privacy

Apple Hide My Email Vulnerability Exposes Real Email Addresses

A vulnerability in Apple's Hide My Email service, first reported in June 2025, can expose users' real email addresses behind generated aliases, and Apple has yet to fix the issue despite ongoing investigation. The flaw was confirmed to be exploitable in all tested cases, raising concerns about user privacy since exposed email addresses can be linked to personal information via public people-search databases. Apple has stated a fix is expected soon but has not suspended new alias creation or fully resolved the problem more than a year after its discovery.

https://www.macrumors.com/2026/07/01/hide-my-email-vulnerability-exposes-real-addresses/

Apple Is About to Make Hide My Email Useless

Apple has announced that Sign in with Apple and iCloud+ Hide My Email aliases will now use the @private.icloud.com domain, making it easier for services to block these aliases without affecting regular iCloud mailboxes. This change could reduce the effectiveness of Hide My Email for privacy, as many services may start rejecting these new aliases similarly to temporary email addresses.

https://arseniyshestakov.com/2026/06/16/apple-is-about-to-make-hide-my-email-useless/

Apple Adds Keylogger to iOS App Store for Targeted Advertising: Tied to Your Account and Unencrypted

Apple has introduced extensive analytics in the iOS App Store that record every user tap and keystroke to enable personalized recommendations and targeted advertising. This data, reportedly stored unencrypted and tied to user accounts, is sent to Apple, raising privacy concerns given Apple's previously strong stance on user privacy. However, some analysis suggests the data transmission may be encrypted via SSL, leaving details of the practice and its scope somewhat unclear.

https://www.osnews.com/story/145322/apple-adds-keylogger-to-ios-app-store-for-targeted-advertising-tied-to-your-account-and-unencrypted/

GitHub – Mysk-Research/loupe: a Privacy-Focused iOS App That Raises Awareness About What Native Apps Can See

Loupe is a privacy-focused iOS and iPadOS app that reveals the types of device information accessible to native apps through public iOS APIs, demonstrating how this data collectively creates a device fingerprint for tracking. It categorizes data access into passive (no prompt), permission-based, and advanced side-channel signals, showing users exactly what their device exposes without sending any data off-device. The app is open source, built mainly using AI coding tools, and aims to raise awareness about app tracking practices on Apple devices.

https://github.com/mysk-research/loupe

Just the Browser

Just the Browser removes unwanted AI features, telemetry, and sponsored content from popular desktop browsers, offering a streamlined experience. It provides configuration files, installation scripts, and documentation for Chrome, Edge, and Firefox, all open-source on GitHub. Users can easily set it up via scripts or manual guides and receive updates through an RSS feed. While it modifies browser settings, it doesn't install ad blockers or affect DNS features. The project aims to enhance mainstream browsers' usability without compromising their advantages.

https://justthebrowser.com/

How I Block All Online Ads

User shares methods to block online ads comprehensively, detailing tools like browser extensions (e.g., uBlock Origin), DNS filtering (e.g., Pi-hole), and a cloud VPN for additional ad resistance. The user emphasizes the importance of balancing ad blocking with supporting content creators. Personal experience notes significant ad reduction using these methods across various platforms.

https://troubled.engineer/posts/no-ads/

Scroll to Top