A change may be coming in the way you’ll be paying for Apple Care. Apple doesn’t approve of an app that it has approved—semantics are at the heart of a porn app problem. DeepSeek is this past week’s big artificial intelligence story. What’s different about this new AI contender? Does it secure your data? And Apple’s new Invites app doesn’t seem to be too inviting.
If you like the Intego Mac Podcast, be sure to follow it on Apple Podcasts, Spotify, or Amazon.
Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you’re ready to buy.
Get Apple security news delivered straight to your inbox, for free. Intego’s twice-monthly newsletter will keep you informed about Apple-related privacy and security, along with tips and tricks for getting the most out of your Mac or iPhone. Subscribe for free—no strings attached.
Transcript of Intego Mac Podcast 382
Voice Over 0:00
This is the Intego Mac podcast—the voice of Mac security—for Thursday, February 6, 2025. This week’s Intego Mac Podcast security headlines include: A change may be coming in the way you’ll be paying for Apple Care. Apple doesn’t approve of an app that it has approved—semantics are at the heart of a porn app problem. DeepSeek is this past week’s big artificial intelligence story. What’s different about this new AI contender? Does it secure your data? And Apple’s new Invites app doesn’t seem to be too inviting. Now here are the hosts of the Intego Mac podcast. Veteran Mac journalist Kirk McElhearn and Intego’s chief security analyst, Josh Long.
Kirk McElhearn 0:49
Good morning. Josh, how are you today?
Josh Long 0:54
I’m doing well. How are you, Kirk?
Apple’s iOS 18.3 update for iPhone 11 line
Kirk McElhearn 0:58
I’m doing fine. Okay. Last week we talked about the dot three updates, iOS 18 three, iPad OS 18 three. Mac OS 15 three, and we have a new dot three update, but only for one particular group of iPhone models.
Josh Long 1:07
That’s right. Apple re released iOS 18.3 specifically for the iPhone 11 line and so that includes the Pro models and everything. We don’t really know why. I guess it was some sort of bug fix that was specific to that year’s iPhones, and we don’t really know much beyond that, so not a big deal. I haven’t really heard. Nobody’s really talked about like, what exactly Apple fixed just for this one series of iPhones, but for some reason, Apple felt it was worth re releasing this update for those models.
Introduction of Apple’s Invites app
Kirk McElhearn 1:39
We’ve seen this in the past a few times when there’s been a re release, because there’s been a bug that affected a specific, I want to say, a specific model. But we’re talking about, in this case, four models, the two sizes of the standard and the two sizes of the Pro. Could be hardware related, something to do with, you know, there was a bug with the update. So if you have an iPhone, 11 time to update it. This week, Apple released a new app, and there are so many things to say about this that where do we start? The app is called Invites, and it’s an iPhone only app. You can download it on an iPad, but it displays an iPhone size, and you can create invites for parties. So let’s say you’re setting up a birthday party, you set yourself as organizer. You choose a background, you can add a picture, you invite guests, you can put a location, a time and a date and everything, and you can send it to people. And the problem is that this is just such a I don’t know. I’m trying to be polite to say that Apple’s released one of the dumbest apps in years.
Josh Long 2:40
I think the idea behind it isn’t bad. I did see one editor talking about how they like how they no longer have to go to some third party, like Facebook if they want to send out an invitation to their friends to come to some event, which is, that’s kind of nice, and you don’t even necessarily have to be an iPhone user to receive these notifications. You may have to have an Apple account in order to RSVP. It looks like, but at the very least, you don’t have to have an iPhone. So you can be on an Android device. You can get the link, and you can still RSVP to an event that somebody invited you to. There are some nice features you can, for example, have a photo album related to that event, so people can, I guess, submit photos that were taken at the event, and everyone can see them later. So there’s some nice features like that, but there’s a couple of odd or uncomfortable things with this as well.
