Eén van de erg handige dingen om in macOS makkelijk met veel vensters te werken is altijd Mission Control geweest. In Ventura zijn de instellingen daarvoor te vinden op een nogal onlogische plek, namelijk in Systeeminstellingen → Bureaublad en dock.
In deze nieuwe Systeeminstellingen is sowieso nogal wat ‘bij elkaar geveegd’, waar...
Lees verder...
De Oceanic+-app is vanaf vandaag verkrijgbaar voor Apple Watch Ultra en verandert het meest robuuste horloge van Apple in een gebruiksvriendelijke duikcomputer met alle benodigde functionaliteit. De Oceanic+-app voor Apple Watch Ultra is in samenwerking met Apple door Huish Outdoors ontworpen en is bedoeld…
De uitzendrechten van de Nederlandse voetbalcompetitie liggen op straat. Apple lijkt een van de grote kanshebbers om de Eredivisie op te kopen. Maar Apple en voetbal? Past dat wel bij… Lees verder op iPhoned
Anker's popular Eufy-branded security cameras appear to be sending some data to the cloud, even when cloud storage is disabled and local only storage settings are turned on. The information comes from security consultant Paul Moore, who last week published a video outlining the issue.
According to Moore, he purchased a Eufy Doorbell Dual, which was meant to be a device that stored video recording on device. He found that Eufy is uploading thumbnail images of faces and user information to its cloud service when cloud functionality is not enabled.
Moore demonstrates the unauthorized cloud uploading by allowing his camera to capture his image and turning off the Eufy HomeBase. The website is still able to access the content through cloud integration, though he had not signed up for cloud service, and it remains accessible even when the footage is removed from the Eufy app. It's important to note that Eufy does not appear to be automatically uploading full streaming video to the cloud, but rather taking captures of the video as thumbnails.
The thumbnails are used in the Eufy app to activate streaming video from the Eufy base station, allowing Eufy users to watch their videos when away from home, as well as for sending rich notifications. The problem is the thumbnails are uploaded to the cloud automatically even when the cloud functionality is not active, and Eufy also seems to be using facial recognition on the uploads. Some users have taken issue with the unauthorized cloud uploads because Eufy advertises local-only service and has been popular among those who want a more private camera solution. "No Clouds or Costs," reads the Eufy website.
Moore suggests that Eufy is also able to link facial recognition data collected from two separate cameras and two separate apps to users, all without camera owners being aware.
Other Eufy users responded to Moore's tweet and saw the same thing happening, and there is also a dedicated Reddit thread on the subject. Moore tested the Eufy doorbell camera, but this also appears to be how other Eufy cameras function. As Moore demonstrates, the images can be accessed with simple URLs after logging in, which is a potential security risk for those concerned. Eufy did remove the background call that reveals the stored images after Moore's tweet, but did not remove the footage.
Moore received a response from Eufy in which Eufy confirmed that it is uploading event lists and thumbnails to AWS, but said the data is not able to "leak to the public" because the URL is restricted, time limited, and requires account login.
There is also another issue that Moore has highlighted, suggesting Eufy camera streams can be watched live using an app like VLC, but little information on the exploit is available at this time. Moore said that unencrypted Eufy camera content can be accessed without authentication, which is alarming for Eufy users.
Ah well, the cats out the bag now... so may as well tell you.
You can remotely start a stream and watch @EufyOfficial cameras live using VLC. No authentication, no encryption.
Please don't ask for a PoC - I can't release this one.
We've contacted Anker for additional comment on the Eufy issue and will update this article if we hear back. Moore said that he has been in touch with Eufy's legal department and will give them time to "investigate and take appropriate action" before he comments further.
A man claiming to work for Apple prior to 2010 is sharing what he calls the "dirty secrets" about the company — but as you'd expect it is just conspiratorial nonsense. Here's why, and why we know.
iPhone System Storage isn't planned obsolescence
One TikTok video shared by user @nabeel_co got 2.8 million views and counting, claiming that Apple used "System Data" storage on iPhone as a planned obsolescence tactic. This has no basis in reality.
iPhone System Storage isn't planned obsolescence