apfeltalk :verified:<p>Große Datenbank mit Millionen Klartext-Passwörtern enthält auch Apple-Logins<br>Ein gigantischer Datenfund sorgt derzeit für weltweites Aufsehen. Eine ungeschützte Datenbank mit 184 Millionen Datensätzen<br><a href="https://www.apfeltalk.de/magazin/news/grosse-datenbank-mit-millionen-klartext-passwoertern-enthaelt-auch-apple-logins/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">apfeltalk.de/magazin/news/gros</span><span class="invisible">se-datenbank-mit-millionen-klartext-passwoertern-enthaelt-auch-apple-logins/</span></a><br><a href="https://creators.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://creators.social/tags/Services" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Services</span></a> <a href="https://creators.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://creators.social/tags/Cyberkriminalitt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberkriminalitt</span></a> <a href="https://creators.social/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datenschutz</span></a> <a href="https://creators.social/tags/Datensicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Datensicherheit</span></a> <a href="https://creators.social/tags/EMailSicherheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EMailSicherheit</span></a> <a href="https://creators.social/tags/InfostealerMalware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfostealerMalware</span></a> <a href="https://creators.social/tags/KlartextPasswrter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KlartextPasswrter</span></a> <a href="https://creators.social/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://creators.social/tags/Sicherheitslcke" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sicherheitslcke</span></a> <a href="https://creators.social/tags/Zugangsdaten" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zugangsdaten</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.
Administered by:
Server stats:
275active users
toad.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#AppleID
0 posts · 0 participants · 0 posts today
OpenTech<p>Enable iCloud's ADP in the UK After the Ban</p><p>Download: Install the Librewolf browser and Proton VPN on your computer.<br>Connect: Use Proton VPN to connect to a US server. Create a new Apple ID in Librewolf, selecting the US as your region.<br>Switch Accounts: On your iPhone, log out of your current Apple account and log in with the new one.<br>You should now have access to ADP! Let me know if it works!</p><p><a href="https://mastodon.social/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a> <a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.social/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> <a href="https://mastodon.social/tags/TechTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechTips</span></a></p>
Michael Burch :kt_ow:<p>Neuer Artikel auf iPhone-Blog.ch veröffentlicht:<br>Käufe von einem Apple Account zu einem anderen Apple Account übertragen </p><p>Aus historischen Gründen sind auch auf meinem iPhone zwei Apple Accounts angemeldet. Einer für iCloud und einer für Medien & Käufe. Apple ermöglicht es nun, diese beiden zusammenzuführen. Dabei wird der Account, der in den Einstellungen unter Medien & Käufe angemeldet…</p><p>Artikel lesen: <a href="https://www.iphone-blog.ch/2025/02/12/kaeufe-von-einem-apple-account-zu-einem-anderen-apple-account-uebertragen/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">iphone-blog.ch/2025/02/12/kaeu</span><span class="invisible">fe-von-einem-apple-account-zu-einem-anderen-apple-account-uebertragen/</span></a></p><p><a href="https://swiss.social/tags/AppleAccount" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleAccount</span></a> <a href="https://swiss.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://swiss.social/tags/Medien" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Medien</span></a></p>
-0--1-<p><span class="h-card" translate="no"><a href="https://beige.party/@Kierkegaanks" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Kierkegaanks</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.green/@gimulnautti" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gimulnautti</span></a></span> It's one of the reasons I refuse to buy anything that is <a href="https://mastodon.social/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a>. When <a href="https://mastodon.social/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://mastodon.social/tags/Disintermediated" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Disintermediated</span></a> me from THOUSANDS OF DOLLARS of the Music I stored on my <a href="https://mastodon.social/tags/AppleiPod" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleiPod</span></a> and tied it to an <a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> tied to an ancient <a href="https://mastodon.social/tags/AOL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AOL</span></a> account, I began to say <a href="https://mastodon.social/tags/FUCKTECHNOLOGY" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FUCKTECHNOLOGY</span></a>. I won't be milked anymore.</p>
