Shortly before The Verge published its review of the Apple Vision Pro, I put it on to sit for some photos. The review unit had been fitted for our editor-in-chief Nilay Patel, but I’d worn it a few times as a guest and had a surprisingly good experience. That afternoon, though, I foolishly decided to skip the typical guest setup, which involves about a minute of calibration for the Vision Pro’s eye-tracking cameras. I put the thing on, and it didn’t work at all.
Technology
Why does Apple make it so hard to share the Vision Pro?
/cdn.vox-cdn.com/uploads/chorus_asset/file/25255207/246965_vision_pro_VPavic_0081.jpg?ssl=1 "Why does Apple make it so hard to share the Vision Pro?")
The Vision Pro’s cameras, I quickly realized, were expecting somebody else’s eyes. The cursor darted around wildly or refused to move. It wasn’t an unexpected outcome, but it drove home an inconvenient fact: not only would I need to go through the setup again, I’d need to do it every time I wanted to use the headset.
As The Verge has covered the Vision Pro’s release, we’ve run into multiple ways that Apple hamstrings device sharing, from not supporting multiple accounts to making the process of buying extra parts a pain. This isn’t just a computer you use alone, it’s apparently one you own alone — for reasons that seem unnecessary at best and user-unfriendly at worst.
Despite its solitary reputation, the Vision Pro has obvious multiuser appeal
To set the stage here, I want to make a slightly counterintuitive claim: the Vision Pro, despite its solitary reputation, feels built for sharing. In its bulky, expensive first-generation form, it isn’t something most people will want to wear or carry around all day. Its clearest use is either as a special-purpose tool for tasks like 3D design, or as a personal entertainment device, like a virtual TV set-top box or game console. These are exactly the kinds of products that might often be used by one person at a time, but tend to be owned across a household — or workplace — and frequently passed around.
The Vision Pro’s hardware facilitates this surprisingly well. Unlike some VR headsets, the device’s Solo Knit Band is adjusted with a single simple-to-use dial; there’s no need to change the sizing by readjusting awkward velcro straps. Changing the bands is also easy, if needed. It requires a light seal that’s fitted to your face — and there are a whopping 17 possible sizes — but that’s attached with a simple-to-swap magnetic snap. There’s even a simple biometric login option: the face-tracking cameras mounted inside.
It’s easy to imagine a world where this translates into making the Vision Pro more valuable as a multiuser device. Like a lot of people, I tend to share electronics — my criteria for a good entertainment device include whether my husband will use it, too. I don’t see myself wearing the Vision Pro all day for work, but I could imagine putting one on for a couple of hours to play VR / AR games, then handing it off so he can watch TV on a virtual big screen after I fall asleep. Yet the Vision Pro feels designed to undermine that fantasy at every turn.
The most obvious problem is the lack of multiple accounts or profiles. The Vision Pro allows precisely one person to have a permanent account tied to their Apple ID. That’s similar to the iPad and iPhone, but unlike nearly every other computing device in my household, from my Android phone to my MacBook to my husband’s humble Nintendo Switch. Even the Meta Quest system, which tied hardware to personal Facebook or Meta logins a few years ago, lets you swap between up to four accounts!
On the iPhone, the single-user setup is annoying for privacy and customization reasons, but makes a good deal of sense. The lack of multiple user support on the iPad makes far less sense — we have complained about it for years — but at least some iPads are relatively inexpensive.
This headset is $3,499 and only one person in a household can use it fully
The Vision Pro is $3,499 and only one person in your household can ever use it fully, which makes no sense at all. The privacy issues are technically there on the Vision Pro — letting anyone else use it without setting restrictions in guest mode grants them access to everything you’ve got on the headset, including your messages. But as my experience demonstrates, they may not even be able to use it well enough to get that far. You can start a guest session by holding the Vision Pro’s left-side hardware button for four seconds, but you can’t store a second user’s information so they can log in quickly next time without calibration. Basically, imagine if every time you passed an iPad to somebody else in your family, they had to spend a minute poking colored dots.
