All I can imagine is that Apple’s work on the USB Restricted Mode vulnerability in iOS and iPadOS uncovered another vulnerability in the core code shared by all of Apple’s operating systems. Without release notes that at least hint at the severity of this vulnerability, the unusual manner in which these were released is the only basis for recommending an immediate update. There’s no need to drop everything, but install these updates sooner rather than later.
There’s another possibility. These updates may include the encryption back door demanded by the UK government.
Security officials in the United Kingdom have demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud, people familiar with the matter told The Washington Post. The British government’s undisclosed order, issued last month, requires blanket capability to view fully encrypted material, not merely assistance in cracking a specific account, and has no known precedent in major democracies…
…Following the passing of the revised act, the new demand was reportedly issued to Apple in January 2025. Apple now has the right to make an appeal to a secret technical panel, and a judge. Significantly, however, the law does not allow Apple to delay complying with the order while the appeal is ongoing.
Would the British back door need to be installed on individual devices? If it is intended to access data stored in the cloud, it seems to me, keeping in mind I am not a data center expert or a cryptologist, that the back door would be implemented at server farms.
If Apple has the keys to decrypt cloud storage, then they don’t need to do anything to comply with the law. And it’s my understanding that Apple already does this in order to comply with valid court orders/warrants.
But the UK wants access to anything saved with end-to-end encryption - content to which nobody (not even Apple) can access without an authorized device.
Most people (and I) believe that the only kind of “back door” that Apple could implement to accomplish that would be to disable end-to-end encryption altogether. Some pundits have suggested that it may be disabled for UK users, but as others have pointed out, the UK’s is demanding access to all iPhones worldwide.
If Apple is dumb enough to even consider complying with this order, then there will be no privacy on any Apple device ever again and we should all quickly install third-party encryption software before it gets banned from the App Store.
I would assume it would have to be, at the very least for those folks who have already switched on Advanced Data Protection since Apple has no key to any of that encrypted data on their end.
That said, I cannot imagine Apple would do something like that. Complying with that order in that way potentially breaks encryption for everybody and thus violates their on-device privacy core tenant. If they cannot somehow ‘reason’ with the UK on this, I would expect to see them rather give up iCloud encryption for UK users entirely before weakening it for everybody else.
If you prefer to keep Apple Intelligence off, make sure to check that switch after this update. Apparently, Apple is once again flicking it back on with this “security update”.
System Settings > Apple Intelligence & Siri
The new welcome screen also lacks the “Set Up Later” option, effectively forcing install.
Leads me to doubt how convinced users are with Apple’s AI efforts if Apple needs to force and/or trick them into turning the service on.
I had that thought as I was installing 15.3.1 too. … However, although the UK law prohibits Apple from saying they added a backdoor for the UK, my understanding is that Apple would violate US law (and, presumably, EU law) if they were to add a backdoor and then falsely state that Advanced Data Protection for iCloud is end-to-end encrypted such that nobody else can access the data.
I have a website monitoring service setup to monitor the following pages:
How to turn on Advanced Data Protection for iCloud (“If you choose to enable Advanced Data Protection, the majority of your iCloud data — including iCloud Backup, Photos, Notes, and more — is protected using end-to-end encryption. No one else can access your end-to-end encrypted data, not even Apple, and this data remains secure even in the case of a data breach in the cloud.”)
iCloud data security overview (“If you choose to enable Advanced Data Protection, your trusted devices retain sole access to the encryption keys for the majority of your iCloud data, thereby protecting it using end-to-end encryption. … End-to-end encrypted data can be decrypted only on your trusted devices where you’re signed in to your Apple Account. No one else can access your end-to-end encrypted data — not even Apple — and this data remains secure even in the case of a data breach in the cloud.”)
Advanced Data Protection for iCloud (“When a user turns on Advanced Data Protection, their trusted devices retain sole access to the encryption keys for the majority of their iCloud data, thereby protecting it with end-to-end encryption . For users who turn on Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises from 14 to 23 and includes iCloud Backup, Photos, Notes, and more.”)
My assumption is that Apple would have to update those pages before adding a backdoor for Advanced Data Protection for iCloud for users in the United States and, presumably, the European Union and certain other countries.
