Profile avatar
mysk.bsky.social
We're two #iOS developers and occasional #security researchers on two continents. #CyberSecurity 🎬 https://youtube.com/@mysk 📝 https://mysk.blog
116 posts 300 followers 81 following
Prolific Poster
Conversation Starter
Posts 38 Comments 12

This page is displayed by Truth Social when opening the website from Ukraine or a VPN connected to Ukraine. The web page comes from a Truth Social server. This means Truth Social servers are not blocked in Ukraine. But Truth Social has stopped the service in the region.

submitted 5 days ago • 1 comment

Not only the "For You" section.

submitted 6 days ago • 1 comment

Signal links work again.

submitted 7 days ago • 0 comments

found via @mysk.bsky.social

submitted 8 days ago • 0 comments

Elon Musk’s X blocks links to Signal, the encrypted messaging service www.disruptionist.com/p/elon-musks...

submitted 8 days ago • 1 comment

For some reason, Safari on macOS keeps suggesting my Apple Account credentials on every website. I'm one click away from accidentally sharing my Apple Account password with a random site. This issue occurred in 15.3 and continues in 15.3.1. I can't reproduce it on another Mac.

submitted 13 days ago • 0 comments

🚀 Exciting news! We're now inviting users to Wave 2 of our closed beta test of our privacy-focused iOS app! Your feedback is highly appreciated, and we can't wait to hear from you. If you missed the first round, now's your chance! DMs are open 📩 #Privacy #PrivacyMatters #iOS

submitted 14 days ago • 0 comments

🚀 Exciting news! We're now inviting users to Wave 2 of our closed beta test of our privacy-focused iOS app! Your feedback is highly appreciated, and we can't wait to hear from you. If you missed the first round, now's your chance! DMs are open 📩 #Privacy #PrivacyMatters #iOS

submitted 14 days ago • 0 comments

Apple software update "bug" enables Apple Intelligence If you saw the "welcome" screen after updating to iOS 18.3.1 or macOS 15.3.1, then Apple Intelligence was probably re-enabled even after you disabled it. lapcatsoftware.com/articles/202...

submitted 15 days ago • 0 comments

People seem surprised AltStore said Apple approved the porn app. It’s true, they did. It went through the notarization review process, which is much like the regular App Store’s manual review, because EU sideloading is the App Store but with more steps. They don’t like it, but they did approve it.

submitted 21 days ago • 1 comment

We’re nearing the release of our privacy-focused app! Fun fact: The app’s binary is 1.44 MB — just enough to fit on a save icon 💾 (for those who remember!) Turns out if you don’t include a whole bunch of tracking SDKs and who knows what, you can keep your apps pretty tiny 💾

submitted 22 days ago • 1 comment

Hot Tub, the first “approved” iPhone porn app, uses a .io domain—even though .io’s rules prohibit such content. Video links can be opened directly in a browser without any age verification. This is concerning since family-safe DNS servers typically trust .io domains. #privacy

submitted 22 days ago • 2 comments

WhatsApp fixes a critical privacy bug in the iOS app and here's how the bug is addressed in the update notes: www.macrumors.com/2025/01/29/u...

submitted 27 days ago • 1 comment

Why do the App Store and Google Play post HTTP links on X? The accounts of Apple TV and Apple Podcasts do the same. Their servers already support HTTPS. #Apple #Google #Privacy #infosec #security

submitted 28 days ago • 0 comments

iOS 18.3 adds more settings to control in-app web browsing "when you're browsing the web in apps." It's located in an unexpected place: Settings -> General -> In-App Web Browsing The new setting in location services seems to be related to it.

submitted 29 days ago • 2 comments

Apple just released iOS 18.3 Video will drop soon.

submitted 29 days ago • 1 comment

A new mysterious location permission option has been added in iOS 18.2: Privacy & Security ➡️ Location Services ➡️ System Services ➡️ "In-App Web Browsing" It's on by default. Still figuring out what it's for 🤔 #Apple #Privacy

submitted 33 days ago • 0 comments

The Passwords app now categorizes the network requests to download the icons as "websites visited in app" and this way the number of requests sent isn't included in the main count in the #privacy report.

submitted 34 days ago • 1 comment

Printers add a nearly invisible watermark on every page that uniquely identifies the printer, which makes it possible to trace back any page to a specific printer. I’ve always wondered: Do smartphones do something similar with photos? Can we find out? en.m.wikipedia.org/wiki/Printer...

