This week on the Lock and Code podcast…

In January, Google settled a lawsuit that pricked up a few ears: It agreed to pay $68 million to a wide array of people who sued the company together, alleging that Google’s voice-activated smart assistant had secretly recorded their conversations, which were then sent to advertisers to target them with promotions.

Google denied any admission of wrongdoing in the settlement agreement, but the fact stands that one of the largest phone makers in the world decided to forego a trial against some potentially explosive surveillance allegations. It’s a decision that the public has already seen in the past, when Apple agreed to pay $95 million last year to settle similar legal claims against its smart assistant, Siri.

Back-to-back, the stories raise a question that just seems to never go away: Are our phones listening to us?

This week, on the Lock and Code podcast with host David Ruiz, we revisit an episode from last year in which we tried to find the answer. In speaking to Electronic Frontier Foundation Staff Technologist Lena Cohen about mobile tracking overall, it becomes clear that, even if our phones aren’t literally listening to our conversations, the devices are stuffed with so many novel forms of surveillance that we need not say something out loud to be predictably targeted with ads for it.

“Companies are collecting so much information about us and in such covert ways that it really feels like they’re listening to us.”

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

---

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

Apple's 2026 has already brought us the AirTag 2 and a new Creator Studio app subscription aimed at independent content creators, but nothing so far for the company's main product families.

That could change soon, according to reporting from Bloomberg's Mark Gurman. New versions of Apple's low-end iPhone, the basic iPad and iPad Air, and the higher-end MacBook Pros are said to be coming "imminently," "soon," and "shortly," respectively, ahead of planned updates later in the year for the iPad mini, Studio Display, and other Mac models.

Here's what we think we know about the hardware that's coming.

Read full article

Comments

© Samuel Axon

404Media is reporting that the FBI could not access a reporter’s iPhone because it had Lockdown Mode enabled:

The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device.

“Because the iPhone was in Lockdown mode, CART could not extract that device,” the court record reads, referring to the FBI’s Computer Analysis Response Team, a unit focused on performing forensic analyses of seized devices. The document is written by the government, and is opposing the return of Natanson’s devices.

The FBI raided Natanson’s home as part of its investigation into government contractor Aurelio Perez-Lugones, who is charged with, among other things, retention of national defense information. The government believes Perez-Lugones was a source of Natanson’s, and provided her with various pieces of classified information. While executing a search warrant for his mobile phone, investigators reviewed Signal messages between Pere-Lugones and the reporter, the Department of Justice previously said.

There is very little functional difference between iOS and Android these days. The systems could integrate quite well if it weren't for the way companies prioritize lock-in over compatibility. At least in the realm of file sharing, Google is working to fix that. After adding basic AirDrop support to Pixel 10 devices last year, the company says we can look forward to seeing it on many more phones this year.

At present, the only Android phones that can initiate an AirDrop session with Apple devices are Google's latest Pixel 10 devices. When Google announced this upgrade, it vaguely suggested that more developments would come, and it now looks like we'll see more AirDrop support soon.

According to Android Authority, Google is planning a big AirDrop expansion in 2026. During an event at the company's Taipei office, Eric Kay, Google's VP of engineering for Android, laid out the path ahead.

Read full article

Comments

© Ryan Whitwam

The iPhone is going orbital, and this time it will be allowed to hang around for a while.

On Wednesday night, NASA Administrator Jared Isaacman revealed that the Crew-12 and Artemis II astronauts will be allowed to bring iPhones and other modern smartphones into orbit and beyond.

"NASA astronauts will soon fly with the latest smartphones, beginning with Crew-12 and Artemis II," Isaacman wrote on X. "We are giving our crews the tools to capture special moments for their families and share inspiring images and video with the world."

Read full article

Comments

© Apple

The FBI has been unable to access a Washington Post reporter's seized iPhone because it was in Lockdown Mode, a sometimes overlooked feature that makes iPhones broadly more secure, according to recently filed court records. 404Media: The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as part of an investigation into leaks of classified information. It also provides rare insight into the apparent effectiveness of Lockdown Mode, or at least how effective it might be before the FBI may try other techniques to access the device. "Because the iPhone was in Lockdown mode, CART could not extract that device," the court record reads, referring to the FBI's Computer Analysis Response Team, a unit focused on performing forensic analyses of seized devices. The document is written by the government, and is opposing the return of Natanson's devices. The FBI raided Natanson's home as part of its investigation into government contractor Aurelio Perez-Lugones, who is charged with, among other things, retention of national defense information. The government believes Perez-Lugones was a source of Natanson's, and provided her with various pieces of classified information. While executing a search warrant for his mobile phone, investigators reviewed Signal messages between Pere-Lugones and the reporter, the Department of Justice previously said.

Read more of this story at Slashdot.

Apple posted its biggest quarter ever, with iPhone revenue hitting a record ~$85.3 billion and Services climbing 14% to ~$30 billion. Total revenue reached nearly $143.76 billion. "The demand for iPhone was simply staggering," CEO Tim Cook said on a conference call discussing the results. "This is the strongest iPhone lineup we've ever had and by far the most popular."

Read more of this story at Slashdot.

New phone designs, coupled with robust holiday spending, continued to lift iPhone sales in the quarter and drove the company to record profits.

