MacRumors

While Apple's Macs are less targeted by malware than Windows PCs, concerning Mac malware does pop up regularly. This week, there's new Mac malware out in the wild that Mac users should be aware of.

Called Atomic macOS Stealer (AMOS), the malware was found on Telegram by Cyble Research. A Telegram user was selling access to the malware, which is designed to steal sensitive information like usernames and passwords.

Whoever designed the Atomic macOS Stealer is working behind the scenes to improve it and add new functionality to make it more effective. In its current incarnation, AMOS is able to access keychain passwords, system information, files from the desktop and documents folder, and the password of the Mac.

It is able to infiltrate browser apps like Chrome and Firefox, extracting autofill information, passwords, cookies, wallets, and credit card information. Cryptowallets like Electrum, Binance, and Atomic are specific targets.

AMOS can be purchased with a web panel that makes it easy to manage malware targets, along with tools for brute-forcing private keys. The malware and accompanying services to make it easier to use against victims can be purchased on Telegram for $1,000 per month.

A .dmg file is used to get the malware on a victim's machine, and once installed, it immediately begins accessing sensitive information and sending it to a remote server. A fake system prompt is presented to get access to the system password, and it asks for access to files in the documents and desktop folders.

Because this requires a user to click on a .dmg file to install, Mac users can avoid the malware by not installing any kind of untrusted software from an unverified source. Cyble Research recommends installing software from the Mac App Store, using strong passwords and multi-factor authentication, and using biometric authentication where possible.

Users should also avoid opening links in emails, using caution whenever an app asks for permissions, and keeping devices, operating systems, and apps up to date.

Kroger-owned grocery store chain Harris Teeter this week announced it now accepts Apple Pay and other contactless payment methods at all of its over 250 locations in North Carolina, South Carolina, Virginia, Maryland, and a few other states.

Apple Pay also started rolling out at some actual Kroger locations in Kentucky and Ohio earlier this month, as the company finally embraces NFC technology. Kroger was one of the largest Apple Pay holdouts in the U.S. since the service launched in 2014, alongside Walmart and The Home Depot, but it now accepts Apple Pay at some or all Kroger, Fred Meyer, Ralphs, QFC, King Soopers, and Harris Teeter locations across the country.

Apple Pay allows customers to tap to pay with an iPhone or Apple Watch at checkout, providing a convenient and secure payment method. Alongside Apple Pay, Kroger continues to offer its own service called Kroger Pay, which requires customers to scan a QR code at checkout to pay with a debit or credit card stored in the Kroger app.

A pre-release version of Apple Pay Later continues to roll out to randomly selected iPhone users, as noted by tech enthusiast Will Sigmon. Built into the Wallet app, the "buy now, pay later" feature lets qualifying customers split a purchase made with Apple Pay into four equal payments over six weeks, with no interest or fees.

iPhone users will see an "Early Access" banner for Apple Pay Later in the Wallet app if they are selected, and a notice will be sent to their Apple ID email. There doesn't appear to be any way to force an invite, but those who wish to try Apple Pay Later must be a U.S. resident, 18 or older, and update their iPhone to iOS 16.4 or later.

Apple Pay Later early access began in late March, and Apple said it plans to offer the feature to all eligible users "in the coming months."

iPhone users can apply for a $50 to $1,000 loan in the Wallet app with no impact to their credit, according to Apple. After entering the amount they would like to borrow and agreeing to the Apple Pay Later terms, a soft credit check will be initiated. Once a user is approved, Apple Pay Later will be available as an option when using Apple Pay.

In the Wallet app, users can view, track, and manage loans, with upcoming payments shown on a calendar and payment reminders sent via the Wallet app and email. Users must set up a debit card as a loan repayment method, with credit cards not accepted.

Apple Pay Later credit assessment and lending is handled by Apple Financing LLC, a subsidiary of Apple. The service is based on the Mastercard Installments program, so merchants that accept Apple Pay do not need to do anything to implement it. Apple published a series of support documents with additional information.

Apple has not said if or when the feature will launch in other countries.

Today marks the 20th anniversary of Apple launching the iTunes Music Store, allowing Mac users to download music for "just 99 cents per song."

