|
oh ok lmao, Apple snubbed my security report. visionOS's security model is so confusing to me bc 2D apps aren't allowed to see eye movements+hands bc typing/hover is sensitive right? But Persona broadcasts all of that to any app that asks incl during password boxes. 6 comments
I can kinda get where they're coming from bc like, someone pointing a webcam at their hands typing a password isn't a vuln, but idk I still think they should identity pose the eyes and hide hands during a password box at *least* lol but yeah I only found this bc I was trying to find other places that Apple turns off Persona, like they do for immersive mode. Apparently password boxes were not one of those places @ShinyQuagsire if you’d like please send that FB number to me and I’ll see what happened to that / whether I can get more traction on it. I agree that this isn’t the best we can do |
Gregory's Server
intended behavior apparently, idfgi