Lightnews — Scholar-powered news

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 23h

If you think you might be targeted by sophisticated cyber attacks, it is fair to say that you should refrain from using your encrypted messaging apps on your Mac

2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 23h

Holy smoke 🤯 This bug has led us to gain access to any app's Keychain entries on macOS. 🤯🤯🤯🤯🤯🤯
Still, no time to report it to Apple yet

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 14d

🏜️🎁 We accidentally found a security flaw in macOS Tahoe and earlier

An attacker can trick a user into performing a simple yet common action that breaks the sandbox protection of any file (e.g iMessage database and Safari browsing data) giving any application permanent access to the target file

1 2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 9d

Is it just me, or does the Mail app on iOS 26 in the year 2025 A.D. does not have the option to set the “Reply To” field in an email?

3

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 12d

Psylo 1.0.6 with Liquid Glass is out now!

Psylo: Privacy Browser & Proxy @psylo.app · 12d

Psylo 1.0.6 is out now! A little late to the Liquid Glass party, but maybe fashionably late? 😬

This update mainly brings iOS 26 support with Liquid Glass, along with a redesigned navigation bar. Below are the full release notes.

1

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 14d

Of course, we’re still investigating and won’t reveal the details until we report it to Apple. Though it shocked us that such a simple action can have such an effect on the sandbox.

2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 14d

🏜️🎁 We accidentally found a security flaw in macOS Tahoe and earlier

An attacker can trick a user into performing a simple yet common action that breaks the sandbox protection of any file (e.g iMessage database and Safari browsing data) giving any application permanent access to the target file

1 4

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 18d

The first hit from Wikipedia has the correct answer, but Gemini's wrong answer has to be shown first and occupy most of the screen because AI is cool

screenshot of searching for the term "latest macos" in Google. Gemini generative result is shown first occupying most of the screen. Gemini says it is Version 15 whereas the first hit from Wikipedia is shown far away. It holds the correct answer: Version 26

4

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 20d

🚨 iMessages in iOS 26 leaks the sender's keyboard language when sending reactions to devices with iOS 17 or older, and Android phones via RCS! 😱

#privacy #Apple #iOS26

1 3

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 25d

Apple started to proxy requests to Google's safe browsing service in iOS 14.5. This was done to prevent leaking IP addresses to Google. Is it a bug? Or Apple stopped hiding our IPs from Google in iOS 26?

thehackernews.com/2021/02/appl...

Apple will proxy Safe Browsing requests to hide iOS users' IP from Google

Apple to make fraudulent website warning more private by proxying iOS 14.5 users IP address.

thehackernews.com

3

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 25d

Why do all browsers in iOS 26 communicate with this Google service? Has Apple changed how safe websites are downloaded?
Psylo tunnels all connections via our proxy servers to prevent IP leaks. How are these calls made? Does Google see the real IP?

#Privacy #Apple #iOS26

1 1 4

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 27d

iOS 26, about 15 hours remaining 🐌

2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · 28d

This happens when the #security team doesn't sync with the #UI team. 😅
The code that Instagram sent was alphabetical, but the UI in the app showed a numpad and only allowed numeric input.

4

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 11

In the official announcement "on-device AI model" was only used in the workout section. Yikes!

www.apple.com/newsroom/202...

1

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 11

Bluesky doesn't even support 2FA with an authenticator app. 🙈

3

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 11

Live Translation with AirPods is not going to be available in the EU. This means that it doesn't use on-device AI model and the microphones forward everything to remote servers 🤯

#Apple #privacy

Apple Intelligence: Live Translation with AirPods
Live Translation with AirPods is not available if you are in the EU and your Apple Account Country or
Region is also in the EU
English (United Kingdom)
English (United States)
French (France) - not available in the EU
German (Germany) - not available in the EU
Portuguese (Brazil)
Spanish (Spain) - not available in the EU

1 3

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 10

Ready for iOS 26 with Liquid Glass? Doing our best to be ready for next week September 15

Here’s a sneak peek at our current progress 💦🔎
#iOS26 #LiquidGlass

1 2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 10

As Psylo is the only #iOS browser that opens App Store links anonymously in the web, the review link below will open in the web view. Copy the link and paste it in another browser. It should take you to the App Store to rate Psylo 🙏

Psylo: Privacy Browser & Proxy @psylo.app · Sep 10

Love Psylo? We really appreciate sharing your experience in a review! Your feedback helps Psylo climb the App Store search results. We intentionally don’t prompt for ratings in the app to keep it user-friendly. Leave your review here: 🙏

apps.apple.com/app/id674135...

‎Psylo: Private Browser & Proxy

‎INTRODUCING PSYLO A new kind of private browser by Mysk, renowned privacy and security researchers. BROWSE THE WEB IN SILOS - True Tab Isolation: Every tab is its own “silo” with separate storage...

apps.apple.com

1

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 10

🚨Psylo is impacted by Proton VPN technical difficulties. We have disabled Proton VPN in the Mysk Private Proxy Network at the moment.
Psylo proxies can work without Proton VPN exit nodes.

status.proton.me

Proton Services Status

Welcome to Proton Services's home for real-time and historical data on system performance.

status.proton.me

1 1

Reposted by Mysk 🇨🇦🇩🇪

Zack Whittaker @zackwhittaker.com · Sep 9

I asked Plex a bunch of questions about its data breach of user account information, but the company wouldn't say why it hasn't force-reset its users' passwords and is instead asking users to do it. The company also hasn't explained how (and to what extent) it scrambled those passwords.

Plex urges users to change passwords after data breach | TechCrunch

Plex said that it was aware of a security incident involving the theft of Plex customer account information, including user names, email addresses, scrambled passwords, and unspecified authentication ...

techcrunch.com

3 9

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 9

No thanks, I won’t get the app.

Native apps can track and fingerprint you more easily. Use the web version in a privacy-protecting browser that obfuscates common fingerprinting markers, and completely isolates it from other websites.

If only there was such a browser… 🤔

1 5

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 9

iPhone 17 Pro’s website doesn’t have the option to compare against iPhone 16

So they’re not catering to people who upgrade their iPhone every year 😬

1 1 4

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 9

Psylo is the only browser or app that lets you open websites from different countries at the same time without having to switch connections.
#privacy

1 4

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 9

What a productive day! I accidentally time-traveled to the year 2076, created an Excel sheet, and returned. But that's not the puzzling part. I still can't believe that an Excel file can be so backward compatible.

Screenshot of MS Excel

Document Recovery
Excel has recovered the following files.
Version created last time the user saved the file
29/11/2076 10:54

2

Mysk 🇨🇦🇩🇪 @mysk.bsky.social · Sep 9

Nothing new. Facebook is begging for pics on Threads to train their AI model on.

2

Reposted by Mysk 🇨🇦🇩🇪

Psylo: Privacy Browser & Proxy @psylo.app · Sep 8

Psylo network doesn't have obfuscated servers, making it easy to block. To overcome this, use Psylo with a VPN that offers obfuscation, such as Proton or Mullvad. This allows you to connect to Psylo's proxy servers through the VPN, making silos work as expected.

#privacy

Screenshot of adding a new silo in Psylo. The proxy country is set to the US

1 4