© Lucia Vazquez for The New York Times

Apple sold seven of the ten best-selling smartphones globally in 2025, a lopsided dominance that underscores how thoroughly the company controls the premium end of the mobile market. The iPhone 16 was the single best-selling phone worldwide, and Apple's presence extended all the way down to the tenth spot where the iPhone 16e -- its newest budget-friendly option -- found consistent demand in Japan and the U.S., according to Counterpoint. Samsung accounted for the remaining three positions, led by the Galaxy A16 5G as the best-selling Android device of the year. The Galaxy S25 Ultra also made the cut, marking the second straight year a Samsung flagship cracked the top ten. Together these ten phones from just two companies represented 19% of all smartphones sold during the year, continuing a four-year streak of Apple-Samsung exclusivity at the top.

Read more of this story at Slashdot.

John Ternus, a low-profile but influential executive at Apple, could be next in line to replace the company’s longtime chief executive, Tim Cook, if he steps aside.

© Photo Illustration by Klawe Rzeczy; Source Photographs by George Etheredge for The New York Times; Juan Arredondo for The New York Times; Amy Osborne for The New York Times; Lucia Vazquez for The New York Times; Jim Wilson/The New York Times; Shutterstock

A non-Japanese-speaking first-time visitor used Apple’s new in-ear translation feature to connect with locals at bars, sushi classes and even a fire ritual.

© Wenjia Tang

Last week on Malwarebytes Labs:

• Be careful responding to unexpected job interviews
• Your passport, now on your iPhone. Helpful or risky?
• 1 million victims, 17,500 fake sites: Google takes on toll-fee scammers
• Are you paying more than other people? NY cracks down on surveillance pricing
• We opened a fake invoice and fell down a retro XWorm-shaped wormhole
• Phishing emails disguised as spam filter alerts are stealing logins
• Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild
• How Malwarebytes stops the ransomware attack that most security software can’t see
• Samsung zero-day lets attackers take over your phone
• How credentials get stolen in seconds, even with a script-kiddie-level phish
• Stolen iPhones are locked tight, until scammers phish your Apple ID credentials
• Fantasy Hub is spyware for rent—complete with fake app kits and support
• Watch out for Walmart gift card scams

Stay safe!

---

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

One of the reassuring things about owning an iPhone was knowing you could lock it if it got lost or stolen. Without your passcode, fingerprint or face to unlock it, it would be useless to anyone else.

Now, though, some phone thieves have found a workaround, not by breaking Apple’s security, but by tricking owners into giving them the keys.

The Swiss National Cyber Security Centre (NCSC) has issued a warning about phishing scams targeting iPhone owners who’ve lost their devices.

Phishing for Apple ID credentials

When you report an iPhone as lost in Apple’s Find My app, you can set a custom lock-screen message that appears on the missing device. Many people include an email address or phone number in that message so a helpful stranger can contact them if the phone turns up.

Unfortunately, that’s the very information scammers use to reach you. A thief (or anyone who now has the phone) can see that contact detail on the screen and send you a convincing message—usually by text, iMessage, or email—claiming to have found your device.

The scam messages often include details copied from the phone itself, such as its model and color, to make it sound authentic. It also includes a link to a fake website that mimics the Find My service that Apple operates to locate lost devices. The site will ask for the victim’s Apple ID credentials.

If the victim takes the bait, the thief can use those credentials to gain full access to the phone. That enables them to wipe it, returning it to factory settings for resale.

Although the NCSC didn’t say so, an enterprising thief could get up to all kinds of other shenanigans. They might reset the user’s Apple ID to lock them out—even on a replacement device, access their photos (yes, including any risqué ones), read their emails and nose through their apps. In short, it would give them carte blanche to your digital life.

These attacks don’t have to happen immediately. The perpetrators might text months after the device has been lost, when victims might have moved on and lowered their guard.

The good news… and the bad

The warning is both good and bad news. It’s good news because it shows that criminals are apparently unable to bypass Apple’s Activation Lock protection through technical means. The Activation Lock, turned on when you activate Find My, registers a device ID on Apple’s activation servers. Even if the criminals reset your device, the activation lock will still be there. Only someone with the user’s Apple ID credentials can unlock it. It’s a version of something called Factory Reset Protection (FRP) that the US mandated under the US Smart Phone Theft Prevention Act of 2015. Android phones have similar lock functionality.

The warning is bad news because phone owners are human, and humans are often the easiest security system to defeat. Phishing schemes that target phone theft victims are big business. Back in 2017, security reporter Brian Krebs documented “phishing as a service” platforms that did it at scale, on a subscription basis. Vice found toolkits like ProKit for phishing to unlock phones on sale for around $75.

We’ve already written about how the phone theft industry operates. Police in the UK recently uncovered a network stealing up to 40,000 phones per year. Most were shipped overseas to countries including China, where they would be used as profitably as possible. Locked phones might be broken up for parts, but a phone restored to factory settings that can be activated from scratch is far more valuable.

What to do if your iPhone is stolen

Ignore any messages from “Apple” claiming your lost phone has been found. The NCSC says Apple will never text or email customers about a recovered device.

If you lose your phone, turn on Lost Mode right away in Find My to lock it and display your contact message. Use a different contact number or email (not the one linked to your Apple ID or main phone) so scammers can’t use that information to target you.

Protect your SIM, too: enable PIN protection immediately, and ask your carrier to block or replace the SIM if the phone has been stolen.

We can’t easily stop thieves stealing people’s phones, or control who sees our phones after they leave our hands. But a little forethought now can help you to stop criminals from accessing your digital life or selling your phone on in its current form if it does enter the underground supply chain.

---

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!