Kirk McElhearn 3:40
Well, Apple is touting this, and I’m getting this from the Apple Newsroom site. So this is a press release from Apple. They talk about beautiful invitations to create and capture shared moments, and then they say Apple Intelligence makes invites even more fun. You could use image playground to produce original images using concepts, descriptions and people from their photo library. And I gotta tell you, this is just, I mean, we’ve, we’ve got one example. We’re gonna link in the show notes to a video from MacRumors showing someone set up a an invite for a birthday party. And this text at the bottom that says, bit Hey, bentolin party, something like that. It’s like your typical AI, bad spelling, right? That doesn’t even look like normal letters. It’s just embarrassing. I mean, this whole image playground thing is embarrassing, and we’ve talked about this in the past, but this is even more embarrassing because you’re sending this to people who might be on Android and who don’t know how bad image playground is yet.
Josh Long 4:37
Well, of course, that this happened to be the first image that was generated, right? It was supposed to say something like birthday party and, well, it got a bunch of gobbledy gook in there that doesn’t even really look like English words. This is the kind of stuff that you would expect garbage AI to produce about two years ago. Right? As far as image generation. With AI, right? This is like, at least two years behind. You don’t really see this level of awfulness with words generated in AI produced images. Nobody else does it this bad anymore, and Apple is still where everyone else was, like, two or almost three years ago. It’s so bad, and you don’t have to pick that image like you can keep going. And of course, the next image didn’t have any text on it. And so he got some examples that he could use in this demonstration that he was making. But, but it’s so bad. This is so awful.
Kirk McElhearn 5:37
It looks like Apple sherlocked an app called Partiful. And if you go to the Partiful website, partiful.com I’ll put a link in the show notes. They highlight that they were a 2024, finalist for App Store, best app, or whatever Apple’s App awards are. And it’s kind of funny that Apple saw this app. Oh, this is a really great app. Can we, like, whip up something like this and get it out in February? It looks so, I mean, with all the things that Apple’s doing with AI, right, which are many of them, aren’t hitting the target, they’re coming out with something more with AI that, I mean, you can use the writing tools to make your invitation sound good. I mean, seriously, you’re inviting people to a birthday party or something. There were a number of problems. Apparently, Android users can’t view the Shared Photo Library. You can’t have multiple people as event hosts. Now, imagine you’re setting up a Christmas party at work. You might have two or three people, and you want to have them all, you know, getting the RSVPs, party planners, coordinators, right? Yeah, and right. You might have people in the company and outside, people who need to get this information if you’re doing a large event, although, if you’re doing a large event, you wouldn’t want to do this. You’d want to have some sort of a tool that’s designed for managing a large event. One of the things that surprises me the most is that this is not a free app. Now, Apple has sold apps for a long time. They got Logic Pro and Final Cut Pro, and they’ve sold other apps. This one you can only get if you subscribe to iCloud. Plus, I’ll put a link in the show notes to some articles about iCloud. Plus on the Intego Mac security blog, it starts at 99 cents a month, for which you get to increase the pull through five gigabytes iCloud storage that Apple gives you, and you get 50 gigabytes. But there, this is the first app that they’ve added to iCloud. Plus everything else is a feature more iCloud, storage, hide my email, hosting an email domain, et cetera. These are features, not separate apps, and this is an app that you can’t get for free. You got to pay a buck a month if you want this. And this just feels so cheap and nickel and dimey.
Josh Long 7:35
Yeah. I think that’s fair well, especially considering how awful the AI integrations are with this app. They just released this app. Okay, I’ll give them the benefit of the doubt. Maybe this is gonna get better. I don’t think the image generation part is gonna get better, though.
Kirk McElhearn 7:50
No, no, no, hold on. Sorry, I wanna push back there. This is a $3 trillion company. You don’t give them the benefit of the doubt when they’ve released an app that’s about as good as your average shareware app.
Josh Long 8:00
Oh, well, it’s worse, arguably, when you’re talking about the AI part of it, I’m just saying Apple released it this week. There was no beta period for it, which they usually do, you know, they usually will, will put something out there in beta. But they just kind of surprised everybody with this. So, you know, I mean, the things like, maybe this will get a little bit better, but, I mean, I’m not going to use this. I haven’t even downloaded this app yet.
Kirk McElhearn 8:22
Well, I downloaded it because I have to try it and see how it works. And I sent an invitation for this podcast to you and our producer, and you didn’t even reply because, I don’t know, not because you didn’t have the app. You would have gotten an email or a message. Did you get something? You never read your email. That’s why.