At launch, the iTunes Music Store offered over 200,000 songs from music labels such as Sony, Universal, and Warner, with free 30-second previews of any song. The store provided convenient access to songs on an à-la-carte basis at a time when pirating music was rampant via peer-to-peer file sharing programs such as LimeWire and KaZaA.

"The iTunes Music Store offers the revolutionary rights to burn an unlimited number of CDs for personal use and to put music on an unlimited number of iPods for on-the-go listening," said Apple's former CEO Steve Jobs, in an April 28, 2003 press release. "Consumers don't want to be treated like criminals and artists don't want their valuable work stolen. The iTunes Music Store offers a groundbreaking solution for both."

Apple expanded iTunes and the online music store to Windows in October 2003. At the time, Apple said customers had purchased more than 13 million songs from the iTunes Music Store, making it the "number one download music service in the world."

Apple has gradually phased out the iTunes brand over the past few years, and the music store is now located in the Music app on the Mac. iTunes has also been overshadowed by Apple Music and other streaming music services, with many customers now opting to pay a monthly subscription fee for unlimited access to up to 100 million songs.

Apple will report its earnings results for the second quarter of its 2023 fiscal year on Thursday, May 4 at 1:30 p.m. Pacific Time. Apple's CEO Tim Cook and CFO Luca Maestri will discuss the results on a conference call for investors a half hour later.

Keep reading for some key things to know about the quarter, including a recap of new products announced, revenue expectations, and more.

New Products During Quarter

The quarter ran from January 1 through April 1, according to Apple's fiscal calendar, and included the following product launches:

• 14-inch and 16-inch MacBook Pro (M2 Pro and M2 Max chips)
• Mac mini (M2 and M2 Pro chips)
• HomePod (2nd generation)
• iPhone 14 and iPhone 14 Plus (Yellow)
• Black Unity Sport Loop

Year-Over-Year Revenue Decline Expected

Apple has not provided guidance since the start of the COVID-19 pandemic, but analysts currently expect the company to report revenue of around $93 billion on average this quarter, according to Yahoo Finance. This would be a revenue decline of around 4.5% compared to the $97.3 billion the company reported in the year-ago quarter.

Maestri provided the following commentary on Apple's earnings call last quarter:

Given the continued uncertainty around the world in the near term, we are not providing revenue guidance, but we are sharing some directional insights based on the assumption that the macroeconomic outlook and COVID-related impacts to our business do not worsen from what we are projecting today for the current quarter. In total, we expect our March quarter year-over-year revenue performance to be similar to the December quarter.

Conference Call

Cook and Maestri will hold a conference call at 2:00 p.m. Pacific Time on May 4 to discuss the company's second quarter earnings results. The call should last around one hour and will include a Q&A segment with analysts.

A live audio stream of the conference call will be available on Apple's Investor Relations page, and a recording will be available later in the day for replay.

Investors will be listening for any potential commentary surrounding the economy as concerns persist about a recession in the U.S. and other countries.

What's Next

Apple's third quarter began April 2 and runs through July 1. Apple has yet to announce any new products during this quarter, but it did open its first retail stores in India and launch an Apple Card savings account in partnership with Goldman Sachs.

AAPL is currently trading at around $168, down around 4.5% from a 52-week high of $176.15.

B&H Photo today has a collection of 2021 MacBook Pro models at record low prices, with up to $1,400 off these custom configurations with higher storage. Only B&H Photo is offering this sale, and you can get the discounts through April 30 at 10:59 p.m. Central Time. At the same time, you'll find multiple all-time low prices on 2023 MacBook Pros below.

2021 MacBook Pro

Savings are centered around two high-end configurations of the 2021 MacBook Pro, including both 14-inch and 16-inch models. You can get the 14-inch MacBook Pro (M1 Max 32-Core GPU, 2TB) for $2,899.00, down from $4,099.00. There are also a few different AppleCare+ bundles being sold on B&H Photo with this computer.

Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

For the 16-inch MacBook Pro (M1 Max 32-Core GPU, 4TB), this notebook has dropped to $3,699.00, from $4,899.00. Similar to the 14-inch model, the 16-inch computer is also being sold with AppleCare+ protection bundles on B&H Photo.