Dave Wood 🇨🇦<p>Had to chat w/Apple support to have them unlock the account.</p><p>I was warned: “Just a heads up that further fraudulent activities may permanently disable the account”.</p><p>I said I didn't like that wording as it implies I did something fraudulent to begin with, which I didn’t. He insisted this was to keep my “account safe”.</p><p>Apple has too much power. I shouldn't be locked out of my devices/data randomly on Apple's whim. I have $thousands of software/movies licensed to my <a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> that are at risk.</p>
Dave Wood 🇨🇦<p>Fuck. Can’t even add a new payment. Get the same “Tap Continue” message without a button.</p><p><a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://mastodon.social/tags/SecurityByIncompetence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityByIncompetence</span></a></p>
Dave Wood 🇨🇦<p>Reset the password on the account following their instructions, account immediately disabled again.</p><p>WTF.</p><p>My guess is that they've lost my CC details. The expiry & security code are blank. When I add them, it says `Tap Continue to request re-enablement`. There is no `Continue` button. Same bug on iOS & macOS. I can't remove the card and add it fresh because I have subscriptions. Can't just add it as it says it's already added. 🤦♂️</p><p>How does Apple make so much $?</p><p><a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://mastodon.social/tags/SecurityByIncompetence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityByIncompetence</span></a></p>
Dave Wood 🇨🇦<p>Are we in another mass Apple ID Reset? Or just me? Locked out of my account, and being forced to reset my password. Which it won't let me do because my iPhone isn't in a known location, at home, connected to my WiFi, like it is 99% of the time.</p><p><a href="https://mastodon.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://mastodon.social/tags/SecurityByIncompetence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityByIncompetence</span></a></p>
LilMikeSF<p>The highly competitive segmented <a href="https://c.im/tags/StreamingWars" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StreamingWars</span></a> will pick up this weekend as <a href="https://c.im/tags/AppleTV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleTV</span></a> opens the <a href="https://c.im/tags/paywall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>paywall</span></a> and lets in anyone with an <a href="https://c.im/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> see their <a href="https://c.im/tags/content" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>content</span></a> for <a href="https://c.im/tags/FreeTrial" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeTrial</span></a> for a couple daze. </p><p>Apple is proud of critically acclaimed series fare like <a href="https://c.im/tags/TedLasso" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TedLasso</span></a> and occasional exclusive TV windows for films like Emancipation, starring Will Smith which they paid over $100 million for. They produced Scorsese and DiCaprio's "Killers of the Flower Moon", but despite big bucks invested in content from name brand stars, less than 7% of US streaming service subscribers tune in, making them just 7th in the pack amongst services. </p><p>The Cupertino based behemoth has struggled to add subscribers at $9.99 per month ang lag far beyond the market leading <a href="https://c.im/tags/Netflix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Netflix</span></a>. To boost numbers <a href="https://c.im/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> recently began offering a bundled add on app subscription via <a href="https://c.im/tags/Amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amazon</span></a>, sharing revenues to gain a presence within Jeff Bezos <a href="https://c.im/tags/AmazonPrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AmazonPrime</span></a> streaming plans like <a href="https://c.im/tags/ContentProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ContentProvider</span></a> studio rivals <a href="https://c.im/tags/HBOMax" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HBOMax</span></a>, <a href="https://c.im/tags/MGM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MGM</span></a> & <a href="https://c.im/tags/Paramount" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Paramount</span></a> already had.</p><p> <br><a href="https://techcrunch.com/2024/12/30/apple-tv-will-be-free-to-stream-this-weekend/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2024/12/30/appl</span><span class="invisible">e-tv-will-be-free-to-stream-this-weekend/</span></a></p>