Then there’s the matter of getting an extra light seal. As I mentioned, I felt fine using a Vision Pro not fitted for me, but others have had problems. Verge product manager Parker Ortolani, for instance, found the Vision Pro with Nilay’s seal size too small and said it leaked light into his eyes. An extra seal costs $199, and you can only buy it one of two ways: ordering online and scanning your face with a Face ID-equipped iOS device, or going in person to an Apple Store and getting a scan done there. Verge video director Owen Grove tried the latter, and his experience wasn’t great.
“I needed to set up an appointment for [a] demo I didn’t want to just buy an extra light seal,” Owen told me. He’d called beforehand to confirm the seals’ availability, only to discover after the half-hour demo that most were sold out, including his size, which the store told him to buy online instead. In general, not being able to simply buy a few different sizes and figure out what works best is inherently limiting for a single user — and makes it almost impossible to share with a few people in a family or workplace.
Things get even more complicated if one or more potential users wears glasses, although this feels like more of an inherent inconvenience than a deliberate roadblock. The Vision Pro uses Zeiss-made prescription lens inserts, which require initial pairing with a passcode stored in Apple’s Health app or a physical card. On the bright side, the interface lets you store multiple lens pairings, so it doesn’t seem like you have to do this every time.
Some of these annoyances might get ironed out over time, as Apple has removed other awkward Vision Pro design quirks with software updates. The company is clearly trying to familiarize people with a new class of computer, and right now that means controlling the experience as closely as possible. If the Vision Pro sees any level of success, things like the demo requirement could fade away. Apple may roll out more options specifically for business or education customers, too, like the Shared iPad feature that allows for some multiuser support.
But Apple has also held fast to the idea that its devices are made for just one person, and with the Vision Pro, it can enforce that idea in ways it couldn’t before. Even as the hardware gets cheaper and more streamlined, it could easily insist on a fundamentally single-user experience — and that’s a shame, when the Vision Pro seems built for so much more.
Continue Reading
Ring’s partnership with Flock is sparking renewed online backlash this week, with influencers calling for people to smash their Ring cameras and claiming the company is part of the surveillance state amid heightened concerns over ICE actions.
Flock is an AI-powered surveillance camera company that has reportedly allowed government agencies — including ICE — to access data from its nationwide camera network. Amazon-owned home security company Ring announced a partnership with Flock last year as part of its new Community Requests tool. This allows local law enforcement agencies to request footage from nearby Ring users when investigating an active case.
“Ring has no partnership with ICE … and does not share video with them.”
According to reporting from Futurism, activists are pushing a grassroots campaign across social media, including TikTok and Bluesky, telling Ring users to get rid of their cameras to prevent footage from being used by ICE. However, Ring spokesperson Yassi Yarger told The Verge in an email that “Ring has no partnership with ICE, does not give ICE videos, feeds, or back-end access, and does not share video with them.”
Yarger also said that the Flock integration in question, which was announced last October, is not yet live. Meaning Flock does not have access to Community Requests.
“As we explore the integration, we will ensure the feature is built for the use of local public safety agencies only — which is what the program is designed for,” she said. According to Ring’s support site, local agencies are limited to city and county organizations.
Still, once footage is in the hands of local authorities, it’s out of Ring’s control. Ring founder Jamie Siminoff has told The Verge that he believes widespread cameras can prevent crime. But once deployed, the potential for such a large-scale local surveillance system to be used for other purposes is very real.
Since returning to the company last year, Siminoff has leaned into his belief that more cameras lead to safer communities, launching Community Requests last September.
This is essentially a rebrand of Ring’s controversial Request for Assistance feature, which was discontinued in 2024. Only, instead of direct partnerships with law enforcement, Community Requests works through integrations with “third-party evidence management platforms,” such as Flock and Axon, a Taser and body-cam company.
Any local agency partnered with either company can request users’ footage through the Ring’s apps. According to Yarger, currently, only the Axon partnership is live.