Moving away from B&H Photo's sale, if you're interested in a regular configuration of the previous generation MacBook Pro, Amazon has a solid deal. You can get the 14-inch MacBook Pro (10-Core M1 Pro, 1TB) for $1,999.00, down from $2,499.00. This is a match of the all-time low price on this version of the MacBook Pro, and right now Amazon only has Silver at this price.

2023 MacBook Pro

For the newer devices, we're tracking a few record low prices across Amazon and B&H Photo, with the majority of deals on the 16-inch MacBook Pro. The sole 14-inch MacBook Pro deal can be found at B&H Photo, where you can get the 512GB computer for the best-ever price of $1,749.00, down from $1,999.00.

You'll find more deals on the 16-inch MacBook Pros this week, starting with the 512GB M2 Pro computer for $2,249.00, down from $2,499.00 [matched at B&H Photo]. There's also the 1TB M2 Pro model for $2,449.00, down from $2,699.00 [matched at B&H Photo].

The only M2 Max 16-inch MacBook Pro being discounted this week can be found at B&H Photo, which has the 1TB M2 Max notebook for $3,249.00, down from $3,499.00. Shoppers should note that all MacBook Pro deals at B&H Photo, including savings on the new models, will also end on April 30 at 10:59 p.m. Central Time.

You can find even more discounts on other MacBooks by visiting our Best Deals guide for MacBook Pro and MacBook Air. In this guide we track the steepest discounts for the newest MacBook models every week, so be sure to bookmark it and check back often if you're shopping for a new Apple notebook.

Apple this week shared a Mother's Day gift guide with a variety of product and accessory recommendations. Mother's Day is on Sunday, May 14 in the United States, Canada, Australia, New Zealand, and several other countries around the world.

Gift ideas priced under $100 in the U.S. include the AirTag, HomePod mini, Apple Watch bands, iPhone cases, Apple Polishing Cloth, MagSafe Wallet, MagSafe Battery Pack, AirFly Pro, and various other accessories. Apple also sells an all-in-one gift card that can be used to purchase products at the Apple Store or apps on the App Store, pay for an Apple Music subscription or extra iCloud storage, and much more. The physical version of the gift card has a $25 minimum and includes a collectible Apple sticker.

Apple offers free engraving for several devices and accessories, allowing you to include a personalized message or emoji on the Apple Pencil, iPads, AirPods charging cases, and more. Gift wrapping with a customized card, or a special message on the packing slip, are also available for orders placed through Apple's online store.

On this week's episode of The MacRumors Show, we talk through all of the top features and improvements we'd like to see come to tvOS 17, the HomePod, and HomeKit at WWDC later this year.

Apple is expected to unveil tvOS 17 and "audioOS" 17 at WWDC in June, offering a range of enhancements and new features. 2022's tvOS 16 was only a minor update to the Apple TV, so we discuss where we would like the OS to go next with features like widgets, Up Next improvements, and apps like Weather and Home.

We discuss how the ‌HomePod‌ could make better use of its top display, true surround sound, and synced alarms. Last year, Apple's Home app got a significant upgrade with a full redesign and a new ‌HomeKit‌ architecture. We consider how the Home app could take another leap forward with more powerful automations and camera feed improvements.

We also look at some of the latest Apple news, including iOS 17's rumored journalling app, mood tracking functionality, new Lock Screen, Apple Music, and App Library features, iPadOS 17's Health app and Lock Screen customization, Apple's AI-powered health coaching service, 32- and 42-inch OLED displays planned for 2027, and more.

Listen to The MacRumors Show in Apple Podcasts, Spotify, Overcast, Pocket Casts, Castro, Google Podcasts, or your preferred podcasts app. You can also copy our RSS feed directly into your podcast player. Watch a video version of the show on the MacRumors YouTube channel.

If you haven't already listened to the previous episode of The MacRumors Show, catch up for our discussion about all of the latest rumors about the software updates and new hardware expected to be previewed at this year's WWDC with Bloomberg's Mark Gurman.