apfeltalk :verified:<p>Apple TV Plus Kostenfrei: Streame Dieses Wochenende Gratis<br>Apple TV Plus bietet dir vom 3. bis 5. Januar 2025 die Möglichkeit, seine gesamte Mediathek kostenlos zu streamen. Mit diesem Angebot möchte Apple den Jahresbeginn feiern und gleichze<br><a href="https://www.apfeltalk.de/magazin/news/apple-tv-plus-kostenfrei-streame-dieses-wochenende-gratis/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">apfeltalk.de/magazin/news/appl</span><span class="invisible">e-tv-plus-kostenfrei-streame-dieses-wochenende-gratis/</span></a><br><a href="https://creators.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://creators.social/tags/TV" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TV</span></a> <a href="https://creators.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://creators.social/tags/AppleTVPlus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleTVPlus</span></a> <a href="https://creators.social/tags/Filme" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Filme</span></a> <a href="https://creators.social/tags/ForAllMankind" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ForAllMankind</span></a> <a href="https://creators.social/tags/KostenloseSerien" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KostenloseSerien</span></a> <a href="https://creators.social/tags/MonarchLegacyOfMonsters" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MonarchLegacyOfMonsters</span></a> <a href="https://creators.social/tags/Severance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Severance</span></a> <a href="https://creators.social/tags/Silo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Silo</span></a> <a href="https://creators.social/tags/StreamingWochenende" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StreamingWochenende</span></a> <a href="https://creators.social/tags/Streamingdienste" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Streamingdienste</span></a></p>
adingbatponder<p>I am the organiser of family <a href="https://fosstodon.org/tags/icloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icloud</span></a> under <a href="https://fosstodon.org/tags/macos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macos</span></a> <a href="https://fosstodon.org/tags/ios" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ios</span></a>. Child left home & wants (I told them they want...) to have entirely their own <a href="https://fosstodon.org/tags/appleid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appleid</span></a> & their own separate iCloud service they pay for themselves. Do you have any tips on what to do, & what not to do, to ensure all their synchronised <a href="https://fosstodon.org/tags/iphone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iphone</span></a> and <a href="https://fosstodon.org/tags/macbookpro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macbookpro</span></a> data, and all other Apple <a href="https://fosstodon.org/tags/icloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icloud</span></a> data, is moved to their iCloud without loss & in a fail-safe manner? Thinking of involving <a href="https://fosstodon.org/tags/timemachine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>timemachine</span></a> but many apps have hidden library files. Thanx!</p>
Ch M[ae][iy]e?r 🇪🇺 🖤 🤍<p><span class="h-card" translate="no"><a href="https://mastodon.social/@kleibold" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kleibold</span></a></span> <br>damit sollte das ja auch im <a href="https://digitalcourage.social/tags/FediLZ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FediLZ</span></a> für Gesamtkonferenzbeschlüsse bezüglich verwendeter Software oder Lernplattformen (z.B. <a href="https://digitalcourage.social/tags/MS365" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MS365</span></a>, <a href="https://digitalcourage.social/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a>, <a href="https://digitalcourage.social/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a>, ...) gelten. 🤔 </p><p>"Wird den Beschäftigten keine echte Wahlmöglichkeit gegeben, [...], scheidet die Freiwilligkeit einer Einwilligung in die damit verbundene Datenverarbeitung regelmäßig aus."</p><p>Es sei denn, die Schule verwendet ausschließlich Software, Hardware und Dienste, die keinerlei persönlichen Daten zu "eigenen Zwecken" verarbeitet. Diese dürfte dann verpflichtend eingeführt werden.</p>
Blake Patterson<p>I am having some kind of iCloud problem that's driving me insane. If anyone has ideas, please share them.</p><p>A few days ago I sent an image through Messages on iOS to a group and got a "Not Delivered" marker next to it. Tried a few times -- same. I can click and send as SMS, and it goes through. I then noticed this same behavior happening on my Mac. </p><p>According to my phone, I am logged into my iCloud account. I then noticed an alert in Settings on iOS saying to "Update Apple ID Settings." So, I go to do so and see (image attached):</p><p>-- -- -- --<br>Update Apple ID Settings<br>Some account services required you to sign in again.</p><p>[Continue]<br>-- -- -- --</p><p>When I click continue, the waiting glyph spins for 2-3 seconds and then stops -- nothing happens. Over and over. Rebooting the phone (and on last reboot it picked up the latest iOS update) made no difference. </p><p>( Also I see my iCloud backup has not run in 2 weeks and I got a warning - so I clicked "Backup Now," which rebooted the phone... )</p><p>I then went to logout of iCloud and received a series of "enter password to logout of" this or that service, then finally warned about all data on the phone being deleted in so doing, choose what I want to retain, etc. </p><p>Christ. </p><p>Is there another path here other than the monumental event of logging out of iCloud with all the ramifications that come with? </p><p>Extremely aggravating. Thanks, anyone.