Security, Spoken

At Apple's Worldwide Developers Conference on Monday, the company debuted a slew of products and services, including a new Mac Pro that's part raw computing power, part cheese grater. But one new feature, mentioned in passing, could have an outsized impact on user security and privacy for years to come. Apple now has its own single-sign-on scheme—and it's a major reimagining of how such a mechanism can work. You've seen single-sign-on before, even if you don't use it. Learn about your ad choices: dovetail.prx.org/ad-choices

When Apple executive Craig Federighi described a new location-tracking feature for Apple devices at the company's Worldwide Developer Conference keynote Monday, it sounded—to the sufficiently paranoid, at least—like both a physical security innovation and a potential privacy disaster. Learn about your ad choices: dovetail.prx.org/ad-choices

Apple (the company) is rolling out a new sign-on feature, the Big Apple (the city) is pushing a groundbreaking privacy law, and Hot Wheels cars are being put to the test. Here's the news you need to know, in two minutes or less. Today's Headlines New York is set to pass a landmark privacy law Just last week, California passed a historic privacy bill that gave people the power to know how their data was being shared, and the ability to request changes or stop sharing it all together. Learn about your ad choices: dovetail.prx.org/ad-choices

Two hours into his keynote at Apple’s Worldwide Developer's Conference last June, senior vice president Craig Federighi revealed a new privacy feature in MacOS Mojave that forces applications to ask the user if they want to "allow" or "deny" any request to access sensitive components and data, including the camera or microphone, messages, and browsing history. The audience dutifully applauded. Learn about your ad choices: dovetail.prx.org/ad-choices

In 1999, Apple released a slew of new features with Mac OS 9, calling it "the best internet operating system ever." The idea was to unlock the full potential of the turquoise plastic iMac G3—the Internet Mac!—released in 1998. But 12-year-old Joshua Hill didn't have an iMac. To take advantage of all the new connectivity from his parents' mid-'90s Mac Performa, he needed a modem that would plug into the computer through one of its chunky "serial" ports. Learn about your ad choices: dovetail.prx.org/ad-choices

Returning to work after a long weekend is always rough—especially if you have to deal with a looming worm attack or yet another disinformation operation on your networks! Which was the case in the security world this week. Despite dire warnings and an urgent update issued from Microsoft, customers are taking too long to patch a critical vulnerability that still remains in approximately 900,000 Windows computers. Learn about your ad choices: dovetail.prx.org/ad-choices

One of the most difficult things about detecting manipulated photos, or "deepfakes," is that digital photo files aren't coded to be tamper-evident. But researchers from New York University's Tandon School of Engineering are starting to develop strategies that make it easier to tell if a photo has been altered, opening up a potential new front in the war on fakery. Learn about your ad choices: dovetail.prx.org/ad-choices

Two weeks have passed since Microsoft warned users about a critical vulnerability in a common Windows protocol that could enable a hacker to remotely take over machines without even a click from their owners, potentially allowing an infectious worm to rip through millions of PCs. That bug might be fading from the headlines, but it still lingers in at least 900,000 computers. Learn about your ad choices: dovetail.prx.org/ad-choices

After years of issues with rogue Chrome extensions, hijacks, and malware, Google announced a slew of new policies Thursday to ensure the little browser applets are secure. The improvements come as part of a wider company push to evaluate how much user data third-party applications can access. Google launched the audit, known as Project Strobe, in October alongside an announcement that Google+ had suffered data exposures and would be shuttered. Learn about your ad choices: dovetail.prx.org/ad-choices

Last August, researchers from the threat intelligence firm FireEye uncovered a vast social media influence campaign, conducted by a network of inauthentic news outlets and fake personas with ties to Iran. Their findings were a stark reminder that these kinds of tactics aren't limited to Russia. Now FireEye has published a sequel of sorts, documenting the evolving methods of disinformation actors are using across social media platforms and other outlets to promote Iranian interests online. Learn about your ad choices: dovetail.prx.org/ad-choices