Josh Long 8:38
Actually, the reason why I didn’t know what it was that you sent me is because I have Lockdown Mode on, and Lockdown Mode blocks these invites, so all I see is a URL. It just says HTTPS, colon, slash last www.icloud.com/invite/a, bunch of gobbledygook after that. It doesn’t give me a preview. It doesn’t tell me anything about what this is. It just is a URL that I can’t even tap on to open it. So that’s all I see on my iPhone.
Apple Care Plus subscription changes
Kirk McElhearn 9:08
Okay, congratulations, Apple. I mean, you are an edge case with Lockdown Mode, but Okay, two more Apple stories before the break, and both of them are pretty short. Apple seems to be limiting Apple Care Plus to monthly subscriptions. This is a big deal. Apple only introduced monthly subscriptions a few years ago. It used to be that you would have to commit to two years up front for an iPhone and three years up front for a Mac. And it looks like you can still buy the longer subscriptions online. You can even buy a year and then renew a year. But in stores, apparently they’re only selling them as subscription services. And of course, this costs a little bit more than if you buy it for a year or two years. I mean, this makes it look like it’s less expensive. On the one hand, it also makes people keep paying after they’ve gotten rid of that iPhone and they don’t notice. They’re still paying another five or six bucks a month for Apple Care Plus a lot of people don’t realize that if you have a Apple Care Plus subscription, that’s like multiple years and you’ve sold your device, like you sell a Mac, you can contact Apple and they’ll refund you for much of the remaining period in the Apple Care Plus subscription. To be fair, I would almost rather prefer the monthly subscriptions. But like when I buy computers for my work, I I’m fine with the three years I save a little bit money. It was like 20% cheaper, 15% cheaper. Be aware that Apple has changed. That if you’re used to buying subscriptions like that, I know you never buy Apple Care Plus for anything, Josh, because you’re that guy.
Josh Long 10:40
But, well, this, this is important to know, because I think there are a lot of people who do buy Apple Care Plus, so if you want that, make sure that you buy online. And so if you want to be able to prepay, like you have been able to in the past, like that, that’s that’s the big thing that’s changed here, is no longer being able to add on the multi year option later on after purchase.
Six Colors Report Card on Apple products
Kirk McElhearn 11:04
Okay, I want to just a heads up to an article that Jason Snow has published on Six Colors. It’s been 10 years now that he’s been publishing his Six Colors report card. As he says, It’s time for our annual look back on Apple’s performance during the past year, as seen through the eyes of writers, editors, developers, podcasters and other people who spend an awful lot of time thinking about Apple. This is really interesting, because the people who are queried, I’m one of the people who’s queered in this or several dozen, are generally people who know enough about Apple to know all of their products. Maybe they don’t use them all, like not everyone uses the vision pro there are questions about developer relations, which only affects developers, but you can see the trends in the way people think about particular Apple product lines. So there’s a score for the Mac and there’s a score for the iPhone and iPad, etc. One thing that’s really striking is that the iPad score was going down gradually from 2017 and it hit 2.4 out of five in 2023 and last year went up to 3.5 that’s a huge increase, partly because so many people who answered this survey have an iPad Pro with m4 processor, like I do, or an iPad Air with an m2 processor, both of which came out last year, and this was a big update for the iPad in 2024 it’s worth a look to see that people who know a lot about Apple really like certain things and really dislike other things. All right, we’re gonna take a break. When we come back, we’re gonna have some more stories about AI and malware and more.
Voice Over 12:36
Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Download the free trial of Mac Premium Bundle X9 from intego.com today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at podcast.intego.com. That’s podcast.intego.com and click on this episode to find the special discount link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.
