Mysk 🇨🇦🇩🇪 (@mysk

Mysk 🇨🇦🇩🇪

6,632 posts

Mysk 🇨🇦🇩🇪

@mysk_co

We're two #iOS developers and occasional #security researchers on two continents. #CyberSecurity 📝mysk.blog 🇨🇦🇩🇪 Current Project: @psylo_app

Canada - Germany

Joined November 2010

Pinned
Mysk 🇨🇦🇩🇪
@mysk_co
Jun 17, 2025
Psylo is finally available for download today. We can’t wait for you to try it. apps.apple.com/ca/app/psylo-p…
Psylo: Privacy Browser & Proxy
@psylo_app
Jun 17, 2025
🚀🤘Introducing Psylo: A New Kind of Private Browser After 9 months of development, we're super excited to finally launch Psylo, a new kind of private web browser for iOS and iPadOS. In Psylo, each tab is its own “silo” with isolated storage, cookies, and even its own IP
86K
Mysk 🇨🇦🇩🇪
@mysk_co
Oct 12, 2022
We confirm that iOS 16 does communicate with Apple services outside an active VPN tunnel. Worse, it leaks DNS requests. #Apple services that escape the VPN connection include Health, Maps, Wallet. We used @ProtonVPN and #Wireshark. Details in the video: #CyberSecurity #Privacy
00:00
Mysk 🇨🇦🇩🇪
@mysk_co
Sep 14, 2025
🤯 Instagram is testing new iOS push notifications that include a profile photo. Each time the notification is shown on your screen, it triggers a GET request to fetch that image, letting Meta track every on-screen impression. The app still misuses push notifications to send
429K
Mysk 🇨🇦🇩🇪
@mysk_co
Jul 5, 2024
TL;DR: Don't install @signalapp for macOS, it is not secure. I carried out this small experiment: - I wrote a simple Python script that copies the directory of Signal's local storage to another location (to mimic a malicious script or app) - I ran the script in the Terminal and
913K
Mysk 🇨🇦🇩🇪
@mysk_co
Apr 26, 2023
Google has just updated its 2FA Authenticator app and added a much-needed feature: the ability to sync secrets across devices. TL;DR: Don't turn it on. The new update allows users to sign in with their Google Account and sync 2FA secrets across their iOS and Android devices.
943K
Mysk 🇨🇦🇩🇪
@mysk_co
Sep 22, 2025
🚨 iMessages in iOS 26 leaks the sender's keyboard language when sending reactions to devices with iOS 17 or older, and Android phones via RCS! 😱 #privacy #Apple #iOS26
00:00
950K
Mysk 🇨🇦🇩🇪
@mysk_co
Jul 23, 2023
iOS 16.5.1 still bypasses the VPN. New tests show that Apple Push Notification traffic completely ignores the VPN connection. Apple Maps sends many requests outside the VPN, including unencrypted DNS requests. This also happens in the Lockdown Mode. 🎬 youtu.be/tttO_E2STHA
248K
Mysk 🇨🇦🇩🇪
@mysk_co
Nov 21, 2022
🚨 New Findings: 🧵 1/6 Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you 👇
Mysk 🇨🇦🇩🇪
@mysk_co
Aug 10, 2024
Hey @elonmusk, will 𝕏 publish the algorithm that determines which replies are most relevant? The Algorithm's repository on Github hasn't been updated since last year. Thank you!
28K
Mysk 🇨🇦🇩🇪
@mysk_co
Oct 12, 2022
Replying to @mysk_co
I know what you're asking yourself and the answer is YES. #Android communicates with #Google services outside an active VPN connection, even with the options "Always-on" and "Block Connections without VPN." I used a #Pixel phone running #Android13, its IP is 192.168.2.14 👇
Mysk 🇨🇦🇩🇪
@mysk_co
Apr 11, 2024
Speaking of outdated, @MicrosoftEdge is the only browser on macOS that still requires administrative privileges to install. 🫠
Microsoft Edge
@MicrosoftEdge
Apr 8, 2024
You. Yes, you. It's time to leave that outdated browser 🫵
56K
Mysk 🇨🇦🇩🇪
@mysk_co
Dec 11, 2024
Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download icons for password entries—a potential #security risk. We reported this bug to #Apple in September, and it’s finally fixed in #iOS 18.2 (CVE-2024-54492). Why does this matter? Watch 🎬 :
00:00
156K
Mysk 🇨🇦🇩🇪
@mysk_co
Sep 23, 2023
🚨PSA: iOS 17 turns these sensitive location options back on. If you have disabled significant locations as well as adding your location information to your iPhone analytics before upgrading to iOS 17, iOS 17 will turn the options on as shown in the screenshot. While significant
534K
Mysk 🇨🇦🇩🇪
@mysk_co
Sep 29, 2025
I love seeing vestiges of pre-iOS 7 design still exist in iOS 26: the network link conditioner under developer options in settings. Look at that bold font, and the checkmark ✔️
290K