Presented at
DEF CON 33 (2025),
Aug. 9, 2025, 10 a.m.
(45 minutes).
Apple Intelligence, Apple’s newest AI product, is designed to enhance productivity with AI while maintaining Apple's focus on user experience and privacy, often highlighting its use of localized models as a key advantage. But how well do these assurances hold up under scrutiny? While Apple emphasizes privacy as a core principle, my findings challenge some of these claims, illustrating the importance of scrutinizing AI-driven assistants before widespread adoption.
In this talk, we take a closer look at the data flows within Apple Intelligence, examining how it interacts with user data and the potential security and privacy risks that come with it. Using traffic analysis and OS inspection techniques, we explore what information is accessed, how it moves through the system, and where it gets transmitted. Our findings challenge common security assumptions of Apple, revealing unexpected behaviors and data leaks. From encrypted traffic to data leakage concerns, this presentation will provide practical insights for users and security professionals alike.
Presenters:
-
Yoav Magid
Yoav Magid is a security researcher at Lumia Security, where his work centers on AI security. Yoav’s other topics of interest are social engineering and embedded operating systems. With a solid foundation in cybersecurity, Yoav holds a B.Sc. in Computer Science and is currently preparing to pursue an MBA.
Bringing over seven years of cyber security experience, he has honed his skills in embedded research and programming, tackling real-world challenges in high-stakes environments. Yoav also founded a large-scale LGBTQIA+ Employee Resource Group (ERG) that fosters international collaboration and support in his last organization.
Similar Presentations: