Apple and the FBI

The government wants Apple to unlock a terrorist’s iPhone. Are they asking the impossible?

In the wake of the December terrorist attack at Naval Air Station Pensacola, in which three service members lost their lives, the federal government has renewed calls for Apple to provide a “backdoor” by which authorities can bypass the encryption on iPhones.

In this brief article, we’ll look at the background to this most recent clash between Apple and the U.S. Department of Justice, and we’ll examine the issue from a technical perspective as …

Checklist 171: Here, FIDO!

On this week’s Checklist, we’ll see how private your iCloud backups really are; we’ll examine the strange story of how the richest person in the world got hacked; and finally, we’ll look at a technology that promises a better way to do 2FA.

This week on the Checklist:

Considering iCloud and end-to-end encryptionA WhatsApp bromance gone badIf you’ve got an iPhone, here’s FIDO!

 
What happens in your iCloud…

We’ve known for a while that iCloud backup data isn’t protected by end-to-end encryption — meaning that encryption keys aren’t stored only on the user’s device, …

Cybersecurity New Year’s Resolution #4: Teach someone about cybersecurity

Rather than doing something to protect yourself, we’ll challenge you to teach someone else about cybersecurity and help them take steps to keep themselves safe.

Checklist 170: A Great Big List + Home Insecurity

On this week’s Checklist, we’ll take a look at someone else’s checklist of security tips, plus we’ll talk about what happens when companies that don’t specialize in security decide to get into the security business.

Cybersecurity New Year’s Resolution #3: Test your phishing awareness

By testing your knowledge of the full spectrum of phishing tactics out there — by seeing what you know…and what you don’t — you’ll be better equipped to deal with even the sneakiest of phishing attempts.

The California Consumer Privacy Act

The California Consumer Privacy Act (CCPA) is legislation designed to protect the digital privacy and consumer rights of residents of the State of California.

Why you should update Firefox right now, according to the U.S. Department of Homeland Security

The U.S. Department of Homeland Security has issued an alert about a “critical vulnerability” affecting Mozilla’s Firefox browser. The DHS has advised all Firefox users to update their browser software immediately.

In this short article, we’ll explain what the vulnerability is, help you parse the language used in the security advisory, tell you who is affected, and let you know how to get your updates and stay safe.

What is the vulnerability?

According to the Mozilla security advisory, the vulnerability was due to a flaw in the “IonMonkey JIT compiler”, which could “lead …

Checklist 169: New Year, New Rules!

It’s the first Checklist of 2020, and we’re starting things off with some important privacy news from the great state of California. We’ll also discuss (another) potential issue with Amazon’s Ring doorbell surveillance camera. And finally, we’ll leave you with a decidedly low-tech security tip that you’ll want to remember all year long!

Cybersecurity New Year’s Resolution #2: Turn on 2FA

Two-factor authentication, or 2FA, is one of the best cybersecurity tools available to you. The main benefit of two-factor authentication is that it adds another layer of protection to your accounts and services, above and beyond passwords

RCS chat: a better SMS for Android?

Android has started rolling out Rich Communication Services (RCS) chat features to users of its Messages app, touting this as a better, more up-to-date successor to traditional SMS texting. However, there is still some confusion about what RCS is…

Cookie Policy

Updated as of January 1, 2020 

Our Cookie Policy

SecureMac, Inc. (“SecureMac,” “us,” “we,” or “our”) uses cookies on the www.securemac.com website and associated web pages (the “Site”). By using the Site, you consent to our use of cookies. Our Cookie Policy explains what cookies are, how we use them, how third parties we may partner with may use cookies on the Site, your choices regarding cookies, and how you can manage them.

What are cookies?

A “cookie” is a small piece of information stored on your device when you visit a website. The …

Is your bank a privacy threat?

Many people are aware that large tech companies like Facebook and Google collect and monetize user data . But privacy advocates are now sounding the alarm about the growing trend of consumer banks and credit card companies doing the same thing.

