A newly disclosed privacy vulnerability in Apple’s Hide My Email feature can reportedly allow an attacker to uncover the real email address behind a generated alias. According to the researcher who found the bug, it was responsibly disclosed to Apple more than a year ago but remains unpatched, and independent testing has verified the issue.
You must log in or register to comment.
I use DuckDuckGo’s email hiding service. I have had sites reject signing up with a @duck.com email address. So services will definitely move to block Apple’s new subdomain only for aliased email addresses.
This is a good write up. Thanks for sharing. I use “hide my email” sometimes and it’s important to know that it’s possible to find the real address behind it.


