's operating system, tvOS - each rated high-severity.
To comply with California's new data privacy law, companies that collect information on consumers and users are forced to be more transparent about it. The form proceeds to state that, as part of signing up for a rewards card, Ralphs "May collect" information such as "Your level of education, type of employment, information about your health and information about insurance coverage you might carry."
Unexpectedly, in December, Apple published a blog thanking Google for suggesting some changes to ITP which they'd implemented in Safari as part of December's iOS 13.3, and Safari for macOS 13.0.4 updates. Any site can issue cross-site requests, increasing the number of ITP strikes for an arbitrary domain and forcing it to be added to the user's ITP list.
The privacy mechanism implemented by Apple's Safari browser to prevent user tracking across websites is not efficient at protecting users' privacy, Google security researchers have discovered. Called Intelligent Tracking Prevention, the system is meant to prevent websites commonly loaded in a third-party context from receiving identifiable information about the user.
Technology Apple designed for its Safari web browser to protect users from being tracked when they surf the web may actually do just the opposite, according to new research from Google. Google researchers have identified a number of security flaws in Safari's Intelligent Tracking Protection that allow people's browsing behavior to be tracked by third parties, according to a report published in the Financial Times Wednesday.
Google security researchers have published details about the flaws they identified last year in Intelligent Tracking Protection, a privacy scheme developed by Apple's WebKit team for the company's Safari browser. Schuh expressed skepticism that Apple will be able to salvage ITP. "They attempt to mitigate tracking by adding state mechanisms, but adding state often introduces worse privacy/security issues," he wrote.
The online giant said its "Sandbox" program would still allow advertisers the ability to deliver targeted messages, while also sparing people from being tracked by snippets of code called "Cookies" when they use its Chrome web browser. "We are confident that with continued iteration and feedback, privacy-preserving and open-standard mechanisms like the Privacy Sandbox can sustain a healthy, ad-supported web in a way that will render third-party cookies obsolete," Chrome director of engineering Justin Schuh said in a post.
You know the type: the profilers, the data harvesters, the location-stealers. Big data empire builders who maintain hundreds of millions of individual profiles - then leave them around for anyone to copy.
Including: Nasty Mac malware and gas-pump infections Roundup Here's a catch-up of security news beyond everything else we've covered.…
Does Facebook continue to track the locations of its users even when they’ve told it not to? Yes!