DeepSeek AI and privacy concerns
Kirk McElhearn 13:47
Okay, it’s time for our weekly look at AI, which we don’t do every week, but this week, it’s like, it’s like, DeepSeek everywhere I see. We’ve got several stories here about DeepSeek. So DeepSeek, if you’ve been living in a cave and haven’t heard about it is an AI tool that comes from China, which, according to the developers, cost like 110 or 1/30 the cost of what open AI costs to develop. Open AI is complaining that deep sea stole some of their data. Tiny violin here, after deep sea copied everything on the internet, there’s a couple of articles that we found that are talking about whether DeepSeek is sending your data to China. Now, TikTok is, while not completely banned, still not available on app stores in the US, because TikTok collects data and sells it to China. If you use the DeepSeek app, obviously, it’s a Chinese app and it’s going to Chinese servers. Wired has an article, deep seeks, popular AI app, is explicitly sending us data to China. I mean, Duh, of course it is. It’s a Chinese app. Where do you think the data is going? Now, they could have data centers around the world, but they don’t. Is DeepSeek lying to you about sending your data to China. You found a video on YouTube where actually. DeepSeek does lie about it, but you just have to assume that, just like Facebook collects all your data and sends it to Facebook service, DeepSeek is collecting all your data and sending it to DeepSeek service. So with any of these AI tools, you should not put any personal data into them.
Josh Long 15:15
Right. And so there’s a couple of things that I think are important to point out about this. First of all, there are a number of privacy concerns specific to the official DeepSeek app. My recommendation is not to use their app if you want to try out this new AI model. It’s not bad, and it’s at least partially open, so that other providers can give you access to the technology behind it without having to go through the app that is going to store all of your data that and all your queries in China. If that makes you uncomfortable, my recommendation is use perplexity, which has its own us hosted servers that it’s running DeepSeek on. It also will avoid some of the filtering kind of things that the official DeepSeek app does because it’s located in China, because it’s run by a Chinese company, they’re going to filter out certain queries and not allow you to ask certain questions, and you have more flexibility if you use perplexities implementation of it. So my advice is just avoid the DeepSeek official app altogether, and use perplexity instead if you really want to try out DeepSeek.
Kirk McElhearn 16:24
Okay, what’s interesting is that DeepSeek read your questions and it starts replying. And if you do this, like on the iPhone app, you’ll see, if you ask about Tiananmen Square, for instance, you’ll see it’s going to start replying, and then all of a sudden, it cuts off with a screen saying, I can’t answer this. And this suggests that the model itself has all the information to answer all the questions, that they’ve copied everything from open AI and the web and everything else, but that they’ve got a filter afterwards as the data is coming out, so not when your question goes in, but when the reply comes out. That cuts it off. And they cut off questions about Tiananmen Square with the Dalai Lama and Winnie the Pooh. If you don’t know about Winnie the Pooh in China, you should look it up. It’s kind of funny. We’re also seeing malware pretending to be DeepSeek. I’m I want to say I’m not surprised.
Josh Long 17:12
Yeah. I mean, anytime that anything is a hot news topic, people are going to be searching for it, and there’s going to be somebody who’s trying to exploit that, either to scam people or to infect them with malware. And sure enough, it didn’t take long before we started seeing versions of atomic Mac OS dealer Amos, malware that is using the deep sea logo. And there is, this is really important. There is no official Mac app for DeepSeek. So if you are getting some thing that says that it’s the DeepSeek app for Mac, it’s not. It’s probably malware, and so you should avoid it altogether. So beware of that. Remember that a lot of Amos malware comes up in search results. It’ll even show up as a Google ad at the top of Google search results that looks like it might actually come from the real company. So you have to be really, really careful with this. Now I will also say that if you’re using Intego Virus Barrier, that it does already detect these fake deep sea clones that are using Amos or other malware, some Python malware that’s also out there, we are already detecting that with Intego Virus Barrier.