According to Ring, Community Requests sends a request from the local agency to both the Ring Neighbors app and the Ring app’s Community Feed. The request appears to all users in the area of an active investigation, and a user can choose to share footage or ignore the request. Ring says no one will be notified if you ignore a request.
How to disable Community Requests and enable E2E
If you don’t want to participate in Community Requests, you can disable it in the Ring or Neighbors app. Go to the app’s settings page, find the Neighbors Settings, then scroll down to Neighborhood Settings, click Feed Settings, uncheck Community Requests, and click Apply.
However, Ring — like many security camera companies — may provide footage to law enforcement without a warrant in what it deems an emergency.
To prevent anyone from accessing your Ring footage, you can enable end-to-end encryption (E2E) in the Ring app.
While your footage is still stored in Ring’s cloud, with E2E turned on, only the mobile device you set up the camera with can view the video; it cannot be accessed by Ring or used for Community Requests.
Enabling E2E means you lose several features, including person detection, rich notifications that show a snapshot of activity, and Ring’s new AI-powered descriptions, all of which rely on the cloud.
While most cloud-based security cameras encrypt footage in transit and at rest, they need to access it in the cloud to analyze it and enable those features.
Alternatives to cloud-dependent cameras
If you want to avoid cloud-dependent cameras entirely, there are several other options for keeping your camera footage private and secure.
As mentioned, Ring cameras use the cloud to process footage for features like person detection; however, some security cameras can process video locally and fully encrypt it before sending it to the cloud. Generally, this requires a hub to process the footage.
If you are an iPhone user, Apple’s HomeKit Secure Video service is fully E2E encrypted. Video analysis is done locally on a home hub, such as a HomePod or Apple TV, and stored in your iCloud account. It requires compatible cameras, including models from Eve, Aqara, and Eufy.
Anker-owned Eufy is another company that offers local storage and video processing for its wide selection of cameras and video doorbells. The company had some serious security breaches involving the cloud in 2022, but its newer HomeBase hardware can run locally.
TP-Link’s Tapo, Aqara, and Reolink recently launched local hubs for storage and processing of footage from their cameras, and these companies also offer cameras and video doorbells with onboard local processing and local storage via microSD cards.
The new Matter standard now supports security cameras, which could open more options for local, secure storage and processing of camera footage.
Ultimately, any camera connected to the internet comes with the risk that it could be accessed by someone other than you, no matter what the company says. So it remains important to think carefully before adding any type of surveillance to your home or your neighborhood.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
NEWYou can now listen to Fox News articles!
Online shopping feels familiar and fast, but a hidden threat continues to operate behind the scenes.
Researchers are tracking a long-running web skimming campaign that targets businesses connected to major payment networks. Web skimming is a technique where criminals secretly add malicious code to checkout pages so they can steal payment details as shoppers type them in.
These attacks work quietly inside the browser and often leave no obvious signs. Most victims only discover the problem after unauthorized charges appear on their statements.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
WHATSAPP WEB MALWARE SPREADS BANKING TROJAN AUTOMATICALLY
Web skimming attacks hide inside checkout pages and steal card details as shoppers type them in. (Kurt “CyberGuy” Knutsson)
What Magecart is and why it matters
Magecart is the name researchers use for groups that specialize in web-skimming attacks. These attacks focus on online stores where shoppers enter payment details during checkout. Instead of hacking banks or card networks directly, attackers slip malicious code into a store’s checkout page. That code is written in JavaScript, which is a common type of website code used to make pages interactive. Legitimate sites use it for things like forms, buttons and payment processing.
In Magecart attacks, criminals abuse that same code to secretly copy card numbers, expiration dates, security codes and billing details as shoppers type them in. The checkout still works, and the purchase goes through, so there is no obvious warning sign. Magecart originally described attacks against Magento-based online stores. Today, the term applies to web-skimming campaigns across many e-commerce platforms and payment systems.
Which payment providers are being targeted?