Subscribe to ‌The MacRumors Show‌ for more episodes, where we discuss some of the topical news breaking here on MacRumors, often joined by exciting guests like Marcus Kane, Christopher Lawley, Frank McShan, David Lewis, Andru Edwards, Tyler Stalman, Jon Prosser, Sam Kohl, Quinn Nelson, John Gruber, Federico Viticci, Sara Dietschy, Luke Miani, Thomas Frank, Jonathan Morrison, iJustine, Ross Young, Ian Zelbo, Jon Rettinger, and Rene Ritchie. You can also head over to The MacRumors Show forum thread to engage with us directly. Remember to rate and review the show, and let us know what subjects you would like the podcast to cover in the future.

Researchers in the Future Interfaces Group at Carnegie Mellon this week highlighted a breakthrough in display technology that could make future screens more tactile through raised haptics. As noted by TechCrunch, the Future Interfaces Group shared a video and a research paper demonstrating a display that can grow small, physical bumps that can be felt under the fingers.

The technology could be used for tactile notifications, a pop-up keyboard that feels different under the fingers than the standard screen, buttons that remain inflated until pressed, pop-up custom-shaped buttons for controlling system functions, and more. One of the concepts demonstrated includes a pop-up music interface that displays raised music controls for playback, while another features a button on a smartphone that pulses up and down until it's pressed.

Researchers developed a flat panel that's using miniaturized hydraulic pumps to raise the surface through fluid. Each pump is individually controllable and can be activated separately to create dynamic, tactile bumps in a compact form factor.

The hardware is self-contained, lightweight, relatively slim at 5mm, and able to withstand the force of a normal touchscreen interaction.

At the current time, this is emergent technology that's owned by Carnegie Mellon, but it isn't hard to imagine future smartphones that use this kind of functionality. Apple has adopted haptic vibrations for touch-based feedback that's used for notifications and other system feedback, but raised haptics would add another dimension to the display.

Apple could use this kind of technology for a device that folds flat but has a pop-out keyboard when in use, plus there are likely multiple accessibility use cases for those who have sight problems. It's impossible to say whether this is functionality that we will see in Apple devices in the future, but it is an interesting concept.

An estimated 1 in 3 Americans are exposed to harmful levels of noise on a regular basis, based on data gathered as part of the Apple Hearing Study. In recognition of International Noise Awareness Day, University of Michigan researchers working on the hearing study in partnership with Apple shared a blog post noise exposure.

Extrapolating data collected from 130,000 Apple Hearing Study volunteers who contributed readings from their Apple Watch between November 2019 and December 2022, the University of Michigan estimated that 77 million adults across the United States are consistently exposed to high noise levels.

According to the World Health Organization and the United States Environmental Protection Agency, an annual average noise exposure level of 70 decibels (dBA) poses no risk for hearing loss, but exposure over 70 dBA can result in damage to hearing.

The study assumes that people with repeated daily average noise exposures over 70 dBA likely have an annual noise exposure over 70 dBA, which researchers say can result in hearing issues, irritation, heart problems, and sleep disturbances, in addition to impacting mental health. Higher noise levels for longer time periods can increase risk.

The Apple Watch has a built-in feature for detecting environmental sound level, and it collects data to tabulate an average daily environmental sound exposure level. The information collected by the watch can be located in the Hearing section of the Health app.

The Health app will let you know if your noise exposure levels are below 75 dB on average and are "OK," or if you have been repeatedly exposed to higher levels of sound that can impact your health. At 80 dB, 40 hours of exposure over seven days could potentially result in damage, but at 120 dB, 14 seconds over seven days could cause problems. The Apple Watch is able to send an alert when it detects a harmful noise level so you can move to a quieter location.

People in Puerto Rico, Delaware, Rhode Island, Mississippi, and Connecticut experienced the highest noise pollution levels, and adults aged 35 to 44 were more likely to be exposed to high noise levels compared to those in other age groups.

Additional details about the study can be found in the full blog post on the University of Michigan website. To cut down on hearing damage, researchers recommend that those regularly exposed to excessive noise pollution move away from noisy areas and take "quiet breaks," buy quiet appliances, and wear ear muffs and ear plugs when possible.

