Hey when I search for app that is hide. it shows the information in the app like a phone number I try everything I talk to two agents I’m not the only one who has this problem can you guy please fix up Siri suggested thank you

I’ve come to discover over the course of three weeks of trying to gain access to my original iTunes account that because of the old security protocols I cannot get access to my music. Apple has said there is no way to access that data without being able to send a reset to the old deleted email attached to that data. That said Cox deleted all of my emails when they migrated over to yahoo so I cannot send an email to reset password to gain access and Apple does not have a protocol in place even though it’s very clear. The current account is linked to the old account. Any of your developers out there have an idea on how I can get past this because the birthdate and the username are not matching up to what they should be. Appreciate your brain muscle guys. It’s a lifetime of music.

Hi All, I have a finder sync extension that passes data back to my main app. It currently writes to a plist file in my group container folder. Since updating to macOS 15, I have been getting this pop-up every time I trigger this writing to the plist after the finder sync extension loads. This is how I write to the plist from my finder sync extension: let appGroupDefaults = UserDefaults(suiteName: "group.team_id.Finder-Sync-Extension-Test-Project") let items = FIFinderSyncController.default().selectedItemURLs() DispatchQueue.main.async { let url = items?.first?.absoluteString var file = items?.first?.lastPathComponent if let defaults = appGroupDefaults{ defaults.set(url, forKey: "targetURL") defaults.synchronize() } self.showWindow(with: NSExtensionContext()) } This is how I read the plist from my main app: if let defaults = UserDefaults(suiteName: "group.team_id.Finder-Sync-Extension-Test-Project") { defaults.synchronize() if let clickedUrl = defaults.string(forKey: "targetURL") { window = NSWindow(contentRect: NSScreen.main?.frame ?? .zero, styleMask: [.miniaturizable, .closable, .resizable, .titled], backing: .buffered, defer: false) window?.title = "My App" window?.makeKeyAndOrderFront(nil) textField.stringValue = clickedUrl window?.contentView?.addSubview(textField) } } It is fine if this popup happens once and the user's choice gets remembered. I just don't want it to happen every time. Any help on if this is the correct way to pass data between the finder sync extension and the main app or on how to get macOS to remember the choice of the user would be great. Thanks, James

Hi, I've recently tested my custom AuthorizationPlugin on macOS 15 (Sequoia) and I'm seeing a significant change in rendering (or precisely not rendering) the control returned by my SFAuthorizationPluginView's subclass' viewForType method comparing to macOS 14. (I developed and tested my solution on macOS 14 earlier this year). I use SFAuthorizationPluginView to present a NSView (Custom view) which contains a NSSecureTextField and a NSImageView. I show my custom plugin after the user successfully entered username and password (or only the password if the List of Users is configured in System Settings) into the builtin fields provided by loginwindow:login, so injecting my plugin:mechanism pair into the system.login.console after loginwindow:success. (I need to run my mechanism after builtin:authenticate,privileged since my plugin relies on the authentication result coming from my custom PAM module). This setup now however doesn't seem to be working: after entering the (username and) password, the circular spinner appears and my NSView never gets rendered. I've found a workaround to place my plugin:mechanism pair after loginwindow:done, so in the end of the whole authorization chain. I tried to run the good old NameAndPassword bundle, injecting it into the place of the loginwindow:login. Controls are being rendered correctly, but if I place it even right after loginwindow:login it doesn't get rendered as my custom plugin. Is anybody aware if there's anything has intentionally been changed in macOS 15? Or may it be a bug? I guess the original intention of the SFAuthorizationPluginView class was to overwrite/redefine the UI instead of the builtin username + password field, so if I look at it that way it's expected that the view it contains only gets rendered if we use it instead of loginwindow:login. On the other hand this hasn't been the case until now. Thanks for any help!

I am writing SwiftData app, using a group container. When editing a SwiftUI file, every couple of seconds a dialog - that the app wants to access data from other apps - pops up. It is impossible to edit a view file while Canvas preview is open. If preview is resumed the dialog has to be confirmed twice. Each time the app is started from Xcode, the dialog has to be confirmed again. Any idea, how to stop these boring dialogs?

