
Mysk 🇨🇦🇩🇪
@mysk_co • 20,653 subscribers
We're two #iOS developers and occasional #security researchers on two continents. #CyberSecurity 📝https://t.co/69k7WAphKl 🇨🇦🇩🇪 Current Project: @psylo_app
Shorts
Videos

🚨PSA: If you think you're a targeted individual, don't install macOS apps from the web. macOS code signing and TCC are broken. We accidentally found a bug that lets any command modify the binaries of other apps, including Signal, Brave, Chrome, and even Xcode. Watch the demo👇 This happens entirely in the background, with no password prompts or visible alerts. The modified binaries can then access the original app's keychain records and protected containers. We reported this to Apple two weeks ago and haven't received a response. We previously said we wouldn't contact Apple's bounty program again, but we believe it's necessary in this case to help protect Mac users. It affects macOS 26 and 27. This bug doesn't impact apps downloaded from the Mac App Store. Many developers distribute apps on the web instead because Apple controls the App Store's review process and payment methods.
Mysk 🇨🇦🇩🇪95,456 次观看 • 23 天前

😎🔬 Proton VPN just got updated. When iOS updated the app with the kill switch on, it was a total mess: iOS blocked internet for nearly 6 minutes, then terminated the app and its VPN tunnel, exposing iPhone traffic and IP. The VPN required a manual restart 😠. Watch this demo:
Mysk 🇨🇦🇩🇪178,413 次观看 • 2 个月前

Signal Desktop is not secure. With every vulnerability we discover on macOS, we find Signal Desktop to be an easy target. In this video, we show how a Signal session can be stolen and restored on a remote Mac without the user being aware. Only use Signal on iPhone or Android
Mysk 🇨🇦🇩🇪36,948 次观看 • 2 个月前

Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download icons for password entries—a potential #security risk. We reported this bug to #Apple in September, and it’s finally fixed in #iOS 18.2 (CVE-2024-54492). Why does this matter? Watch 🎬 :
Mysk 🇨🇦🇩🇪156,358 次观看 • 1 年前

Found another example: iTunes Store Zero Liquid Glass and untouched since the iOS 7 flattening, but still you can get the latest Taylor Swift album The best part: the app still lets you customise the bottom tab bar, a feature that existed when iOS was still called iPhone OS
Mysk 🇨🇦🇩🇪80,667 次观看 • 9 个月前
没有更多内容可加载