Apple has deactivated the Walkie Talkie app on the Apple Watch due to a vulnerability…
Read also: China declared a real war on DDoS services
Gendler found that even if the user configured Apple Mail to send and receive encrypted correspondence, Siri would still collect unencrypted versions of the letters and save parts of them in the database. The problem manifests itself in all versions of macOS from Sierra to Catalina.
“This is a serious problem for governments, corporations, and ordinary people who use encrypted email and expect their content to be protected. Because of this database and the process, secret and top-secret information transmitted in encrypted form can be disclosed, just like commercial secrets and confidential data”, – the researcher writes.
Although Apple had more than 90 days to fix the problem, there are still no patches, although the company has already informed the media that it intends to fix the vulnerability soon.
“Apple tells that it is aware of the issue and says it will address it in a future software update. The company also says that only portions of emails are stored. But the fact that Apple is still somehow leaving parts of encrypted emails out in the open, when they’re explicitly supposed to be encrypted, obviously isn’t good”, — writes The Verge magazine.
In the meantime, Gendler explains that simply disabling Siri will not help, instead users need to prevent the assistant from viewing encrypted messages from Apple Mail.
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…
View Comments
[…] out that the vendor is practically catching up with Microsoft negative news, and messages like: Vulnerability allows reading encrypted Apple Mail letters on macOS, or the OpenID Foundation stated that “Sign in with Apple” feature is not secure seriously […]