Hi everyone, I’m developing a health-related mobile app and considering using EAS Update to deliver over-the-air (OTA) updates for JavaScript code and assets. Before implementing this, I want to ensure that this approach complies with Apple App Store policies, especially given the sensitivity of health-related apps. Here are my concerns: Does using EAS Update (OTA) align with Apple’s guidelines regarding app updates and dynamic behavior changes? Are there specific rules or restrictions for health apps using OTA updates that I should be cautious of? Could this approach be flagged as violating Apple’s policies on app integrity, especially those requiring updates to go through the App Store review process? I’d greatly appreciate any insights, advice, or references to Apple’s official documentation regarding OTA updates for apps distributed through the App Store. Thanks in advance for your help!

I'm facing a bug about App Tracking Transparency permission, my app still shows this permission popup before, and that version was still working fine. I don't understand why today it doesn't show the permission popup anymore, is anyone else having the same problem?

In one of our applications we use LAContext's evaluatePolicy:localizedReason:reply: to authenticate a user. This works pretty well with both username/password and Touch ID. Now we have a request to add support for smart cards and I wonder if this is possible using LAContext. Otherwise I would use Authentication Services, although that might be a bit overkill since we don't need to request any rights, we just want to see that the user has been successfully authenticated. Or is there a better way? Any help would be greatly appreciated. Thanks, Marc

Hello. I am trying to give an update to my app but it again and again gets rejected due to the ATT Prompt. Before this late week I gave the update and it got live without any issue. Now I done some minor changes in the App. Apple Response. The app uses the AppTrackingTransparency framework, but we are unable to locate the App Tracking Transparency permission request when reviewed on iPadOS 18.2. Next Steps Explain where we can find the App Tracking Transparency permission request in the app. The request should appear before any data is collected that could be used to track the user. If App Tracking Transparency is implemented but the permission request is not appearing on devices running the latest operating system, review the available documentation and confirm App Tracking Transparency has been correctly implemented. If your app does not track users, update your app privacy information in App Store Connect to not declare tracking. You must have the Account Holder or Admin role to update app privacy information. My Response: Hello Apple Team Thank you for your feedback. We have tested the app on iPadOS 18.2, also on iPhone 18.1 and the App Tracking Transparency dialogue is appearing as expected on the main home screen when the user enters the app. To help demonstrate this, we’ve attached a video showing the ATT prompt in action. If there is still an issue with the dialogue or if it needs to be placed in a different position, we kindly request your guidance on what needs to be adjusted. Please let us know the details so we can address it promptly. Thank you for your support "I uploaded a video with images showcasing the ATT prompt but now again they rejected the update with the exact same reply. Which I am thinking it may be a bot reply. Now what to do how to solve it?

Hi! I've just opened Xcode and found that I can't build my app anymore. The error was about signing. Basically, there's no team in my account. Also, I've found that all my certificates have been revoked! I created my dev account a month ago and released only one macOS app. It's SecFolder (it's not self-promotion!!!). App not even in the App Store. I planned to self-distribute it. I'm in a little shock right now since I've just launched and had my first users. And of course, my app is now gone from their Macs, screaming "malware" popup in their faces now :( Since my app is all about paranoia security, this is basically a death sentence for my project... Could someone with experience in the Apple dev ecosystem help me understand what might have gone wrong? Why might Apple think that my app is malware or something? P.S. My app is about Advanced File Access Control for macOS. It gives user complete control over which applications can access specified by user files and folders

Friday we were preparing to publish our final build in TestFlight. Our developer informed me that the account holder had to agree to new terms and agreements. I am the sole user of this account, and tried to login (1 week ago I was still able to login). To my surprise I got the notification “account locked”, ”you need to reset your password”. I followed the required step: filling in the phone number on file (which is my phone number). After filling this in the page informed me that they’d get back to me in 1 day. On Saturday I received an email from no_reply@apple with the following “We have received the request for access to your account and we have denied access.” There was no further information in the email why this would be. I tried Apple support but they tell me they can not reactivate the account and I should apply for a new Apple ID. This sounds really strange as it would mean I would lose access to our currently published application forever? But in general I am just shocked how they can deny access to an account, which is even a paid one (Developer Program), and not help me out. I am able to supply all identification (passport). I have access to the email that we use to login. I have access to the mobile phone number that is connected for exactly this reason (two factor authentication). Anyone with similar experience and/or solutions?