That said, the UK order is yet another reason to use 1Password, Bitwarden, Strongbox, or KeePassium (or some other reputable password manager) instead of Apple’s Passwords app.
To be fair, Apple has released security or bug fix updates within days of a previous update on several occasions. It doesn’t happen often, not because it isn’t possible, but because the situation has to warrant it (the bug is serious, the security vulnerability is a bad zero-day, etc).
I thought my parenthetical remarks were being fair, and my entire remark being fair to imply it was unlikely the updates included the hack that the British want.
And in bonus fairness, neither of the updates enabled “Apple Intelligence” here, but that is now being reported by MacWorld and MacInTouch.
Fair enough. I just wanted to make sure Apple wasn’t being criticized for not releasing updates quickly when it was warranted. If anything, I suspect these updates are at least indirectly related to the USB Restricted Mode vulnerability fixed in iOS 18.3.1, and while it can be annoying to have yet another update to install, it’s evidence that Apple is serious about releasing important updates quickly.
My impression is that neither large corporations nor large bureaucracies tend to turn on a dime. Although members of each of those two groups seem to expect the other group to do so. Apple, in this case, has acted in a commendably timely fashion.
I suspect Apple lawyers will be up late for weeks/months over the UK situation. ;~}
Installed macOS 15.3.1 in the wee hours this morning and discovered an anomaly in Finder
When Date Added column is displayed “Aug 16, 1970” is indicated for many, if not all items
In one folder containing 1817 folders, nested within the Documents directory, everything “modified” on or before Jan 3, 2025 show as “added” Aug 16, 1950. Later dates mostly correspond with their “Date Modified”
In /Documents ALL top level entries show “added” Aug 16, 1950 regardless of Date Modified (ranging from 2019-2025)
In Applications all third party apps display “Today at 01:16” (viz., time of installing 15.3.1) whereas Apple apps are indicated as Feb 4, 2025 (date I first fired up my mac Mini 2024)
It didn’t mess with items on locally connected USB HDD folders, nor on my Synology NAS
I am not. But it sounds like a corrupted Spotlight database for that volume. Rather than repeat it all here, I’ll point you to a recent thread that discussed various ways of rebuilding the Spotlight database.
The TLDR summary is: use the Terminal command mdutil -E /
… only had a few minutes to tinker with it: scanned thru the “recent thread” (Trouble ejecting external drives) link and used one of Apple’s prescribed procedures to reindex Spotlight (viz., System Settings > Spotlight > Search Privacy… > (add, then remove, Macintosh HD)
After confirming Spotlight was, indeed, “indexing” I let it cook for seven+ hours
… alas, the Date Added anomaly persists in the previously sampled directories
I also passed it along to Apple via Feedback Assistant
When I get more time, I’ll give some of the other ‘Spotlight’ methods a try (e.g., the Terminal command you recommended.
I updated both of my Macs to OS 15.3.1, and so far, all is well. I do not store anything in the cloud (nor anywhere else outside of my Macs/external devices), so do not have to worry about that UK “edict”. Also, I did turn off AI (thanks Simon for the reminder!),
Am pleased that Apple typically acts quickly with Security Updates. And for OS 15.3, so pleased they fixed the replicator, so that bootable backups are alive and well again, at least via SuperDuper!.
Not seeing this either. But I use EasyFind, instead of Spotlight, for my searches. Excellent product, by the way!
BTW Jeff, did you just update your Mac from OS 15.3 to OS 15.3.1, or did you do a clean installation? I just did an update on both of my Macs (M1 Mac Mini, and M3 MacBook Air).
I checked objects (files and folders) in ~/Documents on my MacStudio. The earliest date for them is April 18, 2022, the date I migrated my system to my current Mac. Other dates are scattered over the length of my Mac Ownership.
As I recall, the ‘Date Added’ field was not visible until recent years, and then only on files downloaded from the Internet.So, I suspect that the field for your files has been unfilled, and a default date was added to the system update.
I just wanted to make sure Apple wasn’t being criticized for not releasing updates quickly when it was warranted. If anything, I suspect these updates are at least indirectly related to the USB Restricted Mode vulnerability fixed in iOS 18.3.1, and while it can be annoying to have yet another update to install, it’s evidence that Apple is serious about releasing important updates quickly.