Apple has deactivated the Walkie Talkie app on the Apple Watch due to a vulnerability…
Read also: China declared a real war on DDoS services
Gendler found that even if the user configured Apple Mail to send and receive encrypted correspondence, Siri would still collect unencrypted versions of the letters and save parts of them in the database. The problem manifests itself in all versions of macOS from Sierra to Catalina.
“This is a serious problem for governments, corporations, and ordinary people who use encrypted email and expect their content to be protected. Because of this database and the process, secret and top-secret information transmitted in encrypted form can be disclosed, just like commercial secrets and confidential data”, – the researcher writes.
Although Apple had more than 90 days to fix the problem, there are still no patches, although the company has already informed the media that it intends to fix the vulnerability soon.
“Apple tells that it is aware of the issue and says it will address it in a future software update. The company also says that only portions of emails are stored. But the fact that Apple is still somehow leaving parts of encrypted emails out in the open, when they’re explicitly supposed to be encrypted, obviously isn’t good”, — writes The Verge magazine.
In the meantime, Gendler explains that simply disabling Siri will not help, instead users need to prevent the assistant from viewing encrypted messages from Apple Mail.
Mubasinter.xyz is a domain that tries to trick you into subscribing to its browser notifications…
Garicund.xyz is a domain that tries to force you into subscribing to its browser notifications…
Qehu - General Info Qehu is a destructive software functioning as typical ransomware. Michael Gillespie,…
Qepi Virus - Details Qepi is a destructive software functioning as typical ransomware. Michael Gillespie,…
Wifebaabuy.live is a domain that tries to trick you into clik to its browser notifications…
Relativeads.net is a domain that tries to force you into clik to its browser notifications…
View Comments
[…] out that the vendor is practically catching up with Microsoft negative news, and messages like: Vulnerability allows reading encrypted Apple Mail letters on macOS, or the OpenID Foundation stated that “Sign in with Apple” feature is not secure seriously […]