I'm currently working on a project in Swift where I need to digitally sign a PDF file. I have the following resources available: Private Key stored in the iOS Keychain with a tag. Public Key also stored in the iOS Keychain with a tag. A valid certificate stored as a PEM string. I need to digitally sign a PDF file with the above keys and certificate, but I'm struggling to find a clear and straightforward example or guidance on how to achieve this in Swift. Specifically, I’m looking for help with: Creating the digital signature using the private key and certificate. Embedding this signature into the PDF file. Any considerations I should be aware of regarding the format of the signed PDF (e.g., CMS, PKCS7, etc.). If anyone has experience with digitally signing PDFs in Swift, I would greatly appreciate your guidance or code examples. Thank you in advance!

Hi everyone, I'm encountering an issue where the background location indicator remains visible on the status bar even though I have set the location permissions to Never for my app in the system settings. Despite taking all the necessary steps to stop location tracking (including stopping updates, geofencing, and other location-related services), the indicator still appears. This seems to be a bug since everything has been turned off on my end. Here’s what I’ve already tried: Setting location permissions to Never in the settings. Stopping startUpdatingLocation(), stopMonitoringSignificantLocationChanges(), and geofencing (using locationManager.stopMonitoringRegions()). Calling locationManager.showsBackgroundLocationIndicator = false. Ensuring that the CLLocationManager is fully invalidated. Despite all of this, the background location indicator still remains in the status bar. I’ve tested it on real devices, as well as in the simulator, with no improvement. Has anyone experienced something similar, or can suggest why this might be happening? Could this be related to an iOS 18+ issue? Any insights or guidance would be greatly appreciated.

我配置了 DKIM 和 amazon 的默认 spf。但无法使用 Amazon Send 获取电子邮件，则可以发送配置的单个电子邮件

I'm using the following code to store a Keychain item: SecAccessControlCreateWithFlags( kCFAllocatorDefault, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, .biometryAny, &error ) One of my app users reported an issue: 1. The user navigated to his iPhone’s Face ID settings and click `Reset Face ID`. 2. Then, before he set new Face ID, he accidentally tapped the "Back" button and returned to the iPhone Settings page. 3. He later reopened the Face ID setup page and completed the process. 4. Upon returning to my app, the Keychain item secured by Face ID was no longer found. I understand that .biometryAny may cause Keychain items to become invalidated when biometric data is reset. However, the user’s scenario — where the setup was temporarily interrupted — seems to have caused the item to disappear. 1. Is there a way to detect and handle such interruptions to prevent the Keychain item from being lost? 2. How can I design a better experience to guide the user in recreating the Keychain item when this occurs?

To apply for NFC & SE Platform entitlement, I need to provide information regarding licensed applets and TSM. However, I currently lack background knowledge in these areas. Could you provide me with an overview or examples of what licensed applets and TSM entail?

I am using SFAuthorizationPluginView in my Security agent plugin. My code expects that its willActivate method be called. With normal screensaver unlock, this works fine. However if I enter an invalid password, then enter the correct password, I never get the willActivate call. I have reproduced this with Quinn's LoginUIAuthPlugin from the QAuthPlugins example code. My mechanisms look like this with LoginUIAuthPlugin: mechanisms HyprAuthPlugin:invoke builtin:authenticate,privileged PKINITMechanism:auth,privileged LoginUIAuthPlugin:login CryptoTokenKit:login I would like to be able to get my plugin working properly when the user had previously entered an invalid password.

iOS 18.2 (22C152) My phone is currently on lockdown mode and I have gotten alerts from Experian that my information is on the dark web as well as having to reset all my accounts. However this has not fixed the issue. Even if I hard factory reset settings etc the root makes its way very shortly after, if not immediately. Though I recently got these notifications and purchased the phone in Feb. 2024 the has been an ongoing issue for a few years. I can elaborate if needed. To make it short I have a reinstalled root on my phone. Apple nor Spectrum (who I have my phone with) have been able to assist with this issue. I have been able to clarify this ”hijacking” with the Geek Squad who didn’t want their legal team involved when asking for a report so the PD can do an internal cyber investigation. So, I’ve just lived with it. Let me know what your thoughts to resolve this issue would be before spending thousands to find a resolution on my own. Side note before asked: what I’ve been told may be it’s ”gateway” is via “DNS hijacking” with WiFi or internally hotspot. I can also elaborate if needed-I’m not a web developer, however I do know where this issue stems from whom has their masters in such industry as well as 30 years experience. It’s annoying and inconvenient at this point and I’m looking for clarity, resolution and if no justice for the criminal then liability. thank you! please refrain from saying “APpLe CaNt bE hiJaCked“ ..

