software engineer may have discovered serious macos privacy concern

Engineer Matt Hodges posted a Twitter thread about an issue he found on macOS. According to him, not only does the Mac operating system actively scan images in the background, but when these images are QR Codes that point to an URL, macOS is decoding them, and requesting the URL. As a company that talks about “privacy as a fundamental right,” this raises the question of whether this is “just a bug” or intended by Apple.

According to Hodges, he was “playing with Canary Tokens,” which lets you create a digital artifact such as a file, URL, or QR Code, and if someone interacts with it, you get an alert, and discovered this macOS issue. He explains how he discovered this:

When you make a QR code canary token, the service points the code to some placeholder website, and when that website is fetched, they send you an email with details like IP address and User Agent that scanned the code. Here’s one that emails example@example.com when scanned.

He decided it had no use for him and just “let it sit in my Downloads Folder.” Then, he got “a flurry of emails saying it had been triggered.” With that, he discovered that what was triggering the QR Code was his own IP, and the User Agent was from an AppleKit tool from macOS. He writes:

So macOS is background scanning all the images on my computer. I’m not totally shocked — they do all that face tagging and magic cat-breed identification now. But they’re also 1) decoding QRs & 2) requesting random URLs! That seems like both a privacy and a security problem.

While Apple scanning images in the background is not a big deal since it uses that to detect objects and classify them within the Photos app – Apple says this part is end-to-end encrypted –, it’s not usual for the company to read, decode, and check the QR Code content without user’s consent.

Fortunately, according to another Twitter user, this issue is only Mac-related and does not affect the iPhone.

BGR reached out to Apple and asked for a comment on if this is a known issue and if macOS should behave this way. We’ll update the story once we hear from the company.

Well this is something … I think I just discovered that macOS is background scanning images on my computer and, when those images are QR codes that point to URLs, it's decoding the codes and requesting the URL… 1/

— Matt Hodges (@hodgesmr) October 5, 2022

More Apple news: This new iOS 16 feature is so useful, but no one knows about it

TECH NEWS RELATED

iPhone is not as secure as Apple claims

Data privacy has long been a priority for Apple. But, two developers have provided new information that calls into doubt the iOS privacy statement. It turns out that the Cupertino giant’s claims are not always accurate. iPhone gathers owner information The Directory Service Identifier, or DSID for short, is at ...

View more: iPhone is not as secure as Apple claims

Google's Project Zero Team warns of gap in Android Security updates

Representative image. Google’s team of security researchers called Project Zero has said Android models from various manufacturers are vulnerable to flaws that are now months old. Security researcher Jann Horn found five exploitable vulnerabilities in the ARM Mali GPU driver, and they affected all Android smartphones with a Mali GPU. ...

View more: Google's Project Zero Team warns of gap in Android Security updates

100+ Amazon Black Friday Deals Still Going Strong Ahead of Cyber Monday

Amazon has switched focus to Cyber Monday, but most of its Black Friday deals are still up for grabs.

View more: 100+ Amazon Black Friday Deals Still Going Strong Ahead of Cyber Monday

Best Cyber Monday Headphones and Earbuds Deals: Save Big on AirPods, Sony, Bose, Jabra and More

Looking for the best Cyber Monday 2022 headphones and earbuds deals? These are our top picks for the best offers available right now.

View more: Best Cyber Monday Headphones and Earbuds Deals: Save Big on AirPods, Sony, Bose, Jabra and More

70% gamers in India prefer PC gaming over mobile phone, finds HP India study

HP Pavilion Aero 13-be0205AU Smartphone makers better watch out. According to a new study conducted by PC maker HP, 70 percent of Indian gamers prefer gaming on a personal computer rather than a mobile phone. The large percentage skew is due to three main factors. A PC offers more ...

View more: 70% gamers in India prefer PC gaming over mobile phone, finds HP India study

5G rollout to be faster in India, gears from neighbouring countries need more checks: Nokia India

(Image: News18 Creative) India is going to record the fastest 5G rollout in the world and it is going to have the biggest success of the next -generation telecom service with the support of the government, a senior Nokia India official said. While speaking at an event organised by ...

View more: 5G rollout to be faster in India, gears from neighbouring countries need more checks: Nokia India

YouTube: a big increase in the number of paid subscribers

Over 80 million people have subscriptions to YouTube Premium and YouTube Music as of September 2022. It’s a good number for the Google platform on its way to make its goals. Teams from YouTube are rubbing their hands. Lyor Cohen, the head of YouTube Music, said that there were now ...

View more: YouTube: a big increase in the number of paid subscribers

Five key decisions at global wildlife summit

Sharks were the star of the CITES summit Panama, which approved the protection of more than 50 species. A global wildlife summit that ends Friday passed resolutions to protect hundreds of threatened species, including sharks, reptiles, turtles as well as trees. Here are some highlights of the two-week meeting ...

View more: Five key decisions at global wildlife summit

Costa Rica crocodiles survive in 'most polluted' river

US FCC bans sales, import of Chinese tech from Huawei, ZTE

NASA's Orion capsule enters far-flung orbit around moon

From Meta to Zomato, how India's new online review rules will impact industry

IPO-bound Oyo reports EBITDA of Rs 56 crore in Q2 as per financials submitted to Sebi

Elon Musk has plans to make a smartphone but only if…

ONDC is actively engaging with brands, says DIF head Arvind Gupta

WhatsApp is working on the ability to share voice notes as status updates

Elon Musk says he will make 'alternative' phone if Twitter removed from app stores

Tencent to face ByteDance’s Moonton in court over video game infringement allegations amid a years-long feud

Three female scientists receive L’Oreal-UNESCO awards

Gamitronics partners with Canadian gaming major Big Viking Games for global expansion

OTHER TECH NEWS

Top Car News Car News