submitted 40 days ago • 0 comments

It still doesn't sound right that a password manager app communicates with 130 different websites (for downloading icons). That's more than X on my device 🤯. Thanks to our report, all these connections now use HTTPS, but 130....😩 #Apple #iOS

submitted 54 days ago • 0 comments

We’ve been a little quiet recently, and not just because it’s the holiday season 🎄❄️ Over the last several months we’ve been working on a brand new privacy-focused app for iOS. We plan on launching this app soon and we can’t wait to share more details with you.

submitted 66 days ago • 0 comments

Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download icons for password entries—a serious #security risk. We reported this bug to #Apple in September, and it’s finally fixed in #iOS 18.2 (CVE-2024-54492). Why does this matter? Watch 🎬 : youtu.be/1vr2e6YeNuc

submitted 76 days ago • 0 comments

New on @forbes.com A big update for many reasons - one being that Apple isn't updating iOS 17 with security fixes any more, if you have a compatible device. Get updating ASAP. @seanwrightsec.com and @mysk.bsky.social for their report on the passwords flaw www.forbes.com/sites/kateof...

submitted 75 days ago • 0 comments

Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download icons for password entries—a serious #security risk. We reported this bug to #Apple in September, and it’s finally fixed in #iOS 18.2 (CVE-2024-54492). Why does this matter? Watch 🎬 : youtu.be/1vr2e6YeNuc

submitted 76 days ago • 0 comments

iOS 18.2 doesn't let you delete the App Store app if it's the only installed marketplace app on the iPhone. Does this restriction make sense?

submitted 89 days ago • 0 comments

If you delete the App Store app hoping that you'd force iOS to open App Store links in the browser, you're mistaken. iOS will refuse to open the links in your browser and prompts you to restore the App Store app first. #Apple #iOS #privacy #DMA

submitted 90 days ago • 0 comments

In iOS 18.2, EU users will be able to delete the App Store app. You get a warning message before deleting the app. You can re-install the app from the Settings app. A similar but shorter warning message is also shown when deleting an alternative marketplace app. #iOS #DMA #EU #iPhone #iOS18

submitted 91 days ago • 1 comment

This is an example of what the App Store app shares with #Apple when you search for an app. Everything you type in the search field is recorded as an event and associated with your Apple ID before it is sent to Apple. … 1/3 #Privacy #iOS

submitted 94 days ago • 2 comments

iOS 18 lets you delete the new Passwords app, but it shows a warning that deleting the app will not delete any of the passwords or secrets stored in the app 🤷‍♂️ #iOS18

submitted 162 days ago • 0 comments

🚨 iOS 18 will be released today. During the upgrade, your passwords will be migrated from the built-in password manager to the new Passwords app. If you don't use iCloud Keychain, you need to know that the Passwords app will sync your passwords with iCloud by default. #iOS18

submitted 162 days ago • 0 comments

Why do many websites still use reCAPTCHA?

submitted 176 days ago • 0 comments

Why do many websites still use reCAPTCHA?

submitted 176 days ago • 0 comments

Apple's implementation of installing marketplace apps from #Safari is heavily flawed and can allow a malicious marketplace to track #EU users across websites, even in private browsing mode. This blog details our findings: www.mysk.blog/2024/04/28/s... #privacy #security #iOS #iPhone

submitted 303 days ago • 0 comments

AI-generated Elon Musk videos flood YouTube with fake eclipse streams to promote crypto scams mashable.com/article/fake...

submitted 323 days ago • 0 comments

Cool ideas for an alternative app store in the EU: -Privacy focused, real privacy not the "We believe privacy is a fundamental human right" nonsense -An option to remove ads, even if paid -An option to disable subscription auto-renewals by default List yours 👇 #Privacy

submitted 327 days ago • 0 comments

The App Store is down for many #iPhone users across the world #Apple #AppStore

submitted 328 days ago • 1 comment

How many alternative app marketplaces are now available for iPhone users in the EU? #MaliciousCompliance #Apple #DMA

submitted 336 days ago • 0 comments

While Signal works to hide phone numbers, Telegram adds a new OTP feature that exposes phone numbers to strangers. www.theverge.com/2024/3/25/24...

submitted 337 days ago • 0 comments