The Exploited-by-Countless-Apps Edition Thursday, February 2, 2023

Apple Maps Privacy Bug May Have Allowed Apps To Collect Location Data Without Permission, by Ben Lovejoy, 9to5Mac

An Apple Maps privacy bug fixed in iOS 16.3 may have allowed apps to collect user location data without permission.

At least one app appears to have done so, and a security reporter has speculated that the same privacy bug could have been exploited by countless apps over an unknown time period.

Pig-butchering Scam Apps Sneak Into Apple’s App Store And Google Play, by Dan Goodin, Ars Technica

Researchers from security firm Sophos said on Wednesday that they uncovered two apps available in the App Store that were part of an elaborate network of tools used to dupe people into putting large sums of money into fake investment scams. At least one of those apps also made it into Google Play, but that market is notorious for the number of malicious apps that bypass Google vetting. Sophos said this was the first it had seen such apps in the App Store and that a previous app identified in these types of scams was a legitimate one that was later exploited by bad actors


iOS 16.3 Lets iPhone Users Add Lock Screen Widgets To A Classic Wallpaper If You Still Have It, by Filipe Espósito, 9to5Mac

Although Apple doesn’t mention it in the release notes for iOS 16.3, the latest update to the iPhone operating system lets users add widgets to a classic wallpaper, but only if you still have it. You can also change the font style.

Addigy's New System Updates Feature Allows For Blocking Major OS Releases While Auto Approving Minor Ones, by Bradley Chambers, 9to5Mac

With the combination of System Updates and Addigy Flex Policies, IT administrators have complete control over the update process. Teams can set rules for upgrading the devices to the latest version or set a maximum version number of the operating system that they wish to install. This means that Apple IT admins can allow their fleet to receive only minor patch versions within the current operating system, but not deploy any major updates that may have been released.

Notability For iPad Adds New ‘Pencil’ Feature For A ‘Lifelike Handwriting Experience’, by Chance Miller, 9to5Mac

According to the company, this feature brings “the most paper-like sketching experience to digital notetakers,” including support for the Apple Pencil as well.


My Printer Is Extorting Me, by Charlie Warzel, The Atlantic

Here was a piece of technology that I had paid more than $200 for, stocked with full ink cartridges. My printer, gently used, was sitting on my desk in perfect working order but rendered useless by Hewlett-Packard, a tech corporation with a $28 billion market cap at the time of writing, because I had failed to make a monthly payment for a service intended to deliver new printer cartridges that I did not yet need. Indignant, and making grotesque, frustrated noises that I now understand to be hereditary Warzel responses to printer problems, I declared to nobody in particular that I was being extorted by my printer.

Bottom of the Page

I guess nothing makes me appreciate the wonderful integration between hardware and software by Apple after a day of using a Windows laptop's trackpad, where the physical hardware is made by one party, the operating system is made by another party, and the driver software is made by who-knows-who.


Thanks for reading.