Do you use email encryption at all? macOS 10.13.4 update may help

Fuller details have now been published about the EFAIL vulnerabilities in PGP and S/MIME email encryption, at the […]

Do you use PGP/GPG and S/MIME email encryption? They’re vulnerable (updated)

A major vulnerability has been revealed, and will be detailed very shortly, affecting mail encryption using PGP/GPG and […]

APFS encryption, ghost guest users, and odd UUIDs

Has someone hacked into your encrypted drive already, or is this another security vulnerability in High Sierra?

Last Week on My Mac: Insights through a vulnerability

High Sierra 10.13.4 may have stopped leakage of APFS encryption passphrases, but that is only a small part of an accident chain going back many years.

Encryption passphrases are still left in logs: how Apple abuses its unified log

I wrote yesterday that macOS High Sierra 10.13.4 finally fixes the leakage of APFS encryption passphrases into the […]

macOS High Sierra 10.13.4 fixes APFS encryption password disclosure bug

The latest update to High Sierra, bringing it to 10.13.4, does fix the bug discovered by Sarah Edwards […]

Last Week on My Mac: Should Apple have warned users of a vulnerability?

Did Apple keep quiet for more than 3 months about the leak of encryption passphrases into High Sierra’s log files?

macOS High Sierra 10.13.3 still leaks encryption passwords in plain text

I previously described a serious vulnerability in macOS High Sierra versions to 10.13.1 which was discovered by Sarah […]

Is the unified log private, or a vulnerability?

How good is the new unified log’s privacy? Does it live up to Apple’s goal of designing privacy into the system, or is it easily beaten? And how did passwords leak into the log?

Another gaping security hole in High Sierra APFS disk encryption (updated)

Congratulations to Sarah Edwards for unearthing a security vulnerability in macOS 10.13 High Sierra, in which copies of […]