Apple

https://www.bbc.com/news/articles/cgj54eq4vejo

Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data. Advanced Data Protection (ADP) means only account holders can view items such as photos or documents they have stored online through a process known as end-to-end encryption. But earlier this month the UK government asked for the right to see the data, which currently not even Apple can access. Apple did not comment at the time but has consistently opposed creating a “backdoor” in its encryption service, arguing that if it did so, it would only be a matter of time before bad actors also found a way in. Now the tech giant has decided it will no longer be possible to activate ADP in the UK. It means eventually not all UK customer data stored on iCloud - Apple’s cloud storage service - will be fully encrypted. Data with standard encryption is accessible by Apple and shareable with law enforcement, if they have a warrant.

Benedict Evans:

Of course, the UK is within its rights to choose one side of the trade-off in the UK - what’s bizarre here is that the UK is apparently demanding that Apple do this globally. The UK, apparently, is trying to tell a US company what products it can provide to customers in Japan, Australia or indeed the USA. Normally it’s only American regulators that assert global juristiction. But what will the UK government say when China reads this story, and orders Apple to hand over UK citizens’ data, given that it’s now unencrypted and the UK has conceded the principle of jurisdiction? [emphasis added]

https://pxlnv.com/linklog/siri-invented-calendar-event/

I saw a suggestion from Siri that I turn on Do Not Disturb until the end of an event in my calendar – a reservation at a restaurant from 8:30 until 10:00 this morning. No such matching event was in Fantastical. It was, however, shown in the Calendar app as a Siri Suggestion.

https://www.schneier.com/blog/archives/2024/03/hardware-vulnerability-in-apples-m-series-chips.html

Note that exploiting the vulnerability requires running a malicious app on the target computer. So it could be worse. On the other hand, like many of these hardware side-channel attacks, it’s not possible to patch.

https://mastodon.social/@simonbs/112045502577892427

With iOS 17.4 released, you can go to Settings → Face ID & Passcode → Stolen Device Protection and make the security delay required even when you are at a familiar location.

https://arstechnica.com/security/2024/01/hackers-can-id-unique-apple-airdrop-users-chinese-authorities-claim-to-do-just-that/

Chinese authorities recently said they’re using an advanced encryption attack to de-anonymize users of AirDrop in an effort to crack down on citizens who use the Apple file-sharing feature to mass-distribute content that’s outlawed in that country.

https://gizmodo.com/nso-group-exploited-new-zero-click-vulnerabilities-in-i-1850347936

Citizen Lab identified three new exploits that targeted iOS users worldwide in 2022. Apple’s Lockdown Mode reportedly worked as promised.

https://mjtsai.com/blog/2023/01/30/safe-browsing/

https://www.theverge.com/2022/12/7/23498580/apple-end-to-end-encryption-icloud-backups-advanced-data-protection

Apple will expand the number of “data categories” protected by end-to-end encryption from 14 to 23, with backups, Notes, and Photos now covered.

https://www.theguardian.com/technology/2022/oct/11/iphones-calling-911-from-owners-pockets-on-rollercoasters

New iPhones which can detect car crashes and notify emergency services appear confused by thrill rides

https://www.ifixit.com/News/64865/iphone-14-teardown

Apple has completely redesigned the internals of the iPhone 14 to make it easier to repair.