Apple releases first beta versions for iOS/iPadOS 16.6, macOS 13.5 Ventura, watchOS 9.6, tvOS 16.6.
Not much is know regarding updates in this set of beta versions. It seems that this release should enable iMessage Contact Key Verification.
Beta download: Operating Systems
Release notes do not contain any information so far.
Apple Developer: Get ready with the latest beta releases
Reference: iOS 16.6 Beta Lays Groundwork for iMessage Contact Key Verification
Apple announces new security features coming this and next year. These include iMessage public key notifications, Apple ID hardware security keys and end-to-end encryption for more iCloud data.
iMessage will now notify when your contact's public key is changed (which could be a result of unwanted new device being added to the account). With this feature it will be easier to catch the moment when somebody is eavesdropping on the conversation.
This feature to become generally available in 2023 worldwide.
Apple will provide support for hardware security keys for Apple ID authentication. This might provide extra security measure for those who need better protection for their data.
This feature will be available in early 2023 worldwide.
Apple adds end-to-end encryption to more iCloud data types, including Notes and iCloud Backups. Major data types not yet covered by end-to-end encryption are Mail, Contacts and Calendars.
Notable, data protection for iCloud is opt-on feature, so users have to enable it themselves.
This feature is available in the US today in beta, and should be available for general users in US later in 2022. Worldwide rollout is expected in early 2023.
Apple Newsroom: Apple advances user security with powerful new data protections
Apple releases beta 4 for iOS/iPadOS 16, macOS 13 Ventura, watchOS 9 and tvOS 16. Most notable addition is support for Live Activities.
Live Activities and ActivityKit won't be included in the initial publicly released version of iOS 16, but will be publicly available in an update later this year. Once they're publicly available, you can submit your apps with Live Activities to the App Store.
Apple Developer
There are also updates on edit and unsend functionality in Messages:
Beta download: Operating Systems
Apple Developer:
Release notes:
References:
Apple announces that it filed a lawsuit against NSO Group responsible for Pegasus software used to infiltrate iPhones of journalists and activists.
Apple also announced a $10 million contribution to support cybersurveillance researchers and advocates
Apple Newsroom
Apple claims that FORCEDENTRY exploit is currently fixed and only small number of people were affected by it. However, these were targeted attacks and, therefore, damage was significant.
iOS 15 includes a number of new security protections, including significant upgrades to the BlastDoor security mechanism. While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions. Apple urges all users to update their iPhone and always use the latest software.
Apple Newsroom
Apple also announced that it will notify users of ongoing attacks.
If Apple discovers activity consistent with a state-sponsored attack, we notify the targeted users in two ways:
Apple Support
- A Threat Notification is displayed at the top of the page after the user signs into appleid.apple.com.
- Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.
Amnesty International posts a report on NSO Group's Pegasus software used to attack iPhones. Attacks were already used on journalists.
Attack includes zero-click iMessage exploit allowing private data access on iPhones. Currently, no clear indications on which iOS versions are affected, but it seems that iOS 14.6 is vulnerable.