Former Apple employee Dhidrenda Prasad was this week sentenced to three years in prison and was ordered to pay more than $17 million in restitution to Apple. Back in November, Prasad pled guilty to conspiracy to commit fraud and conspiracy to defraud the United States after stealing millions of dollars from Apple.

Prasad was part of Apple's Global Service Supply Chain department between 2008 and 2018, and his job was to buy parts and services from vendors for servicing older devices. In 2011, Prasad started accepting kickbacks, inflating invoices, and stealing parts, causing Apple to pay for components and services that it did not receive.

Two vendors worked with Prasad to steal money from Apple. His schemes included funneling illicit payments from the vendors to his creditors, tricking Apple into paying for components twice, and stealing components purchased by Apple and reselling them to Apple through his co-conspirators. In total, he was found guilty of stealing $17 million through mail and wire fraud.

He will forfeit nearly $5.5 million in assets that the government has already seized, and will need to pay an additional $8 million in forfeiture money. The $13.5 million forfeiture is on top of the $17 million that he must pay to Apple and the $1.8 million he owes to the IRS for not paying taxes on the money he received from Apple.

After serving three years in prison, he will have another three years of supervised release.

Google today announced that YouTube Music on the web and the YouTube Music app for iOS devices now offer podcasts in the United States. Users who watch podcasts through the main YouTube app can now continue listening to them through YouTube Music.

Podcasts on YouTube Music are free, with no Premium subscription required. Podcasts are available on-demand, offline, and can be listened to in the background and while casting, with options to swap between audio and video versions.

Google says that the podcast listening experience on YouTube Music is designed to complement the video podcast experience that's available on YouTube. Podcasts will be available through the Home tab by tapping on the Podcasts section at the top of the screen.

There is an Explore feature for finding popular podcasts based on categories that include gaming, music, true crime, comedy, health and fitness, business, and society and culture, plus a search tab for locating specific content.

Podcasts in YouTube Music are rolling out to U.S. users starting today, but Google says support is being implemented "gradually" so it may take a few days for the podcasts to show up in the YouTube Music app and on the web. While podcasts are limited to the United States at the current time, Google has plans to bring access to other regions in the future.

Apple is working on an updated version of the Apple Watch Ultra that has an improved microLED display, but the device won't launch until the second half of 2025, according to information shared by display analyst Ross Young.

Young believes that the microLED Apple Watch has now been "pushed out" to 2025 at the earliest, which means rumors of a 2024 launch may now be outdated. Earlier this year, Young gave a more vague 2025 release timeline, but now he has dialed his prediction in to the latter half of the year.

Bloomberg's Mark Gurman has confirmed Apple's work on a ‌microLED Apple Watch‌, and in January, he suggested that the device could come out at the end of 2024, but Apple's timeline has likely since shifted.

Early rumors about devices that are a year or two out can be unreliable in terms of launch timing as Apple often has to push back its release dates due to delays in design, component sourcing, manufacturing, and more.

The Apple Watch Ultra is expected to be the first Apple device to adopt a microLED display, but Apple is planning to bring the technology to the iPhone and other devices in the future.

Some of the year's best deals on AirPods Pro 2, AirPods 3, and AirPods 2 remain at Verizon and Amazon this week, including $50 off the AirPods Pro 2 at $199.99. As with all other Verizon deals, you don't need to be a Verizon customer to get these savings, and all orders receive free two-day shipping.

Note: MacRumors is an affiliate partner with Verizon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Verizon has the AirPods Pro 2 available for $199.99, down from $249.99. We very briefly saw a discount on this model to $194.99 last month, but this rare deal never emerged again and today's deal remains a solid second-best price.

Verizon also has both models of the AirPods 3 on sale. You can get the AirPods 3 with Lightning Charging Case for $149.99, down from $169.99; and the AirPods 3 with MagSafe Charging Case for $159.00, down from $179.00. Verizon has been one of the only retailers to provide any consistent deals on the AirPods 3 this year.

Lastly, only Amazon has the AirPods 2 for $99.00, down from $129.00. Although this is an overall second-best price, we haven't seen an all-time low price on the AirPods 2 since the holiday season.

