Apple’s Face ID will likely get a boost
iPhone and iPad users have been familiar with the Face ID technology since 2017 when it made its debut with the release of the iPhone X. It’s generally thought of as a handy and highly secure way to unlock devices and even make purchases without having to enter passwords. The facial recognition routine is not perfectly accurate in every situation, though. The so-called “evil twin” attack demonstrates how a potential adversary can be erroneously identified as the legitimate device owner based on similar face patterns.
Researcher unveils a new macOS security flaw
A developer has found a vulnerability that allows an attacker to bypass privacy protections in macOS Mojave and later versions of the operating system. The exploit was discovered by a macOS developer named Jeff Johnson in September 2019 but hadn’t been disclosed to the public until late June 2020. The reason for this gap is that the enthusiast reported his findings to the Apple Security Bounty Program the day it was launched in an attempt to get a reward.
Safari 14 will introduce Face ID and Touch ID for the web
Apple is bridging the gap between its proprietary biometric authentication features and websites for a seamless sign-in experience not relying on passwords. Those using an iPhone, an iPad, or a MacBook with the Touch Bar onboard should be familiar with the Face ID and Touch ID features. They enable biometric authentication to log into applications so instead of the traditional username and password combo. Apple is planning to extend the use cases of these mechanisms far beyond apps and services.
WWDC 2020 event unveils Apple’s new security and privacy features
Apple has recently announced groundbreaking tweaks to both iOS and macOS that will efficiently counter several common types of unethical user tracking. This year’s Apple Worldwide Developers Conference (WWDC) is shaping up to be very promising in terms of the privacy and security combo. Although the company has departed from the usual format and is holding the event in a “no in-person attendance” mode in 2020 for obvious reasons, the overall informative stuffing is definitely at a decent level.
Malware authors use a new trick to circumvent macOS Catalina defenses
Security researchers discovered an unusual malware campaign targeting Mac computers that gets around the security mechanisms built into macOS Catalina. The devious scheme recently added to Mac malware makers’ genre allows harmful code to bypass Apple’s app notarization process. This security routine has been a part of the Gatekeeper feature since the October 2019 release of macOS Catalina 10.15. It raised the entry bar for suspicious software by displaying a popup alert whenever a user tries to execute an unverified program.
Apple launches a new project to boost password security
Apple is up to enhancing its users’ authentication practices by releasing a list of password criteria for developers and password management services. The new initiative codenamed the “Password Manager Resources” project aims to create a roadmap for the parties involved in masterminding and implementing secure login procedures. Coders and providers of password management applications shape up the primary audience of this groundbreaking move.