We recently upgraded OpenSSL from version 1.1.1 to 3.4.0. After this upgrade, we observed that PKCS#12 files generated using OpenSSL 3.4.0 fail to import into the macOS Keychain with the following error: Failed to import PKCS#12 data: -25264 (MAC verification failed during PKCS12 import (wrong password?)) This issue is reproducible on macOS 14.8.2. The same PKCS#12 files import successfully on other macOS versions, including 15.x and 26.x. Additionally, PKCS#12 files that fail to import on macOS 14.8 work correctly when copied and imported on other macOS versions without any errors. PKCS#12 Creation The PKCS#12 data is created using the following OpenSSL API: const char* platformPKCS12SecureKey = _platformSecureKey.has_value() ? _platformSecureKey.value().c_str() : NULL; PKCS12* p12 = PKCS12_create( platformPKCS12SecureKey, NULL, keys, _cert, NULL, 0, 0, 0, 0, 0 ); if (!p12) { throw std::runtime_error("Failed to create PKCS#12 container"); } PKCS#12 Import The generated PKCS#12 data is imported into the macOS Keychain using the following code: NSString *certPassKey = [NSString stringWithUTF8String:getCertPassKey()]; NSDictionary *options = @{ (__bridge id)kSecImportExportPassphrase: certPassKey, (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly, (__bridge id)kSecAttrIsExtractable: @YES, (__bridge id)kSecAttrIsPermanent: @YES, (__bridge id)kSecAttrAccessGroup: APP_GROUP }; CFArrayRef items = NULL; OSStatus status = SecPKCS12Import( (__bridge CFDataRef)pkcs12Data, (__bridge CFDictionaryRef)options, &items );

this is my monitor image that shows DeviceCheck api responding very slowly.

I’d like to submit a feature request regarding the availability of Foundation Models in MessageFilter extensions. Background MessageFilter extensions play a critical role in protecting users from spam, phishing, and unwanted messages. With the introduction of Foundation Models and Apple Intelligence, Apple has provided powerful on-device natural language understanding capabilities that are highly aligned with the goals of MessageFilter. However, Foundation Models are currently unavailable in MessageFilter extensions. Why Foundation Models Are a Great Fit for MessageFilter Message filtering is fundamentally a natural language classification problem. Foundation Models would significantly improve: Detection of phishing and scam messages Classification of promotional vs transactional content Understanding intent, tone, and semantic context beyond keyword matching Adaptation to evolving scam patterns without server-side processing All of this can be done fully on-device, preserving user privacy and aligning with Apple’s privacy-first design principles. Current Limitations Today, MessageFilter extensions are limited to relatively simple heuristics or lightweight models. This often results in: Higher false positives Lower recall for sophisticated scam messages Increased development complexity to compensate for limited NLP capabilities Request Could Apple consider one of the following: Allowing Foundation Models to be used directly within MessageFilter extensions Providing a constrained or optimized Foundation Model API specifically designed for MessageFilter Enabling a supported mechanism for MessageFilter extensions to delegate inference to the containing app using Foundation Models Even limited access (e.g. short text only, strict execution limits) would be extremely valuable. Closing Foundation Models have the potential to significantly raise the quality and effectiveness of message filtering on Apple platforms while maintaining strong privacy guarantees. Supporting them in MessageFilter extensions would be a major improvement for both developers and users. Thank you for your consideration and for continuing to invest in on-device intelligence.

Hello! Few month ago i did get hacked on my pc and then my android and iphone. Did get at notice that payments couldent draw. lucky I only had 240kr on lunar card that it did draw 200kr to a gift card. Did get mail from skrill that a account whas created with one of my Gmail’s. Tryed to log them out but window did keep close. Gmail did flag like crazy and wanted me to change pw. how the fuck when I lost control of my phone?!?!??! Just lock it god Damn. let’s make it short! I shared network to pc from my phone With usb. I don’t just think it whas a attacker program as Gmail did flag. I think I did get mirror linked on my android and maybe my iphone. Had a real struggle to reset my pc and phones before it worked. My iPhone drains battery like crazy and feels laggy sometimes. A non registered number whas added to two Gmail’s that they did try to change pw multiple times. did notice I Linux pc activity on my fb and some other stuff. My iphone do reboot still sometimes and every second reboot wifi/bluet can’t be activated and mobile share change pw as the original one did look. Next reboot all work and are the same again. Iam scared that iam still hacked or havent removed him from everything. How can I make sure that Iam still not mirror linked and that he or she can’t access anything? Sorry for the long text but iam scared as fuck.