We track sales for every model of the AirPods in our Best AirPods Deals guide, so be sure to bookmark that page while you shop around for the wireless headphones. Keep up with all of this week's best discounts on Apple products and related accessories in our dedicated Apple Deals roundup.

With all four iPhone 15 models expected to feature a USB-C port instead of Lightning, several Apple accessories will switch to USB-C as well. For example, EarPods with a USB-C connector are already in mass production, according to a tweet today from leaker ShrimpApplePro. They previously said Foxconn is supplying the earbuds.

The new EarPods would connect directly to the USB-C port on iPhone 15 models, without an adapter. Apple's wired earbuds are currently available with a Lightning connector or a 3.5mm headphone jack, with both versions priced at $19.

EarPods have become less popular since Apple released wireless AirPods in 2016, and removed the headphone jack on iPhones, but they remain a more affordable option for customers. EarPods also provide a simple plug-and-play wired listening experience, with a built-in remote and no charging or pairing necessary.

Apple is expected to announce the iPhone 15 lineup in September, and the new EarPods would likely launch around then. Apple analyst Ming-Chi Kuo previously claimed that other accessories like AirPods charging cases, the MagSafe Battery Pack, and the Magic Keyboard/Trackpad/Mouse trio will switch to USB-C in the future as well.

Earlier in the week, we tracked a new all-time low price on Apple's 8-Core GPU, 256GB M1 iMac, and now today Amazon has introduced more colors of this computer on sale. You can get four colors now at $999.99, down from $1,499.00, which is a massive $499 discount on the 24-inch iMac.

Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running.

Colors on sale include Yellow, Purple, Orange, and Pink. Shipping estimates have slipped into the middle of May with the fastest options, and as far into early June for some. This is quite a discount, so we recommend getting your order in as soon as possible if you're interested; these have been known to disappear quickly.

With this discount, the 8-Core/256GB model is now cheaper than the entry-level 7-Core/256GB model, which has only ever reached as low as $1,099.00 in previous sales. The M1 iMac first launched two years ago in April 2021, and it features a 24-inch 4.5K Retina display, M1 chip, Touch ID keyboard, and more.

If you're on the hunt for more discounts, be sure to visit our Apple Deals roundup where we recap the best Apple-related bargains of the past week.

Siri and Apple's use of AI has been severely held back by caution and organizational dysfunction, according to over three dozen former Apple employees who spoke to The Information's Wayne Ma.

The extensive paywalled report explains why former Apple employees who worked in the company's AI and machine learning groups believe that a lack of ambition and organizational dysfunction have hindered ‌Siri‌ and the company's AI technologies. Apple's virtual assistant is apparently "widely derided" inside the company for its lack of functionality and minimal improvement over time.

By 2018, the team working on ‌Siri‌ had apparently "devolved into a mess, driven by petty turf battles between senior leaders and heated arguments over the direction of the assistant." ‌Siri‌'s leadership did not want to invest in building tools to analyse ‌Siri‌'s usage and engineers lacked the ability to obtain basic details such as how many people were using the virtual assistant and how often they were doing so. The data that was obtained about ‌Siri‌ coming from the data science and engineering team was simply not being used, with some former employees calling it "a waste of time and money."

Many Apple employees purportedly left the company because it was too slow to make decisions or too conservative in its approach to new AI technologies, including the large-language models that underpin chatbots like ChatGPT. Apple CEO Tim Cook personally attempted to persuade engineers who helped Apple modernize its search technology to stay at the company, before they left to work on large-language models at Google.

Apple executives are said to have dismissed proposals to give ‌Siri‌ the ability to conduct extended back-and-forth conversations, claiming that the feature would be difficult to control and gimmicky. Apple's uncompromising stance on privacy has also created challenges for enhancing ‌Siri‌, with the company pushing for more of the virtual assistant's functions to be performed on-device.

Cook and other senior executives requested changes to ‌Siri‌ to prevent embarassing responses and the company prefers ‌Siri‌'s responses to be pre-written by a team of around 20 writers, rather than AI-generated. There were also specific decisions to exclude information such as iPhone prices from ‌Siri‌ to push users directly to Apple's website instead.