Hello, I'm developing a Command Line Tool in XCode, in order to capture system audio and save it to a file, which will then be used by a separate process. Everything works perfectly when running it from either XCode or the native terminal application (see image below), but as soon as I try to run it from any 3rd party application, it doesn't ask for permissions to record sound, and the resultant file ends up soundless. When archiving it and then running it from other 3rd party applications, e.g Warp (terminal) or spawning it as a child process from a bundled Electron application, it doesn't ask for permissions. Things of note: I've codesigned the application with "Developer ID Application" I've added NSAudioCaptureUsageDescriptionto Info.plist I've included Info.plist in the binary (see image below) I've added the com.apple.security.device.audio-input entitlement I've used the following resources as inspiration: https://github.com/insidegui/AudioCap https://developer.apple.com/documentation/coreaudio/capturing-system-audio-with-core-audio-taps As my use-case involves spawning the executable from Electron as a child process, I've tried to include the appropriate permissions to the parent application too, without success. I'm really at a loss here, it feels like I've tried everything. Any pointers are much appreciated! Thanks

I've tried all kinds of ways to get a SecKeyRef from the .p8 file I downloaded from my App Store Connect account. The key itself looks OK, as openssl gives this result: openssl asn1parse -in 359UpAdminKey.p8 0:d=0 hl=3 l= 147 cons: SEQUENCE 3:d=1 hl=2 l= 1 prim: INTEGER :00 6:d=1 hl=2 l= 19 cons: SEQUENCE 8:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 17:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 27:d=1 hl=2 l= 121 prim: OCTET STRING [HEX DUMP]:30... My method for creating the key is: '- (SecKeyRef)privateKeyFromP8:(NSURL *)p8FileURL error:(NSError **)error { // Read the .p8 file NSData *p8Data = [NSData dataWithContentsOfURL:p8FileURL options:0 error:error]; if (!p8Data) { return NULL; } // Convert P8 to base64 string, removing header/footer NSString *p8String = [[NSString alloc] initWithData:p8Data encoding:NSUTF8StringEncoding]; NSArray *lines = [p8String componentsSeparatedByString:@"\n"]; NSMutableString *base64String = [NSMutableString string]; for (NSString *line in lines) { if (![line containsString:@"PRIVATE KEY"]) { [base64String appendString:line]; } } // Decode base64 to raw key data NSData *keyData = [[NSData alloc] initWithBase64EncodedString:base64String options:0]; if (!keyData) { if (error) { *error = [NSError errorWithDomain:@"P8ImportError" code:1 userInfo:@{NSLocalizedDescriptionKey: @"Failed to decode base64 data"}]; } return NULL; } // Set up key parameters NSDictionary *attributes = @{ (__bridge NSString *)kSecAttrKeyType: (__bridge NSString *)kSecAttrKeyTypeECSECPrimeRandom, (__bridge NSString *)kSecAttrKeyClass: (__bridge NSString *)kSecAttrKeyClassPrivate, (__bridge NSString *)kSecAttrKeySizeInBits: @256 }; // Create SecKeyRef from the raw key data CFErrorRef keyError = NULL; SecKeyRef privateKey = SecKeyCreateWithData((__bridge CFDataRef)p8Data, (__bridge CFDictionaryRef)attributes, &keyError); if (!privateKey && keyError) { *error = (__bridge_transfer NSError *)keyError; NSError *bridgeError = (__bridge NSError *)keyError; if (error) { *error = bridgeError; // Pass the bridged error back to the caller } NSLog(@"Key Error: %@", bridgeError.localizedDescription); } return privateKey; } ` I get this error from SecKeyCreateWithData The operation couldn’t be completed. (OSStatus error -50 - EC private key creation from data failed) Filed a DTS incident, but they won't be back until after the New Year. I've tried all kinds of things. Various AI chatbots, etc. Nothing seems to be working. I'm sure the problem is something elementary, but have spent hours on this with no luck. Help, please.