I am using SFAuthorizationPluginView in my Security agent plugin. My code expects that its willActivate method be called. With normal screensaver unlock, this works fine. However if I enter an invalid password, then enter the correct password, I never get the willActivate call. I have reproduced this with Quinn's LoginUIAuthPlugin from the QAuthPlugins example code. My mechanisms look like this with LoginUIAuthPlugin: mechanisms HyprAuthPlugin:invoke builtin:authenticate,privileged PKINITMechanism:auth,privileged LoginUIAuthPlugin:login CryptoTokenKit:login I would like to be able to get my plugin working properly when the user had previously entered an invalid password.

I am in need of assistance with sandboxing the riot games client and game league of legends. I originally played on a vm from linux but after the change to the incredibly intrusive rootkit malware vanguard. I cannot play from a vm or at least it would be difficult, if this route of containerizing it on mac proves to be more difficult (which wouldn't make sense) then I will go back to spoofing the a vm to not look like a vm. This is even more infuriating because I almost exclusively play Team Fight Tactics in which there is zero cheating and cheating would give a player zero advantage. I decided I would try the Mac version of the game but apple does not sandbox applications at all like flatpak and flatseal from linux. The game has access to my entire system and can read and write to my home directory. This is a massive security risk. I originally tried checking the system settings privacy and security section but the application was not listed anywhere nor was it given access on any of the sections listed. I checked both user local and global tcc.dbs and neither had records that gave the game or client any privileges. This was concerning because tcc.db appears to be the only user facing way of managing permissions that you would think would be a bare minimum baseline and yet the game and client have full access to my system and those permissions are listed nowhere and are given no where. Ie. the default is just to let it do as it pleases even though its a game that only thing it needs to render to the screen. MacOS should properly fix this and implement proper sandboxing of applications like flatpak. I then began building a configuration scheme for sandbox-exec seeing as it was the last opportunity to correctly contain the application to only have the permissions it needs. I carefully crafted the config but it fails just as simply allowing all with allow default... (version 1) (allow default) I run the application with the following command: sandbox-exec -f ~/config.sb "/Users/Shared/Riot Games/Riot Client.app/Contents/MacOS/RiotClientServices" Below are some of the errors produced from running the client sandboxed. 00:44:09.819 (SplashScreenManager) Displaying splash screen from default-splash.html for 2000ms 00:44:09.825 app.isPackaged true 00:44:09.842 Loading page from http://127.0.0.1:51563/index.html sandbox initialization failed: Operation not permitted Failed to initialize sandbox.[0102/004409.953876:ERROR:exception_snapshot_mac.cc(139)] exception_thread not found in task [0102/004409.954838:ERROR:process_reader_mac.cc(309)] thread_get_state(4): (os/kern) invalid argument (4) [0102/004409.954852:ERROR:process_reader_mac.cc(309)] thread_get_state(4): (os/kern) invalid argument (4) [0102/004409.955178:WARNING:process_reader_mac.cc(532)] multiple MH_EXECUTE modules (/usr/libexec/rosetta/runtime, /Library/Apple/usr/libexec/oah/libRosettaRuntime) [0102/004409.955364:WARNING:process_reader_mac.cc(532)] multiple MH_EXECUTE modules (/usr/libexec/rosetta/runtime, /Users/Shared/Riot Games/Riot Client.app/Contents/Frameworks/Riot Client.app/Contents/Frameworks/Riot Client Helper (Renderer).app/Contents/MacOS/Riot Client Helper (Renderer)) [0102/004410.111422:ERROR:exception_snapshot_mac.cc(139)] exception_thread not found in task [4607:0102/004415.168524:ERROR:gpu_process_host.cc(991)] GPU process exited unexpectedly: exit_code=6 [4607:0102/004415.187770:ERROR:network_service_instance_impl.cc(521)] Network service crashed, restarting service. 00:44:15.215 Renderer process has unexpectedly crashed or was killed: crashed (6) { reason: 'crashed', exitCode: 6 }

I noticed, that even though my AutoFill Credential Provider Extension works with Safari for both Passwords and Passkeys, it doesn't work in context menus inside arbitrary textfields, meanwhile the same is true for the Apple Passwords app. This is a great hit to AutoFill productivity, as my extension is unable to fill textfields by just going to the context menu and clicking AutoFill > Passwords.. Is this a feature only available to Apple via private APIs, or is this something I can interface with? I checked and the Passwords app does use some undocumented but non-private entitlements: [Key] com.apple.authentication-services.access-credential-identities [Value] [Bool] true I also checked the responsible executable for some hints (AutoFillPanelService) however found nothing that would lead me to believe this is a public extension point. Another idea I had was trying to use a macOS Service for this, however Services in the "General" category won't show up in any context menu, only in the Application's Main Menu.