Apple’s Stance on EU Porn App
Kirk McElhearn 18:28
You mentioned earlier that DeepSeek is open source, and this means that you can actually download DeepSeek. Maybe we’ll talk about in the future, about how you can install this on a Mac and run it locally. This is why you mentioned perplexity, which is one of these AI tool aggregators that offers a number of different LLMs, large language models. This is why they can run it, and they advertise this as being on us servers, so it’s not collecting data. There may be some other places where you can get access to it, but I think you just shouldn’t use any of these AI apps at all. Use the browser. It’s a lot safer. Okay, we have a story today that’s going to veer into linguistics. We’re going to link to a MacRumors article that says, Apple says it doesn’t approve of EU porn app. Is a porn app called Hot Tub that was released for the iPhone in the European Union on the AltStore, which is this third party app store. And the graphic for this says, introducing Hot Tub, the first Apple approved porn app. Apple was not happy about that. Apple came out and said, we certainly do not approve this app and would never offer it in our app store. And the developer doubled down by showing App Store Connect, which is the app that developers use when they submit an app and to get authorizations. And it says the following app has been approved for distribution, Hot Tub, video player, they’re both right and they’re both wrong. So this process occurs during what’s called notarization. When you create an app, you upload it to Apple, it verifies a few things, whether it’s got malware, whether the developer has a valid certificate, et cetera. And then Apple sends back a version of the app. A bit of code inside to say that it’s notarized, which is a really dumb word. It should just be validated or whatever, and the app is either approved or rejected. And so in this case, it is approved. Now Apple says, as I mentioned before, we certainly do not approve of this app. Approve of there is a big difference in meaning between approve and approve. Hub, so the old store people are, I don’t know. They’re kind of twisting things a little bit to say Apple approved. I think this is a bit bad faith what they’re doing. But they’re not entirely wrong.
Josh Long 20:32
Yeah. So the way that AltStore works, it basically everything that you can find in their store, they list as quote, Apple hyphen approved. That’s how they’re referring to Apple’s notarization process, right? So the exact wording is the following, app has been approved for distribution. That’s Those are the words that Apple actually uses approved for distribution, which is very different from what Apple says. That AltStore is saying, by saying by implying, that they’re approving of this app, right? So, so I get both perspectives, but in reality, really, AltStore should not be doing what they’re doing, and saying that an app is Apple approved. Literally, every app that’s in AltStore must be notarized, and so to say that it’s Apple approved implies approved of and that’s where Apple draws the line, and this whole like ethical line that AltStore has arguably crossed here, right? Because now you’ve gone from this being an app distribution platform that is safe for anyone of all ages in any country whatever, in the EU, right? Again, this version of AltStore is only available in the EU specifically because of EU laws that require Apple to allow third party app stores. Okay? So now you might run into a problem. Let’s say that you run a school IT department in the EU and maybe you had allowed AltStore to be offered on your devices that are that are in the hands of students. Well, now you’re going to have to reconsider that, because now there’s a whole category of potentially. Now there’s just one app so far, but you can imagine that other developers you’re going to want to get on board. And now AltStore is making porn apps available, and so there’s this whole potential ethical problem now that AltStore is going to have to deal with, and they’ve went, they went into this obviously, fully intentionally, and so that that’s a whole problem.
Kirk McElhearn 22:41
They wanted to get press. (Exactly.) The thing is, Josh, I’ve got a porn app on my iPhone, so do you, it’s called Safari.
Josh Long 22:47
Safari, yeah. Well, that’s the thing is, right? And I’ve seen a lot of people playing that out too well. You can use any browser to access porn. Yes, okay, fair, that’s true. However, the difference here is that Apple does allow you as a parent, right? If you’ve got kids as part of your Apple family sharing group, you can set parental controls for your kids accounts, and so it does limit the amount of content like that that they can get through the Safari browser. That doesn’t mean it completely blocks all of it, but at least it’s Apple’s best effort to block porn sites. So that’s an important point, and why. This is very different from explicitly here have a porn app.
Kirk McElhearn 23:33
Didn’t Apple ban the Tumblr app a few years ago because they host porn. It looks like in late 2021 Apple decided that Tumblr was not appropriate for the App Store, and they pointed out, you know, review guidelines and that they wouldn’t allow the app to be on the App Store. Now, this made a lot of noise at the time, and I think a lot of people have forgotten about it, but there is this line between an app that’s totally designed for porn, like Hot Tub, and something like Tumblr or even Reddit or even Twitter. I mean, Twitter has a lot of porn on it if you look for it, so it’s really hard for Apple to balance all of this.