Terms of Service

Last Updated: February 1, 2023

Welcome to www.securemac.com. PLEASE CAREFULLY REVIEW THE TERMS OF USE OF THIS SITE. These Terms of Use (“Terms”) constitute a legal agreement between you and SecureMac, Inc. (“SecureMac”, “us”, “our”, and “we”) governing your access to and use of the website, online services, mobile site or other domain or software application which SecureMac owns, operates, licenses or controls (the “Site”). By accessing or viewing the Site or participating in or using any service offered on this Site (collectively, the “Services”), you agree to these Terms. Do …

Cybersecurity New Year’s Resolution #1: Get a password manager

This January, we’re going to offer you the chance to make some changes which will improve your cybersecurity posture and keep you safer all year long. To do this, we’ll give you some background information on each “cybersecurity New Year’s resolution” and also walk you through the steps needed to take action.

For many people, these may be things that they’ve been putting off for a while — things that they know are important, but which they haven’t gotten around to just yet. If that describes you, now’s the perfect time …

Best of the Checklist: January 2nd, 2019

The Checklist is taking a little holiday break this week, but we’ll be back on the 9th of January with a new podcast. Until then, we’d like to invite you to check out these classic Checklists you might have missed, especially as they touch on topics that have been in the news of late! 

In what follows, we’ll let you know what’s been going on in the world of cybersecurity for the past week, and then we’ll point you to a Checklist where you can learn more.

This Best of the Checklist …

Cybersecurity in 2019: Top 9 stories that show what the future holds

This year was a big one for cybersecurity news, with plenty of stories worthy of inclusion in a year-end review. We’ll take you through the top stories of 2019 which help us see the shape of things to come.

How to set up an IoT gift for security

It’s that time of year again, when kids and adults alike will soon be unwrapping presents and playing with new toys. But if you receive an Internet of Things (IoT) device as a gift, you may want to pay extra attention to the cybersecurity ramifications of adding it to your home network.

Unfortunately, many Internet-enabled home appliances and toys have been found to have serious security weaknesses — weaknesses which malicious actors could exploit. 

These can range from the mildly annoying, for example, in the case of “smart” things which get infected …

Apple in 2019: Naughty or Nice?

It’s that time of year again, when Santa makes his list, checks it twice and, well, you know the rest. So in the spirit of the season, we’re going to take a look at some of the top Apple stories of 2019 to see if the company was naughty or nice this year. 

.nice {background: rgb(107,219,107);
background: -moz-linear-gradient(left, rgba(107,219,107,1) 0%, rgba(5,112,0,1) 100%);
background: -webkit-linear-gradient(left, rgba(107,219,107,1) 0%,rgba(5,112,0,1) 100%);
background: linear-gradient(to right, rgba(107,219,107,1) 0%,rgba(5,112,0,1) 100%);
filter: progid:DXImageTransform.Microsoft.gradient( startColorstr=’#6bdb6b’, endColorstr=’#057000′,GradientType=1 );-webkit-background-clip: text;
-webkit-text-fill-color: transparent; text-shadow: none;
}
.naughty{background: rgb(174,55,72);
background: -moz-linear-gradient(left, rgba(174,55,72,1) 0%, rgba(109,23,31,1) 100%);
background: -webkit-linear-gradient(left, …

Checklist 168: It only FEELS like a recap

This week’s Checklist topics may sound familiar, but don’t be fooled! We revisit three stories that we’ve talked about before, but which now have some updates worth discussing (spoiler: it’s not all good news!).

On this week’s Checklist, it’s deja vu all over again:

$20 bucks and a security breach on pump four…revisitedLast week’s Communications Limits…revisitedBad passwords…revisited (again)

$20 on four: the case for paper money

Earlier in the year, we covered a story about gas station monitoring software that had serious vulnerabilities — serious enough to attract the attention of the Department of …

Georgia Weidman on penetration testing and the future of cybersecurity

Georgia Weidman is a penetration tester, security researcher, writer, trainer, and entrepreneur.

She is the author of a highly-regarded book which teaches the fundamentals of penetration testing, Penetration Testing: A Hands-On Introduction to Hacking, and has taught security courses and conducted advanced training sessions at such prestigious venues as Black Hat, Tulane University, West Point, and the NSA.

Weidman is also the founder of Shevirah, a company focused on mobile device and Internet of Things (IoT) security, as well as Bulb Security, a cybersecurity …