Apple’s Hide My Email feature has a bug that’s been exposing real email addresses, researcher claims


Apple’s Hide My Email feature is a convenient privacy tool that uses disposable addresses to hide a user’s true email for the sake of online anonymity. Unfortunately, new research appears to show that a bug in the feature allows users’ real email addresses to be unmasked.

The bug was reported by 404 Media, which says that it has tested and verified that the vulnerability exists. Tyler Murphy, the researcher who found the bug, said that he warned Apple about the problem over a year ago and that it was unclear why the company had yet to remedy the problem. All of the attempts to exploit the bug have been successful, Murphy added.

“We don’t know the full scope of the issue, but in our limited tests with volunteers, 100% of Hide My Email addresses were exploitable,” Murphy told the outlet. Details of the vulnerability haven’t been publicly disclosed, for fear that it will be exploited.

Murphy is the co-founder of EasyOptOuts, which offers a paid data-removal service that takes your information off of data broker sites. He told 404 Media that “publicly accessible people-search sites make it easy to link an email address to other personal details, so people relying on Hide My Email for safety may be at risk.”

TechCrunch reached out to Apple for more information and will update this story if it responds.

When it comes to the tech world, privacy tools are hard to come by and, unfortunately, even when they do exist, they don’t always work. Apple has been accused of this sort of thing before.

Case in point: The company was sued in 2022 after it was reported that iPhone apps continued to send analytics data to Apple even when the iPhone Analytics privacy setting was turned on.

Similarly, in 2023, researchers found another one of Apple’s privacy features to be effectively “useless.” The research claimed that a tool that was supposed to anonymize mobile users’ Wi-Fi connections by providing randomized MAC addresses (an easily trackable identifier) was simply exposing the user’s real MAC address.

Apple has built a large part of its reputation and branding on user privacy, so hopefully it manages to address the apparent Hide My Email bug with some expedience. If it can learn to better stand behind its privacy promises, that wouldn’t be the worst thing in the world either.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.



Source link

  • Related Posts

    The funeral for PlayStation discs has begun

    Cody Spencer, the co-owner of the small games retail chain Pink Gorilla Games, put it well when I asked about the impact of Sony’s recent announcement that it will stop…

    T-Mobile moving tens of thousands of virtual machines off VMware amid lawsuit

    T-Mobile is asking a New York court to rule that Broadcom was contractually obligated to continue supporting its VMware perpetual licenses. In its complaint, T-Mobile said it has tens of…

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Trump’s contradictions mangle a complex history of US trade

    Why an ex-national chief wants to sue Canada over…

    Jobs report headlines Thursday's busy economic schedule

    Jobs report headlines Thursday's busy economic schedule

    Canada Day activities in Ottawa cancelled due to ‘extreme weather,’ including fireworks

    Canada Day activities in Ottawa cancelled due to ‘extreme weather,’ including fireworks

    One injection reversed osteoarthritis in weeks

    One injection reversed osteoarthritis in weeks

    Ismaïla Sarr controla de pecho y marca el segundo de Senegal

    Ismaïla Sarr controla de pecho y marca el segundo de Senegal