
apple taps Apple’s privacy story is under fresh scrutiny in the latest Security Bite podcast, where host Arin Waichulis speaks with Talal from Mysk about how the App Store can log every tap you make, why some researchers are publicly stepping away from Apple’s bug bounty program, and what a new free tool called Loupe reveals about the data iOS APIs can expose. The episode centers on a familiar Apple debate: how much the company protects users, and how much information its ecosystem still surfaces behind the scenes.
apple taps
What the episode covers
The discussion revisits Mysk’s work on Apple privacy and security, including a broken TCC bug demo referenced in the show notes. TCC, or Transparency, Consent, and Control, is Apple’s permissions framework on iPhone and iPad. The podcast episode uses that context to explore how Apple’s systems behave in practice, and why researchers believe the company’s platform can still reveal more than many users would expect.
According to the episode description, the conversation focuses on three main topics:
- how and why the App Store logs every tap a user makes
- why researchers are publicly walking away from Apple’s bug bounty program
- Loupe, Mysk’s new free and open-source app that shows what iOS APIs are sharing
The App Store tap logging question
The headline claim in the episode is that the App Store logs every tap a user makes. The source material does not provide a technical breakdown in the post itself, but it makes clear that the discussion is about visibility into user interactions and what Apple can see through its own software and services. For privacy-conscious users, that framing raises a broader concern: even when a device feels tightly locked down, the operating system and the apps bundled with it may still collect detailed behavioral signals.
The episode does not say that Apple is uniquely doing something outside industry norms; rather, it highlights how much interaction data can exist inside a system that many people assume is mostly private by design. That tension between user expectation and platform reality has long been central to Apple privacy reporting.
Researchers and the bug bounty program
Another theme in the episode is the growing frustration among security researchers with Apple’s bug bounty program. The source says Talal and Arin discuss why researchers are “publicly walking away” from the program, but it does not spell out the specific reasons in the post itself. Even so, the topic points to a recurring issue in security research: whether vendor bounty programs provide enough transparency, compensation, and practical impact to justify the time required to find and report vulnerabilities.
Apple has positioned itself as a company that values privacy and security, but the relationship between the company and independent researchers can still be complicated. When experts step back from bounty participation, it often signals a breakdown in trust, incentive, or recognition. In this case, the episode treats that development as part of the larger security conversation around Apple’s ecosystem.
Loupe: a new open-source privacy tool
The episode also highlights Loupe, described in the source material as Mysk’s new free and open-source app. Its purpose is straightforward: it shows users exactly what iOS APIs are sharing about them. That makes Loupe less of a conventional consumer app and more of a transparency tool, aimed at helping people understand the data flows inside Apple’s mobile platform.
Because the app is free and open source, it may appeal to users who want a closer look at what their devices reveal under the hood. The podcast description does not include a feature list beyond that, but the premise alone suggests a practical privacy lesson: users often need external tools to see the full scope of what their platform is exposing.
Why this episode matters
Security podcasts often work best when they turn abstract platform policy into something concrete. This episode seems to do exactly that. Instead of discussing privacy as a slogan, it focuses on observable behavior, researcher friction, and tooling that helps users inspect their own devices. That combination makes the discussion relevant to both everyday iPhone users and people who follow Apple security more closely.
For Apple, the timing is notable. The company has spent years building its reputation around privacy as a product feature. But episodes like this one underscore a persistent challenge: even when a platform is secure in many respects, questions remain about what the company records, what third-party researchers can verify, and how transparent the system is to the people using it.
Key takeaways from the episode
- The podcast says the App Store logs every tap a user makes.
- Mysk is using the episode to discuss researcher concerns about Apple’s bug bounty program.
- Loupe is presented as a free, open-source app that surfaces what iOS APIs share.
- The conversation builds on Mysk’s previous privacy and security demonstrations, including a broken TCC bug demo.
9to5Mac’s Security Bite continues to serve as a forum for Apple security issues that are technical, practical, and often controversial. This episode, with Talal from Mysk back on the show, reinforces a theme that keeps resurfacing across the Apple ecosystem: users want devices that are private by default, but researchers keep finding reasons to ask what the system is still watching.
Explore more: Blog Our Services Contact Us
Source: Original report
Was this helpful?
Last Modified: July 16, 2026 at 6:38 pm
0 views