Researchers say this campaign targets merchants tied to several major payment networks, including:
- American Express
- Diners Club
- Discover, a subsidiary of Capital One
- JCB Co., Ltd.
- Mastercard
- UnionPay
Large enterprises that rely on these payment providers face a higher risk due to complex websites and third-party integrations.
700CREDIT DATA BREACH EXPOSES SSNS OF 5.8M CONSUMERS
Criminals use hidden code to copy payment data while the purchase still goes through normally. (Kurt “CyberGuy” Knutsson)
How attackers slip skimmers into checkout pages
Attackers usually enter through weak points that are easy to overlook. Common entry paths include vulnerable third-party scripts, outdated plugins and unpatched content management systems. Once inside, they inject JavaScript directly into the checkout flow. The skimmer monitors form fields tied to card data and personal details, then quietly sends that information to attacker-controlled servers.
Why web skimming attacks are hard to detect
To avoid detection, the malicious JavaScript is heavily obfuscated. Some versions can remove themselves when they detect an admin session, which makes inspections appear clean. Researchers also found the campaign uses bulletproof hosting. These hosting providers ignore abuse reports and takedown requests, giving attackers a stable environment to operate. Because web skimmers run inside the browser, they can bypass many server-side fraud controls used by merchants and payment providers.
Who Magecart web skimming attacks affect most
Magecart campaigns impact three groups at the same time:
- Shoppers who unknowingly give up card data
- Merchants whose checkout pages are compromised
- Payment providers that detect fraud after the damage is done
This shared exposure makes detection slower and response more difficult.
NEW MALWARE CAN READ YOUR CHATS AND STEAL YOUR MONEY
Simple protections like virtual cards and transaction alerts can limit damage and expose fraud faster. (Kurt “CyberGuy” Knutsson)
How to stay safe as a shopper
While shoppers cannot fix compromised checkout pages, a few smart habits can reduce exposure, limit how stolen data is used, and help catch fraud faster.
1) Use virtual or single-use cards
Virtual and single-use cards are digital card numbers that link to your real credit or debit account without exposing the actual number. They work like a normal card at checkout, but add an extra layer of protection. Most people already have access to them through services they use every day, including:
Major banks and credit card issuers that offer virtual card numbers inside their apps
Mobile wallet apps like Apple Pay and Google Pay generate temporary card numbers for online purchases, keeping your real card number hidden.
Some payment apps and browser tools that create one-time or merchant-locked card numbers
A single-use card typically works for one purchase or expires shortly after use. A virtual card can stay active for one store and be paused or deleted later. If a web skimming attack captures one of these numbers, attackers usually cannot reuse it elsewhere or run up repeat charges, which limits financial damage and makes fraud easier to stop.
2) Turn on transaction alerts
Transaction alerts notify you the moment your card is used, even for small purchases. If web skimming leads to fraud, these alerts can expose unauthorized charges quickly and give you a chance to freeze the card before losses grow. For example, a $2 test charge on your card can signal fraud before larger purchases appear.
3) Lock down financial accounts
Use strong, unique passwords for banking and card portals to reduce the risk of account takeover. A password manager helps generate and store them securely.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
4) Install strong antivirus software
Strong antivirus software can block connections to malicious domains used to collect skimmed data and warn you about unsafe websites.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
5) Use a data removal service
Data removal services can reduce how much personal information is exposed online, making it harder for criminals to pair stolen card data with full identity details.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Watch for unexpected card activity
Review statements regularly, even for small charges, since attackers often test stolen cards with low-value transactions.
Kurt’s key takeaways
Magecart web skimming shows how attackers can exploit trusted checkout pages without disrupting the shopping experience. While consumers cannot fix compromised sites, simple safeguards can reduce risk and help catch fraud early. Online payments rely on trust, but this campaign shows why that trust should always be paired with caution.
