social.wildeboer.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon instance for people with Wildeboer as their last name

Server stats:

2
active users

#apple

72 posts46 participants4 posts today
Replied in thread

@zak @zenbrowser : a still unfixed vulnerability: if NOT using Touch ID, on some websites you may be able to sign in using a passkey WITHOUT authenticating locally - using biometrics or your passcode (screen unlock code).

⛓️💥 This vulnerability also exists WITH Touch ID set up, provided that "Password Autofill" is disabled.

BTW this vulnerability also permits access to:
icloud.com
account.apple.com
(When asked to provide your fingerprint, tap the X at the top right and tap in the "Email" field one more time).

This is a HUGE risk for people who do not want to use biometrics: if a thief grabs their iPhone when unlocked, or watches them enter their passcode and later steals their iPhone, the thief can use ALL of the owner's passwords and some of their passkeys stored in the "Passwords" app (formerly known as iCloud Keychain).

🎬 This increases the risks of theft as shown by WSJ's Joanna Stern in youtube.com/watch?v=QUYODQB_2wQ.

👶 In addition, a (grand) child or anyone else who (shortly) borrows your iPhone/iPad may have access to more of your cloud-accounts than you're aware of.

🔧 Workaround if you don't want to use biometrics to unlock your iPhone/iPad (this does not fix any problem if a thief learns (or successfully guesses) your passcode (screen unlock PIN or password):

• Set up a Touch ID anyway, for example for your left pinky finger (if you're righthanded)

• Disable "iPhone Unlock" in "Touch ID and Passcode" (visible in the first screenshot).

• Use a safer password manager (such as KeePassium) than the Apple "Passwords" app (iCloud KeyChain).

🚨 In any case:

• Make sure that "Password Autofill" (in settings -> "Touch ID and Passcode") is set to ENABLED;

• When you enter your passcode in a public place (such as a bar, bus or train), make very sure that nobody gets to see you enter it.

So, here's my actually-planned-for-this-year #MARCHintosh project. Attached is a photo of four very dusty containers full of floppy disks. These are the actual disks from my childhood IIfx!

Most of these disks aren't original. The originals lived at Dad's workplace. He would periodically bring home software from work, make a copy of the disks, and return the originals to work. These were, I'm told, the "off-site backups", in case there was a fire at the workplace or something like that. But we also had all this software installed on the family IIfx so Dad could read any files that he brought home from work with him.

Of course, we also bought our own software for the home, and those are mixed in with these disks as well. And that stack of CD-ROMs in the top left are my MacAddict cover disks - those are already archived.

Anyway, because these are just consumer-grade diskettes, they degrade quicker than the professionally-manufactured original ones. I've already lost a few, so I want to get these archived! And of course, anything that doesn't already exist on the Garden will be uploaded there and shared on #GlobalTalk as well.

(expect this to be a long-ass foone-style thread with lots of updates over several days)

"US politicians and privacy campaigners are calling for the private hearing between Apple and the UK government regarding its alleged encryption-busting order to be aired in public."

theregister.com/2025/03/14/app

"Colloquially, the IPA is referred to as the Snooper's Charter since its aims are to legally empower intelligence agencies with greater surveillance powers."

The Register · Apple's alleged UK encryption battle sparks political and privacy backlashBy Connor Jones

Dear Apple,

When you finally do deliver your new AI for the iPhone, it's really important that you make sure the off switch works. It's going to be the first and only feature I use.

Sincerely,
Mil ... SHUT THE HELL UP Siri! I WASN'T TALKING TO YOU!

Ignore me at your peril (or at least the very real threat of a small economic boycott from the Chez Miasma household)

#Apple
#Siri
#Enshitification

Source: theverge.com/news/629940/apple

A hands-on photo of Apple’s iPhone 16E.
The Verge · Leaked Apple meeting shows how dire the Siri situation really isBy Chris Welch

‘Absurd’

When you have the press and civil society camped outside the courtroom, the secret might be out 🤷

Even so, we’re still denied the reasons why the UK government wants to take a battering ram to our security and privacy.

It shows contempt for the public interest in the Apple encryption case.

pressgazette.co.uk/media_law/a

Press Gazette · Press shut out of Home Office’s Snoopers’ Charter Apple encryption tribunalUK news organisations unsuccessfully waited all Friday to argue a secret Apple encryption appeal against the Govt must be heard in public.

"Google refuses to deny it received encryption order from UK government"

The UK’s encryption-breaking order for a backdoor into iCloud isn’t a one-off.

The secret hearing happening RIGHT NOW is bigger than just Apple. If the government wins, our right to privacy and security falls.

Other services will be hit.

therecord.media/google-refuses

Sign our petition ➡️ you.38degrees.org.uk/petitions

therecord.mediaGoogle refuses to deny it received encryption order from UK governmentU.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K. — a mechanism to access encrypted messages that Apple reportedly received.

"This is a significant test for the battle between law enforcement and technology.”

Holding the Apple case in secret makes the legal process more cloak and dagger, less scales and sword.

It makes it harder to challenge the UK government's order to break encryption and creates a dangerous precedent.

This case sets the stage for more shady encryption-breaking orders to be made.

theguardian.com/technology/202

The Guardian · What could Apple’s high court challenge mean for data protection?By Dan Milmo
Replied in thread

The message is clear across the political divide: let's hear it!

The UK government should argue in open court why they want to make us less secure by ordering a backdoor into Apple encryption.

A secret Tribunal would be an affront to the privacy and security issues at stake. It must be held in public.

Read the joint letter from ORG, Big Brother Watch and Index on Censorship ⬇️

openrightsgroup.org/press-rele

Open Rights GroupMake the Investigatory Powers Tribunal on Apple Encryption a Public HearingRights groups call for Apple’s closed appeal against the Home Office’s encryption-breaching order to be opened to the public.
Replied in thread

Bipartisan US Congress Members want the secrecy around the UK's encryption-breaking order to be lifted.

"It is imperative that the UK's technical demands of Apple - and of any other US companies - be subjected to robust, public analysis and debate."

“Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”

wyden.senate.gov/news/press-re

Continued thread

UK MPs have joined the chorus of voices wanting the Apple case to be held in public.

"If the Home Office wants to have effectively unfettered access to the private data of the (innocent) general public, they should explain their case in front of the public."

🗣️ David Davis MP.

"People deserve to know what's happening to their private personal information."

🗣️ Victoria Collins MP.

news.sky.com/story/apple-vs-ho

Sky · Apple vs Home Office encryption court battle must be held in public, say MPsBy Tim Baker