Apple Intelligence, Apple’s newest AI product, is designed to enhance productivity with AI while maintaining Apple's focus on user experience and privacy, often highlighting its use of localized models as a key advantage. But how well do these assurances hold up under scrutiny? While Apple emphasizes privacy as a core principle, my findings challenge some of these claims, illustrating the importance of scrutinizing AI-driven assistants before widespread adoption. In this talk, we take a closer look at the data flows within Apple Intelligence, examining how it interacts with user data and the potential security and privacy risks that come with it. Using traffic analysis and OS inspection techniques, we explore what information is accessed, how it moves through the system, and where it gets transmitted. Our findings challenge common security assumptions of Apple, revealing unexpected behaviors and data leaks. From encrypted traffic to data leakage concerns, this presentation will provide practical insights for users and security professionals alike.

DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
5.4K views

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
11.1K views

DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
8.5K views

DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
3.6K views

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
5.4K views

DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
6.4K views