Does knowing how web skimming works make you rethink how safe online checkout really is? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
Around 800 artists, writers, actors, and musicians signed on to a new campaign against what they call “theft at a grand scale” by AI companies. The signatories of the campaign — called “Stealing Isn’t Innovation” — include authors George Saunders and Jodi Picoult, actors Cate Blanchett and Scarlett Johansson, and musicians like the band R.E.M., Billy Corgan, and The Roots.
“Driven by fierce competition for leadership in the new GenAI technology, profit-hungry technology companies, including those among the richest in the world as well as private equity-backed ventures, have copied a massive amount of creative content online without authorization or payment to those who created it,” a press release reads. “This illegal intellectual property grab fosters an information ecosystem dominated by misinformation, deepfakes, and a vapid artificial avalanche of low-quality materials [‘AI slop’], risking AI model collapse and directly threatening America’s AI superiority and international competitiveness.”
The advocacy effort is from the Human Artistry Campaign, a group of organizations including the Recording Industry Association of America (RIAA), professional sports players unions, and performers unions like SAG-AFTRA. The Stealing Isn’t Innovation campaign messages will appear in full-page ads in news outlets and on social media. Specifically, the campaign calls for licensing agreements and “a healthy enforcement environment,” along with the right for artists to opt out of their work being used to train generative AI.
On the federal level, President Donald Trump and his tech industry allies have been attempting to control how states regulate AI and punish those that try. At the industry level, tech companies and rights owners who were once on opposing sides are increasingly cutting licensing deals that allow AI companies to use protected work — licensing content appears to be a solution both parties can live with, at least for now. Major record labels, for example, have now partnered with AI music startups to provide their catalogues for AI remixing and model training. Digital publishers, some of which have sued AI companies training on their work, have backed a licensing standard that outlets can use to block their content from surfacing in AI search results. Some outlets have signed individual deals with tech companies that allow AI chatbots to surface news content (Disclosure: Vox Media, The Verge’s parent company, has a licensing deal with OpenAI.)
San Francisco, CA35 seconds ago
Clock runs out: San Francisco Centre to close Monday
Dallas, TX7 minutes ago
Young hockey star chases 2026 Olympic dreams
Miami, FL13 minutes ago
Miami-Dade Sheriff releases bodycam and surveillance video of deadly Walmart shooting involving alleged shoplifter
Boston, MA19 minutes ago
Bruins strike early, hold off Golden Knights 4-3 for 9th win in 11 games
Denver, CO25 minutes ago
Broncos DC Vance Joseph on offenses attacking with TEs: ‘Been that way for two years’
Florida1 year ago
Florida High School Football Rankings: Top 25 teams – Oct. 21
Connecticut2 years ago
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
Oregon2 years ago
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
Virginia1 year ago
99th annual Pony Swim held in Virginia
Indiana1 year ago
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Politics8 hours ago
White House explains bruise on Trump’s hand
World9 hours ago
NATO allies unaware of Greenland deal details so far, says Spanish FM Albares
News10 hours ago
Magistrate judge rejects charges against Don Lemon over anti-ICE protest in Minnesota church
Videos15 hours ago
Davos: GOP senator describes the mood during Trump’s speech
Politics20 hours ago
Judge rules NYC’s lone Republican congressional district unconstitutional, orders redraw
-
Sports4 days agoMiami’s Carson Beck turns heads with stunning admission about attending classes as college athlete
-
Illinois15 hours agoIllinois school closings tomorrow: How to check if your school is closed due to extreme cold
-
Detroit, MI1 week agoSchool Closings: List of closures across metro Detroit
-
Pittsburg, PA4 days agoSean McDermott Should Be Steelers Next Head Coach
-
Lifestyle1 week agoJulio Iglesias accused of sexual assault as Spanish prosecutors study the allegations
-
Education1 week ago
How a Syrian Hiking Club Is Rediscovering the Country
-
Sports3 days agoMiami star throws punch at Indiana player after national championship loss
-
Lifestyle4 days agoNick Fuentes & Andrew Tate Party to Kanye’s Banned ‘Heil Hitler’