‌Siri‌ engineers working on the feature that uses material from the web to answer questions clashed with the design team over how accurate the responses had to be in 2019. The design team demanded a near-perfect accuracy rate before the feature could be released.

Engineers claim to have spent months persuading ‌Siri‌ designers that not every one of its answers needed human verification, a limitation that made it impossible to scale up ‌Siri‌ to answer the huge number of questions asked by users. Similarly, Apple's design team repeatedly rejected the feature that enabled users to report a concern or issue with the content of a ‌Siri‌ answer, preventing machine-learning engineers from understanding mistakes, because it wanted ‌Siri‌ to appear "all-knowing."

In 2019, the ‌Siri‌ team explored a project to rewrite the virtual assistant from scratch, codenamed "Blackbird." The effort sought to create a lightweight version of ‌Siri‌ that would delegate the creation of functions to app developers and would run on iPhones instead of the cloud to improve performance and privacy. Demos of Blackbird apparently prompted excitement among Apple employees owing to its utility and responsiveness.

Blackbird competed with the work of two senior leaders on the ‌Siri‌ team who were responsible for helping ‌Siri‌ understand and respond to queries. These individuals pushed for their own project, codenamed "‌Siri‌ X," for the 10th anniversary of the virtual assistant. The project simply aimed to move ‌Siri‌'s processing on-device for privacy reasons, without the lightweight, modular functionality of Blackbird.

Hundreds of employees working on Blackbird were assigned to ‌Siri‌ X, which killed the ambitious project to make ‌Siri‌ more capable. ‌Siri‌ X was mostly completed in 2021 and now many of the voice assistant's functions are processed locally.

Most recently, the group working on Apple's mixed reality headset were reportedly disappointed by the demonstrations provided by the ‌Siri‌ team on how the virtual assistant could control the headset. At one point in the device's development, the headset team considered building an alternative method for controlling the device using voice commands because ‌Siri‌ was deemed to be unsatisfactory.

Earlier this week, Google updated its Authenticator app to enable the backup and syncing of 2FA codes across devices using a Google Account. Now an examination by Mysk security researchers has found that the sensitive one-time passcodes being synced to the cloud aren't end-to-end encrypted, leaving them potentially exposed to bad actors.

Prior to the integration of Google Account support, all codes in the Google Authenticator app were stored on device, which meant that if the device was lost, so too were the one-time passcodes, potentially causing loss of account access as well. But it seems that by enabling cloud-based syncing, Google has opened up users to a security risk of a different sort.

"We analyzed the network traffic when the app syncs the secrets, and it turns out the traffic is not end-to-end encrypted," said Mysk via Twitter. "This means that Google can see the secrets, likely even while they're stored on their servers. There is no option to add a passphrase to protect the secrets, to make them accessible only by the user."

"Secrets" is a term used to refer to private pieces of information that act as keys to unlock protected resources or sensitive information; in this case, one-time passcodes.

Mysk said that its tests found the unencrypted traffic contains a "seed" that's used to generate the 2FA codes. According to the researchers, anyone with access to that seed can generate their own codes for the same accounts and break in to them.

"If Google servers were compromised, secrets would leak," Mysk told Gizmodo. Since the QR codes involved with setting up two-factor authentication contain the name of the account or service, the attacker can also identify the accounts. "This is particularly risky if you're an activist and run other Twitter accounts anonymously," added the researchers.

Mysk subsequently advised users not to enable the Google account feature that syncs 2FA codes across devices and the cloud.

Responding to the warning, a Google spokesperson told CNET it had added the sync feature early for convenience's sake, but that end-to-end encryption is still on its way:

End-to-End Encryption (E2EE) is a powerful feature that provides extra protections, but at the cost of enabling users to get locked out of their own data without recovery. To ensure that we're offering a full set of options for users, we have also begun rolling out optional E2EE in some of our products, and we plan to offer E2EE for Google Authenticator in the future."

Until that happens, there are alternative services for syncing authentication codes across devices, such as Apple's own 2FA code generator and third-party apps like Authy.