Wednesday, November 25, 04:24
Home security Apple fixes Bug in Siri that exposed encrypted emails

Apple fixes Bug in Siri that exposed encrypted emails

Siri

It can be Apple to constantly advertise that safety The privacy of its users is its main concern, but that does not mean that it does not make mistakes. And the last one was discovered by a security investigator, digital assistant of the company, Siri.

Apple technology expert Bob Gendler tested the macOS operating system to understand more about how Apple trains and customizes Siri for each user. During his investigation, he found that operating system stores segments e-mail users in plain text, even when they are supposed to be encrypted.

As Gendler said in his post, Apple uses a system process called suggestd, a program that is constantly running, gathering content from various applications. These include Spotlight, Mail and Messages. By collecting this information, he or she better understands what everyone likes user to introduce him to the topics that interest him.

When it collects this information, it saves it to the file snippets.db inside the folder MacOS suggestions. Suggestd saves plain text even emails that are encrypted with mail extension Secure / Multipurpose (S / MIME), a technology that uses public and private keys to protect emails.

Although an attacker will need full access to the disk with system files to view this information, as MacOS protects them with System Integrity Protection, there are cases when users need to disable the function. According to Gendler, any program with full disk access on macOS could potentially collect data, such as Apple's Finder (the equivalent of Windows File Explorer).

What can you do

Simply disabling Siri will not help, as it is still running in the background. Instead, you can manually enter a command in your terminal window (you do not need to have root access to do so):

defaults write com.apple.suggestions SiriCanLearnFromAppBlacklist -array com.apple.mail

If you want to immediately stop Siri access to applications you, go to System Preferences and then on Siri. Click on About Siri & Privacy and then remove all your applications in turn.

Gendler also provides a larger one script, which you can run to disable Apple Mail tracking by Siri.

It should be noted that it is not so easy for an intruder to access the system tray, however it is preferable to be covered in any case.

Apple has stated that it is aware of the problem and intends to address it in a future software update.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Amazon - PlayStation 5: Complaints about non-delivery of orders!

Amazon has announced that it is currently investigating what happened to the PlayStation 5's delivery failure after reports of theft ....

How to mute Fleets on Twitter

Twitter "stories", called Fleets, allow you to post content that disappears after 24 hours. But if you want ...

Apple's security chief accused of bribery

A prosecutor in Santa Clara, California, issued an indictment on Monday, accusing Apple security chief Thomas Moyer of offering bribes ...

A mysterious metal monolith was discovered in the Utah desert

A strange metal monolith was found in the Utah desert by a helicopter crew passing through the area!

US election: A small group of accounts spreads fake news

The researchers found that a small group of social media accounts are responsible for spreading fake news about ...

Intel spreads FUD on Ryzen 4000 performance

On Friday, Intel made a presentation to various journalists and analysts telling them that there is a serious discrepancy between the performance of ...

Black Friday: What are Amazon's best deals?

Black Friday is almost here, and we've put together the best deals on Amazon devices. Amazon has an ever-expanding list of devices, ...

Data breach at Bristol City Council

A data breach that took place in the Bristol City Council, resulted in the leak of information such as names and email addresses ...

E-Land-South Korea: Fell ransomware attack

One of the largest retailers in South Korea, E-Land, was forced to close almost half of its stores after a ransomware ...

Investigator breaks down a Tesla Model X in just minutes

A Belgian security researcher has discovered a method that hijacks the firmware of key fobs of the Tesla Model X, allowing him to ...