Checklist 191: TikTok Talk with Patrick Wardle

TikTok. Harmless fun? Or existential threat to the United States? The answer you get depends on who you ask. This week we have a special guest to help us discuss the question in depth — and we’ll get into the larger issues with apps, user data, and digital privacy.

TikTok, apps, and your privacy

In recent weeks, the popular video-sharing app TikTok has made headlines for its practice of monitoring iOS pasteboard data. The pasteboard — kind of a system-wide clipboard for iOS that lets apps access the information copied there — …

Twitter hack was an inside job, sources say

On Wednesday, multiple verified, high-profile Twitter accounts were compromised, including the accounts of Barack Obama, Elon Musk, and Apple. Hackers made tweets requesting charitable donations in the form of Bitcoin, promising to double any contribution made within the next 30 minutes. The tweets were, of course, fraudulent — and the Bitcoin wallet addresses set up to accept the cryptocurrency “donations” belonged to the scammers.

Twitter reacted quickly to the attack, removing the offending tweets, locking down affected accounts, and preventing users from tweeting or resetting their passwords as the company attempted …

EARN IT Act moves forward, worrying privacy advocates

The “EARN IT” Act is slowly making its way through the U.S. Senate. Despite strong public criticism, an amended version of the bill was unanimously approved by the Senate Judiciary Committee in early July, setting the stage for full hearings in the near future.

In this article, we’ll discuss the background to EARN IT, and let you know why some people say it’s a serious threat to free speech and digital privacy.

What is EARN IT?

EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) is the name of a bill currently …

Is Mac malware evolving?

Mac malware is increasing in quantity, and many security researchers say it’s becoming more sophisticated as well. While some Mac users are still a bit blasé about the threats facing the platform, the last few weeks have provided two great examples of the evolution of Mac malware. In what follows, we’ll fill you in on the details, and offer some thoughts about what it all means for the future of macOS security.

Old malware, new delivery method

Security researchers at Intego recently spotted what seemed to be a new variant of Mac …

Checklist 190: WWDC20, iOS, and Safari with Brett Terpstra

This week, we dive a bit deeper into some WWDC20 announcements with developer Brett Terpstra

Browser extensions and your privacy

afari is getting a major overhaul in macOS 11 Big Sur, and one of the most important privacy enhancements has to do with browser extensions

The Checklist Summer Security Special 2020

In the movies, bad guys are often taken down by a tech vulnerability. This week, we revisit our look at how best practices could make bad guys better at being bad.

Is TikTok reading your clipboard?

TikTok has been caught snooping on iOS users’ clipboard data. The video-sharing app’s troubling behavior was discovered thanks to a new privacy feature in iOS 14

Checklist 189: WWDC20 and the Mac

On this week’s Checklist, we cover the biggest Mac news to come out of Apple’s 2020 Worldwide Developer Conference, including a new macOS and Safari, a new processor for Macs and a new way to log in to websites.

Highlights from the 2020 Worldwide Developers Conference

Apple’s 2020 Worldwide Developers Conference got underway on Monday with a livestreamed keynote address. The company announced major updates to its operating systems, apps, and hardware.

10 tips for getting back on the road again

Covid-19 lockdowns are starting to lift, and people are already beginning to travel for work and family reasons. We’ve shared cybersecurity best practices for travel before, but this year, there are some pandemic-related considerations to add to the list. 

Here, then, are 10 things to keep in mind if you’re going to be hitting the road in the coming months (starting with five “new normal” additions to the usual advice, and rounding things out with five always-relevant tips for secure travel).

article span.backnum { font-family:”Open Sans”, sans-serif; font-size: 10rem; opacity: 0.3; line-height: …

Best of the Checklist: June 18th, 2020

The Checklist will return next week with coverage of WWDC 2020. In the meantime, we’ll catch you up on the latest cybersecurity news — and share several Checklists from the archives that shed light on these stories.

Security for new high school grads

It’s high school graduation time again! COVID-19 has brought some big changes this year, with drive-thru graduations and Zoom commencement speeches taking the place of traditional ceremonies. But despite the differences, one thing is guaranteed to remain the same: The bad guys will be targeting new grads for fraud, scams, and identity theft.

If you know a member of the Class of 2020, here are three things you can do to help keep them safe.

article span.backnum { font-family:”Open Sans”, sans-serif; font-size: 10rem; opacity: 0.3; line-height: 1; position:absolute; left: 1rem; top: 0;}
article …

Karen Gullo on government monitoring

Karen Gullo is an analyst and senior media relations specialist for Electronic Frontier Foundation (EFF). She is an award-winning journalist who has written for both The Associated Press and Bloomberg News. Her writing has focused on the intersection of law, politics, and technology. In her current role, Gullo supports EFF’s mission of defending civil liberties and enhancing rights in the digital world.

If you would like to learn more about Karen and her work, you can follow her on Twitter or read her past articles and blog …

Best of the Checklist

The Checklist is taking a short break as we gear up for WWDC 2020 — but we’ll be back with all new episodes very soon. To tide you over while you wait, we’re sharing several classic Checklists which provide essential background to the week’s news.

What is Tor?

We’ll answer some common questions we’ve heard about Tor — touching on issues of functionality, safety, and privacy.

What is a DNS leak?

A security flaw known as a “DNS leak” that can reveal all of your web activity to your ISP — even if you’re using a VPN!

Checklist 188: Don’t Let Your iPhone Give You Away

This week’s Checklist is all about staying safe in an unsafe world.

Checklist 187: Talking Encryption with Patrick Wardle

This week, we sit down with a special guest to discuss the ins and outs of encryption — touching on everything from iPhone passcodes and brute-force attacks to political posturing and quantum computing!

New unc0ver jailbreak works on all modern iOS devices

Just as Apple released iOS 13.5 to the world, hackers at unc0ver announced that they had developed a jailbreak that would work on devices running iOS 11 all the way up to the brand new iOS 13.5.

In what follows, we’ll try to answer some common questions about the unc0ver jailbreak. Along the way, we’ll discuss the whys and whats of jailbreaking, and explain what it all means for average iOS users in terms of security and privacy.

What is unc0ver?

Unc0ver is a jailbreak tool for iOS devices. It can be loaded …