</p><p><a href="https://oldbytes.space/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://oldbytes.space/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a> <a href="https://oldbytes.space/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://oldbytes.space/tags/error" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>error</span></a> <a href="https://oldbytes.space/tags/problem" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>problem</span></a> <a href="https://oldbytes.space/tags/issue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>issue</span></a> <a href="https://oldbytes.space/tags/bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bug</span></a> <a href="https://oldbytes.space/tags/help" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>help</span></a> <a href="https://oldbytes.space/tags/iOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iOS</span></a> <a href="https://oldbytes.space/tags/macOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macOS</span></a> <a href="https://oldbytes.space/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPhone</span></a> <a href="https://oldbytes.space/tags/Mac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mac</span></a></p>
〄<p>Long ago I created my first <a href="https://earth.law/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> ID. Almost as long ago I set up <a href="https://earth.law/tags/MobileMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileMe</span></a> which became a second <a href="https://earth.law/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a>. </p><p>Today I discovered a result: <br>- duplicative charges for Apple One Premier and iCloud & Music, adding to hundreds over the years and hundreds more for another family member’s Apple Music.<br>- there's STILL no way to merge Apple accounts. <br>- I can't simply abandon one account, because one has my Apple Card and the other has all my app purchases.</p><p>I may be an <a href="https://earth.law/tags/AppleFanboy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleFanboy</span></a> but this is BROKEN.</p>
chris@strafpla.net<p>Don‘t let that rant keep you from changing your <a href="https://mstdn.strafpla.net/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> / <a href="https://mstdn.strafpla.net/tags/ICloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICloud</span></a> password, I have way more than an average number of Apple devices, so I always find the corner cases. <br>Still there‘s a lack of a proper overview over the different authentication scenarios. I have for example no idea what powers registered email addresses or phone numbers have.</p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.social/@jpsachse" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jpsachse</span></a></span> : or when your account gets pwned and the attacker does a better job proving that they are you than you - after all, *they* have access to your account - while you do not.</p><p>🔸 ANDROID PASSKEY BLACK HOLE<br>*Or* when you press a button "Clear data" (at the bottom of <a href="https://chrome.google.com/sync" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">chrome.google.com/sync</span><span class="invisible"></span></a>) which is accompanied by the text:</p><p>« This will clear your Chrome data that has been saved in your Google Account. This might clear some data from your devices. »</p><p>For you to subsequently find out that ALL OF YOUR PASSKEYS on (all of) your Android device(s) are IRRETRIEVABLE GONE (I reported this to Google in June 2023 and published it 6 months later in <br><a href="https://seclists.org/fulldisclosure/2024/Feb/15" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">seclists.org/fulldisclosure/20</span><span class="invisible">24/Feb/15</span></a>). It's still unfixed.</p><p>🔸 WHY NO EXPORT AND NO BACKUP<br>W.r.t. being able to export and/or backup all private keys belonging to all of your passkeys: that's a big dilemma (depending on your POV).</p><p>The main (advertised, not taking into account a possibly desired vendor lock-in) reason is simple: if *you* have direct access to such private keys, *malware* running on your device does too.</p><p>The compromise is that they are automatically synced to your cloud account, and from there to other devices (of the same brand, provided they run an OS version that's not too old), including a new device if you brick or lose your old device.</p><p>However, if there's serious malware on your device, then, even if the malware authors cannot steal all of your passkeys (that is, their private keys), then you're toast anyway; a RAT such as AnyDesk may fool you into believing that you're logging in to website A while in fact it's B and they steal it's session cookie - and pwn the webaccount.</p><p>🔸 SYNCING PRIVATE KEYS<br>BTW it's hardly being discussed, but being able to synchronize secrets between secure hardware enclaves in such a way that *you* are denied access, is quite an achievement (considering that, if you buy a new phone, the only available secrets to the transport system are your definitely weak passcode, and your, potentially weak, cloud password that may be used to encrypt the private keys in transit).