Blockchains Aren't as Private as You Think, But They Could Be

Cybersecurity expert Mashael Al Sabah was recently featured on MIT’s Business Lab podcast. She talks about privacy issues with blockchain technology and how they can be fixed. You can listen to the podcast with the link below (direct link on Apple Podcasts), and.or read the podcast transcript.

A lot of people think that they are completely anonymous when they use Bitcoin, and this gives them a false sense of security. In our research, what we did is that we crawled social media, like there’s popular forum for Bitcoin users called Bitcointalk.org, and we crawled Twitter as well for Bitcoin addresses that users attributed to themselves. In some forums, people share their Bitcoin addressees along with their profile information. So, now you have the public profile information, which includes usernames, emails, age, gender, city.

A Closer Look at Apple's $20 Polishing Cloth

The folks over at iFixIt have done their traditional teardown of the new MacBook Pro. They also took the time to tear apart the $20 polishing cloth Cupertino has begun selling. The cleaning cloth feels like the inner lining of an iPad Smart Cover, they say. That accessory features a thin layer of microfiber on the inside. Both apparently have a synthetic leather feel to them along with a bit of fuzziness

The new Apple Polishing Cloth earns a 0 out of 10 on our repairability scale, for distracting us from a very important MacBook Pro teardown and not going back together after we cut it into pieces with scissors.

Native Dropbox Support For M1 Macs Doesn't Seem to be Happening

[Update November 1, 2021: Dropbox CEO Drew Houston has said that his company is working on a native M1 build. It plans to release it in the first half of 2022. Original post below]

It looks likes users with M1 Macs shouldn’t expect native support from Dropbox any time soon. MacRumors reported on a long-running support thread discussing the issue of Apple Silicon.

An official Dropbox support thread, shared by Mitchell Hashimoto on Twitter, reveals a fiasco around native support for Apple silicon Macs. Dropbox is seemingly insisting that a significant number of community members will have to vote for native Apple silicon support for it to be implemented. There are also multiple repetitious requests with different phrasing, fragmenting users’ votes for support. In July, responses from Dropbox staff on the thread explained that “this idea is going to need a bit more support before we share your suggestion with our team,” and flagged Apple silicon support as in need of more votes. A month ago, Dropbox staff again replied to the thread requesting native Apple silicon support, saying that Dropbox will continue to be compatible with all devices that run supported versions of macOS using Apple’s Rosetta translation layer. Additional complaints in the thread claim that Dropbox with Rosetta hemorrhages MacBook battery life and uses a disproportionate amount of memory.

Kandji Announces 'Passport' for Secure Mac Authentication

Kandji has announced the release of Passport, an authentication product that creates a seamless, one-password sign-in experience for users.

Kandji Passport validates the credentials a user provides during Mac login against an organization’s cloud-based identity provider (IdP), so users need to remember just one password for both their Mac computers and the organization’s single sign-on (SSO) provider. Passport provides a native Mac login experience while streamlining device configuration, management, and security tasks for IT admins.

(Update) Medical AI Company 'Deep6' Leaks 68 GB Trove of Patient Records

Security researcher Jeremiah Fowler together with the WebsitePlanet research team found an unprotected database belonging to Deep6. The records appear to contain data of those based in the United States.

Update: Deep6 reached out and said the news is misleading, saying “In August, a security researcher accessed a test environment that contained dummy data from MIT’s Medical Information Mart of Intensive Care (MIMIC) system, an industry standard source for de-identified health-related test data. To confirm, no real patient data or records were included in this ephemeral test environment, and it was completely isolated from our production systems.”

Meanwhile, according to WebsitePlanet, Mr. Fowler said, “I sent 3 follow up emails on Aug 11, Aug 12, Aug 23. No one has ever replied since the first message on Aug 10th. I validated that the doctor’s names were real individuals by searching obscure names (see screenshot). This is highly unusual in my experience to use real individuals’ data in a ‘dummy environment’ under any circumstances. Because no one replied, we added our disclaimer that we are highlighting that no patient data appeared in plain text, the records were “medical related”, and we never implied any wrongdoing or risk.”