Sequoia Finally Addresses Notification Center Privacy
The privacy implications of Notification Center popups are well-known in the security forensics community. Whether a user likes it or not, macOS temporarily keeps a log of every notification received in a single plaintext database. This can include messages from applications like iMessage, Slack, Teams, and virtually anything else.
However, it now appears Apple has moved the Notification Center database in macOS Sequoia to address concerns.
They’re moving it from the temporary items folder to a group container, which will be protected by TCC.
Previously:
2 Comments RSS · Twitter · Mastodon
July 16, 2024 6:28 AM
Damn. I used sqlite3 to read 2FA codes from chat.db and copy them to the clipboard for use in Firefox. Will have to work around this… hope that Full Disk Access will work in this case.