</p><p>I *know* that it's complicated because I accidentally found out around June 2023 that Android can get confused: passkeys *seem* to sync just fine, but passkeys created on phone 1 do not work on phone 2 and vice versa. Somehow the phones had started using *different* encryption keys used to securily synchronize them (I also mentioned that issue in my reports to Google in the summer of 2023, and I mention it in the FD (seclists.org) message).</p><p>I don't know how Apple syncs secrets in iCloud keychain, and neither whether a situation may exist where passkey's private keys sync but are unusable (like may happen when using Android).</p><p>🔸 APPLE'S OWN PASSKEY MISERY<br>However, Apple has got their own bunch of problems with passkeys being usable *without* requiring biometrics or a passcode to unlock them from iCloud Keychain, see <a href="https://infosec.exchange/@ErikvanStraten/113050312014160350" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113050312014160350</span></a> and follow-up (it gets worse every time I look at it) <a href="https://infosec.exchange/@ErikvanStraten/113053761440539290" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ErikvanStrat</span><span class="invisible">en/113053761440539290</span></a> (more details in earlier toots in that thread).</p><p>In short: if you don't use biometrics to unlock your iPhone or iPad (OR you do, but you have -unlikely- disabled a specific configuration setting), then anyone with access to your iDevice in an unlocked condition (*), can sign in to:<br><a href="https://appleid.apple.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">appleid.apple.com</span><span class="invisible"></span></a><br>and/or<br><a href="https://icloud.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">icloud.com</span><span class="invisible"></span></a><br>WITHOUT entering your passcode (or using biometrics).</p><p>(*) your child, spouse, someone you don't know (well) who borrows your phone to make a call (because their's battery is dead), NOTABLY including a thief who stole it while you were using it (or saw you type your passcode and can unlock it by themselves: <a href="https://youtu.be/QUYODQB_2wQ" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/QUYODQB_2wQ</span><span class="invisible"></span></a>).</p><p>I'm not sure yet, but this may even render Apple's anti-theft system totally moot.</p><p><span class="h-card" translate="no"><a href="https://hachyderm.io/@rmondello" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>rmondello</span></a></span> <span class="h-card" translate="no"><a href="https://iosdev.space/@johnbrayton" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>johnbrayton</span></a></span> <br><span class="h-card" translate="no"><a href="https://infosec.exchange/@agl" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>agl</span></a></span> </p><p><a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkeys</span></a> <a href="https://infosec.exchange/tags/WontFix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WontFix</span></a> <a href="https://infosec.exchange/tags/FullDisclosure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FullDisclosure</span></a> <a href="https://infosec.exchange/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://infosec.exchange/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a> <a href="https://infosec.exchange/tags/1FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1FA</span></a> <a href="https://infosec.exchange/tags/0FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FA</span></a> <a href="https://infosec.exchange/tags/0FAIfUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FAIfUnlocked</span></a> <a href="https://infosec.exchange/tags/0FAIfStolenUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FAIfStolenUnlocked</span></a> <a href="https://infosec.exchange/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwordless</span></a> <a href="https://infosec.exchange/tags/ItsByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ItsByDesign</span></a> <a href="https://infosec.exchange/tags/ItsSTUPIDITYByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ItsSTUPIDITYByDesign</span></a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloudKeychain</span></a> <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://infosec.exchange/tags/iDevices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iDevices</span></a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPhone</span></a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPad</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/GapingSecurityHole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GapingSecurityHole</span></a> <a href="https://infosec.exchange/tags/Ignorant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ignorant</span></a> <a href="https://infosec.exchange/tags/Ignorance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ignorance</span></a> <a href="https://infosec.exchange/tags/Convenience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Convenience</span></a> <a