Josh Long 24:09
In the Wikipedia article titled censorship by Apple, there’s, there’s a section about Tumblr, and it says that, yeah, this was in in late 2018 it looks like November 2018 Apple removed the Tumblr app from the App Store due to their failure to filter child pornography. This is always going to be a problem with any kind of service that allows user generated content, right, even if that service explicitly forbids content like pornography, that doesn’t mean that they’re going to catch it before somebody notices that this content actually exists and reports the app and says that this whole app is now distributing pornography or whatever.
NetGear Wi-Fi Router vulnerabilities
Kirk McElhearn 24:53
You know, what would have been better that Apple was forced to allow jailbreaking so the people who wanted to side load apps would have to go through. The process of jail breaking an iPhone, and it wouldn’t be everyone. Everyone in the EU can download this AltStore and get access to apps like this, and we’re going to see a lot more, I think. All right, it’s Wi Fi Wednesday, isn’t it? Because there is a new warning about Wi Fi router vulnerabilities, yet another one.
Josh Long 25:18
That’s right. Netgear has six different models of Wi Fi 6 access points. Three of those are in their Nighthawk pro gaming line, and these access points have apparently vulnerabilities that allow a remote, unauthenticated threat actor to exploit them for remote code execution and authentication bypass in low complexity attacks that don’t require user interaction. So this is about as serious as it gets. In other words, if your router is connected to the internet, and it happens to be one of these models that has these vulnerabilities, it may have already been hacked at this point. So Netgear, not surprisingly, strongly recommends that you download the latest firmware as soon as possible. So if you have a Netgear wireless access point or router, make sure that you check for updates and install them. If there are updates available, my recommendation actually would be reboot your router first, because a lot of times malware will not survive a reboot, and if this there’s malware that’s kind of running on your device, it’s probably a good idea to just reboot it first, to clear out whatever infection might be live in memory, then install the latest update.
iOS App Store screenshot-recording/OCR malware
Kirk McElhearn 26:39
Okay, so we’ve got one more malware story, and this just broke while we were recording actually, the Verge is reporting that iOS App Store apps have screenshot recording malware, and it looks like there are a couple of apps called we think, and any GPT that take screenshots and use OCR technology to extract text from Images, such as screenshots of crypto wallet passwords or recovery phrases.
Josh Long 27:04
There’s also a third app called come come, which is a Chinese food delivery app, and that’s this is also available on iPhone and can be installed on Mac. Two of these apps actually can be installed on a Mac that’s any GPT in come come. Be aware of of these apps, I would recommend that you don’t download them. Is so far, these are the only three apps that have been discovered to use this technology. But optical character recognition is kind of old school technology at this point, like most of the time, a lot of people just use AI for this now, where you can just take a photograph of a page, and it will immediately just give you all the text from that page. OCR goes back many generations, way back to like scanners, and it was really poor technology back then, and it’s gotten a lot better. So basically, the whole idea behind this malware, apparently, is that if you give it access to your photo library, which of course, you would have to choose to do. It can read the text out of any photos that you’ve given it access to, and presumably, then it sends that off to the developer of the app. That’s where the problem comes in, because you might have given access to photos that include things like maybe passwords or other sensitive information. So be aware of that. This is a good reminder that you should never give blanket access to all photos in your photo library. If an app requires access to your photos, give it individual access to photos so that you can choose which ones are allowed to be used in that app.
Kirk McElhearn 28:40
Okay, that’s enough for this week until next week. Josh, stay secure.
Josh Long 28:43
All right, stay secure.
Voice Over 28:46
Thanks for listening to the Intego Mac podcast. The voice of Mac security with your hosts, Kirk McElhearn and Josh Long. To get every weekly episode be sure to follow us in Apple podcasts or subscribe in your favorite podcast app, and if you can leave a rating, a like or a review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode at podcast.intego.com. The Intego website is also where to find details on the full line of Intego security and utility software. intego.com.
About Kirk McElhearn
Kirk McElhearn writes about Apple products and more on his blog Kirkville.
He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications.
Kirk has written more than two dozen books, including Take Control books about Apple’s media apps, Scrivener, and LaunchBar.
Follow him on Twitter at @mcelhearn.
View all posts by Kirk McElhearn →