During SmartCard pairing the PIN prompt enables the OK button only on user provides a PIN of 6 digits. Is there a way to submit the empty PIN in this flow, where the custom CTK is used here (the custom CTK would take care of the PIN from the custom ctk code). I was able to do an empty PIN submit once the I've paired the user successfully at login, unlock and other cli tools. Is there a way to do the same during the pairing? Once the user has successfully paired with the SmartCard authentication with PIN, I was able to see most of the authentication flows was prompting for the PIN authentication like login, unlock, CLI tools like ssh, su etc., perhaps at few apps where it is still prompted with the Password instead of PIN examples, when I tried to launch Keychain Access app or Add a user from users&groups system setting. Is this expected behaviour?

From watching the video on App Attest the answer would appear to be no, but the video is a few years old so in hope, I thought I would post this question anyway. There's several scenarios where I would like a notification service extension to be able to use App Attest in communications with the back end(for example to send a receipt to the backend acknowledging receipt of the push, fetching an image from a url in the push payload, a few others). Any change App Attest can be used in by a notification service extension?

I've come across strange behavior with the userID property on the returned credential from a passkey attestation. When performing a cross-device passkey assertion between iOS and Android by scanning the generated QR code on my iPhone with an Android device the returned credential object contains an empty userID. This does not happen when performing an on device or cross-device assertion using two iPhones. Is this expected behavior, or is there something I'm missing here? I couldn't find any more information on this in the documentation. iOS Version: 26.0.1, Android Version: 13

Hey everyone, I'm hitting a really frustrating issue with App Attest. My app was working perfectly with DCAppAttestService on October 12th, but starting October 13th it started failing with DCError Code 2 "Failed to fetch App UUID" at DCAppAttestController.m:153. The weird part is I didn't change any code - same implementation, same device, same everything. I've tried switching between development and production entitlement modes, re-registered my device in the Developer Portal, created fresh provisioning profiles with App Attest capability, and verified that my App ID has App Attest enabled. DCAppAttestService.isSupported returns true, so the device supports it. Has anyone else run into this? This is blocking my production launch and I'm not sure if it's something on my end or an Apple infrastructure issue.

Hello, I am working on a script to update an application which bundle ID changed. Only the bundle ID was modified; all other aspects remain unchanged. This application requires access to "Screen & System Audio Recording" permissions, which are currently granted to the old bundle ID. The script performs the following steps: launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.my_agent_1.plist pkgutil --forget com.my_agent_1 tccutil reset All com.my_agent_1 rm /Library/LaunchAgents/com.my_agent_1.plist rm -rf </path/to/com_my_agent_1> installer -dumplog -allowUntrusted -pkg </path/to/com_my_agent_2.pkg> -target / ... When running steps #1-6 without a restart between steps #5 and #6, the old bundle ID (com.my_agent_1) remains visible in TCC.db (verified via SQL queries). Looks like this is the reason why "com.my_agent_2" is not automatically added to the permission list (requiring manual add). Moreover, "tccutil reset All com.my_agent_1" does not work anymore, the error: tccutil: No such bundle identifier "com.my_agent_1": The operation couldn’t be completed. (OSStatus error -10814.) Is there any way to completely clear the "Privacy & Security" permissions without requiring a system restart? Thank you a lot for your help in advance!

I'm experiencing a strange issue where ASWebAuthenticationSession works perfectly when running from Xcode (both Debug and Release), but fails on TestFlight builds. The setup: iOS app using ASWebAuthenticationSession for OIDC login (Keycloak) Custom URL scheme callback (myapp://) prefersEphemeralWebBrowserSession = false The issue: When using iOS Keychain autofill (with Face ID/Touch ID or normal iphone pw, that auto-submits the form) -> works perfectly When manually typing credentials and clicking the login button -> fails with white screen When it fails, the form POST from Keycloak back to my server (/signin-oidc) never reaches the server at all. The authentication session just shows a white screen. Reproduced on: Multiple devices (iPhone 15 Pro, etc.) iOS 18.x Xcode 16.x Multiple TestFlight testers confirmed same behavior What I've tried: Clearing Safari cookies/data prefersEphemeralWebBrowserSession = true and false Different SameSite cookie policies on server Verified custom URL scheme is registered and works (testing myapp://test in Safari opens the app) Why custom URL scheme instead of Universal Links: We couldn't get Universal Links to trigger from a js redirect (window.location.href) within ASWebAuthenticationSession. Only custom URL schemes seemed to be intercepted. If there's a way to make Universal Links work in this context, without a manual user-interaction we'd be happy to try. iOS Keychain autofill works The only working path is iOS Keychain autofill that requires iphone-authentication and auto-submits the form. Any manual form submission fails, but only on TestFlight - not Xcode builds. Has anyone encountered this or know a workaround?

I was wondering if anyone had experience with Managed Device Profiles on iPad to be able to answer a quick question regarding passcode reset. We are using Microsoft Intune to manage our fleet of iPads that our store employees will use on an Ad-Hoc basis. When a user logs into an iPad for the day, we are issuing a resetPasscode command to the MicrosoftGraph specifying that device ID. We are getting a successful response to the iPad itself. But the device is allowing the user 1 hour of free time to dismiss the reset passcode dialogue. Which enables them to use the iPad unprotected for up to an hour, which is not what we want. Does anyone know of any way to force the user to select a passcode immediately? I know this is a device side restriction. But is there anything apple can do to help us in this instance, since our MDM profile can't close this time window on the Intune side?

When I delete an image from my camera roll, my iPhone adds another previously deleted image to my camera roll. This previously deleted image or video is from up to 3 years ago, and isn't in my recently deleted. Therefore, these added images should technically not exist. I am using an iPhone 12 running iOS 26 public beta, but apparently this issue is happening on iOS 18 too. I feel worried that an image/video that I deleted for privacy reasons may appear back in my camera roll. I'll add that I am paying for iCloud+ storage, and I still have 15GB of local storage left on my device.

Hi all, I've on high alert after hearing about the security concerns with npm. Full disclosure, I'm new to computer and network architecture, however, as someone who is on high alert for aplications exfiltrating data or poisioning my on-device machine learning models — I've seen some things I can't fully explain and I'm hoping the community can help. I ran the code odutil show all and I was wondering why certain node names are hidden in my system and when I use the directory utility, I can't use my computer login and password to authenticate to see the users? Am I being locked out of seeing my own system? I'm trying to dig to see if a root kit was installed on my device. Does anyone know what the users and groups in the directory utility are? Who is "nobody" and who is "Unknown user"? I'll probably have a lot more questions about this suspicious files I've seen on my device. Does anyone else's device download machine learning model payloads from the internet without notifying the user (even through a firewall, no startup applications?). I've also tried deleting applications I no longer need anymore and my "system" makes them re-appear.... what?

We are developing an app that uses Authentication Services to authenticate users. According to the documentation, this framework will open the default web browser if it supports auth session handling, and Safari otherwise. This is not entirely true, and users will be frustrated! macOS version: Sequoia 15.5; Safari version: 18.5. When: The default browser is not Safari, and supports auth session handling (Google Chrome and Microsoft Edge as examples); and - The Safari app is already running; The auth flow will: Present the confirmation dialog box with the default browser icon. Good! Open a Safari window, instead of the default browser's one. Bad! Respond with "User Cancelled" error to the app, after making the end user believe the auth was good. Very Bad!! If the app retries the auth session, the default browser window will open as expected, and it will work as expected. However, requiring users to authenticate twice is a very bad users experience... This issue does not reproduce, when either: Safari is not running at the moment of auth session start; The default browser does not support auth session handling; or - Safari is the default browser. Fellow developers, be warned! Apple engineers, feedback #18426939 is waiting for you. Cheers!

Our product includes a background sync process that synchronizes credentials between devices. We need to update ASCredentialIdentityStore when credentials are changed, we have noticed that the ASCredentialIdentityStore.shared.saveCredentialIdentities() fails to run when the device is locked. Is it possible to update ASCredentialIdentityStore when the device is locked?

Pretty much the headline. the func transactionHistory() needs to return the transaction location. This seems so rudimentary, yet it is missing from the docs. Unless I'm missing something, please add this feature or point me in the right direction. Alternatively, is there a way for my app to get notified of the transaction immediately as it happens? I have to get transactions historically which leaves me with no way to determine where they happened in the past.

Not getting ASCredentialServiceIdentifier in func prepareOneTimeCodeCredentialList(for serviceIdentifiers: [ASCredentialServiceIdentifier]) when trying to use ASCredentialProviderViewController for autofilling one time codes in iOS 18.