href="https://infosec.exchange/tags/ConvenienceOverSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ConvenienceOverSecurity</span></a> <a href="https://infosec.exchange/tags/ConvenienceVsSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ConvenienceVsSecurity</span></a> <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> <a href="https://infosec.exchange/tags/Passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passkey</span></a> <a href="https://infosec.exchange/tags/Sync" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sync</span></a> <a href="https://infosec.exchange/tags/SyncIssues" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SyncIssues</span></a> <a href="https://infosec.exchange/tags/WSJ" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WSJ</span></a> <a href="https://infosec.exchange/tags/JoannaStern" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JoannaStern</span></a> <a href="https://infosec.exchange/tags/Theft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Theft</span></a> <a href="https://infosec.exchange/tags/Thief" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Thief</span></a> <a href="https://infosec.exchange/tags/Thieves" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Thieves</span></a> <a href="https://infosec.exchange/tags/PhysicalAccess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhysicalAccess</span></a> <a href="https://infosec.exchange/tags/Biometrics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Biometrics</span></a> <a href="https://infosec.exchange/tags/TouchID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TouchID</span></a> <a href="https://infosec.exchange/tags/FaceID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FaceID</span></a> <a href="https://infosec.exchange/tags/Passcode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passcode</span></a> <a href="https://infosec.exchange/tags/UnlockScreen" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UnlockScreen</span></a> <a href="https://infosec.exchange/tags/ScreenUnlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScreenUnlock</span></a></p>
Erik van Straten<p>It's even WORSE than I thought.</p><p>If a miscreant steals your iPhone or iPad, either unlocked or after watching you enter its passcode, they may be able to access all of your data in iCloud and in your AppleID cloud settings using a browser - even if you configured Screen Time Restrictions to limit access to critical data.</p><p>Here's how (where it reads "Touch ID" replace that with "Face ID" if your iDevice isn't equipped with a fingerprint scanner);</p><p>1️⃣ Assuming that you've NOT configured biometrics to unlock your iPhone or iPad (OR you've turned off 'Settings' > 'Touch ID and Passcode' > 'Password Autofill'), and:</p><p>2️⃣ You open, for example using Safari,<br><a href="https://appleid.apple.com/sign-in" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">appleid.apple.com/sign-in</span><span class="invisible"></span></a><br>or<br><a href="https://icloud.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">icloud.com</span><span class="invisible"></span></a> and tap 'Sign in'<br>and:</p><p>3️⃣ You tap the (x) at the top right of the box that pops up at the bottom of the screen, and:</p><p>4️⃣ You tap in the field labeled "Email or phone number", and:</p><p>5️⃣ At the bottom of the screen, in the light gray box reading "Sign in to apple.com with your saved passkey?", you tap the blue button that reads:</p><p> Use "<your icloud.com email address>"</p><p>then the browser you're using is logged in to your AppleID account or to your iCloud account respectively.</p><p>🔓Consequences<br>In your Apple ID account, you (or an attacker who does this) can see all -and edit most- of your account details. I've not tested it but they may now be able to lock *you* out of your account.</p><p>In your iCloud account they can choose 'Locate device' and disable *any other* iDevice you may have.</p><p>💥 This is *even* true if you've configured "Screen time" restrictions in such a way [1] that a thief of your iDevice, who succeeds in unlocking it's screen (*), CANNOT view your account details ar the top of 'Settings', while it even fully hides the 'Touch ID and Passcode' submenu entry in 'Settings'.</p><p>(*) For example, after they watched you enter your passcode (see WSJ's Joanna Stern's video's that I referred to in my previous toot) - OR IF THEY SIMPLY STOLE IT FROM YOU IN AN UNLOCKED STATE!</p><p>[1] <a href="https://www.ghacks.net/2024/01/31/how-to-block-account-changes-on-iphone-using-screen-time/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">ghacks.net/2024/01/31/how-to-b</span><span class="invisible">lock-account-changes-on-iphone-using-screen-time/</span></a></p><p>🛟 Mitigations<br>Screen Time Restrictions [1] *does* seem to add an extra defensive layer, albeit probably insufficient.</p><p>After enabling it (note that it takes about a minute or so before all protections are actally in place, so be patient), when logged in to your Apple ID account using a browser, doing most (if not all) things labeled 'Continue on device...' do not work (no notification will be received by the iDevice). However, an attacker can probably still wreak havoc.</p><p>It's best to configure biometrics EVEN if you don't intend to use it to unlock your iDevice(s).</p><p>Note: personally I've configured only my pinky finger to unlock the screen of my iPhone SE2. One advantage is that I can unlock my iPhone in public places without (most of the times) having to enter my screen unlock passcode.</p><p>IMPORTANT: after configuring biometrics, confirm that 'Settings' > 'Touch ID and Passcode' > 'Password Autofill' is ON.</p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@webhat" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>webhat</span></a></span> <br><span class="h-card" translate="no"><a href="https://hachyderm.io/@rmondello" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>rmondello</span></a></span> </p><p><a href="https://infosec.exchange/tags/FullDisclosure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FullDisclosure</span></a> <a href="https://infosec.exchange/tags/AppleID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppleID</span></a> <a href="https://infosec.exchange/tags/iCloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloud</span></a> <a href="https://infosec.exchange/tags/1FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1FA</span></a> <a href="https://infosec.exchange/tags/0FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FA</span></a> <a href="https://infosec.exchange/tags/0FAIfUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FAIfUnlocked</span></a> <a href="https://infosec.exchange/tags/0FAIfStolenUnlocked" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0FAIfStolenUnlocked</span></a> <a href="https://infosec.exchange/tags/Passwordless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Passwordless</span></a> <a href="https://infosec.exchange/tags/ItsByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ItsByDesign</span></a> <a href="https://infosec.exchange/tags/ItsSTUPIDITYByDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ItsSTUPIDITYByDesign</span></a> <a href="https://infosec.exchange/tags/iCloudKeychain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iCloudKeychain</span></a> <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apple</span></a> <a href="https://infosec.exchange/tags/iDevices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iDevices</span></a> <a href="https://infosec.exchange/tags/iPhone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPhone</span></a> <a href="https://infosec.exchange/tags/iPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iPad</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/GapingSecurityHole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GapingSecurityHole</span></a> <a href="https://infosec.exchange/tags/Ignorant" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ignorant</span></a> <a href="https://infosec.exchange/tags/Ignorance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ignorance</span></a> <a href="https://infosec.exchange/tags/Convenience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Convenience</span></a> <a href="https://infosec.exchange/tags/ConvenienceOverSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ConvenienceOverSecurity</span></a> <a href="https://infosec.exchange/tags/ConvenienceVsSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ConvenienceVsSecurity</span></a></p>
Expert Plus 🍀🔱<p>I got an iPhone 5C. Wanted to try <span class="h-card" translate="no"><a href="https://moth.social/@mammoth" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mammoth</span></a></span> . Apparently it requires an account .</p><p>Dear Apple users! How on the fucking Earth did you created an account (Apple ID) ??????????</p><p>Apparently, no matter what I try, Apple doesn't lets me to create an account on iPhone 5C nor on its web version.</p><p>I want to try an iPhone . Never tried one in my life.</p><p>But such treatment from Apple quite dissapoints me.</p><p>I know it's a stupid question, but how do I create a freakin account on Apple's website ??????????</p><p><a href="https://mementomori.social/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> <a href="https://mementomori.social/tags/apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apple</span></a> <a href="https://mementomori.social/tags/appleid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appleid</span></a></p>
iA Writer Tips and Tricks
Want to install iA Writer for Mac on a new device? Your license is linked to your Apple ID, so you should see it in the App Store.
If you can’t find your purchase, here’s what might have happened:
1. You’re on a different Apple ID or region
3. You got iA Writer for iPad
5. You accidentally hid the app
6. The App Store forgot your purchase
Find out more on our Support pages: https://ia.net/writer/support/help/faq?tab=mac#app-store-faq-mac
iAFAQ – iABelow are answers to common questions. Everyone is special, but most questions that we get overlap.
Just a wee little change.
Apple IDs are becoming Apple Accounts
https://www.theverge.com/2024/6/11/24176140/apple-ids-accounts-wwdc-2024
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload