By Cody Lee on Mar 5, 2014
Popular encrypted chat app Cryptocat has launched this week for iOS. Originally available as a desktop app and a browser plugin, the app offers strong encryption and secrecy for text conversations, as well as protection from government intrusion thanks to its Swedish nuclear bunker headquarters.
This week’s iOS launch comes after an initial rejection by Apple’s app review team in December. Cryptocat’s founder Nadim Kobeissi called Apple’s reason for rejection ‘illegitimate,’ but it’s obvious someone or something had to give because the app is now available for download in the App Store… Read More
By Cody Lee on Feb 25, 2014
While the dust is far from settled on the nasty SSL bug found in iOS last week, a new security flaw in the mobile OS has been brought to light. The new flaw makes it possible for attackers to covertly log every touch a user makes, including keyboard and Touch ID presses.
Researchers at security firm FireEye made the discovery, saying in a blog post that the gap exists within iOS’ multitasking feature that allows for the background monitoring, and it can be exploited via a malicious app install or remotely via a separate app vulnerability… Read More
By Joe Rossignol on Feb 9, 2014
While multiple user account support exists on OS X and certain Android devices, the same cannot be said for iPhone. Enter GuestMode, a new jailbreak tweak by computer science graduate student Ian Burns that offers a fully customizable guest experience like none other.
Allow your kids to play games on your smartphone without accidentally calling someone, or let your friends control your music without lurking through your Facebook or Photos app. Find out how it works… Read More
By Christian Zibreg on Feb 3, 2014
An interesting finding by TechCrunch this morning that Apple has now started to reject apps which retrieve users’ Identifier for Advertisers (IDFA), but don’t show any ads. IDFA was introduced alongside iOS 6 two years ago to replace the universal device identifier (UDID) from prior iOS versions amid privacy concerns and new regulatory requirements. The company last March stopped accepting apps into the App Store that use the now defunct UDID… Read More
By Christian Zibreg on Jan 28, 2014
A report yesterday by The New York Times and other news organizations has provided yet another unsettling glimpse into the NSA’s wide-ranging surveillance practices.
The speculation, based on information from documents provided by the NSA leaker Edward Snowden, suggests that the NSA and its British counterpart GCHQ have been collecting private user data from mobile apps, in real time, as it travels across the Internet.
Profile data being collected from popular games such as Rovio’s Angry Birds typically includes age, location and gender, the allegations go. And with games that show ads, the agencies are also able to intercept users’ surprisingly detailed advertising profiles, mining it for new information… Read More
By Christian Zibreg on Jan 27, 2014
Apple has posted an update to information pertaining to national security and law enforcement orders, confirming that it’s been working closely with the White House, the U.S. Attorney General, congressional leaders, and the Department of Justice to “advocate for greater transparency with regard to the national security orders we receive”.
Apple CEO Tim Cook briefly touched on the topic in an interview with ABC’s David Muir, saying the NSA does not have access to Apple’s servers as the snooping agency would have to “cart us out in a box” for that kind of access (those are his exact words)… Read More
By Christian Zibreg on Jan 13, 2014
Perhaps realizing that apologizing isn’t a sign of weakness, Snapchat, the popular photo messaging application, took to the official blog to apologize for the spam increase observed during the weekend.
“We’ve heard some complaints over the weekend about an increase in Snap Spam on our service,” a Monday post reads. The company has tried to make peace with disgruntled users by offering a formal apology. “We want to apologize for any unwanted Snaps,” the team wrote.
The spam increase, the post claims, has nothing to do with a recent breach that saw a group of hackers breach its database and post 4.6 million user names and phone numbers on the web… Read More
By Christian Zibreg on Jan 9, 2014
Snapchat has found itself in some pretty hot water after a group of anonymous hackers on New Year’s Eve breached its database and leaked 4.6 million usernames and phone numbers on the web. The controversy wasn’t necessarily about the security breach itself, but over Snapchat’s stubborn refusal to publicly acknowledge the situation, apologize for the inconvenience and update customers on steps taken, if any, to rectify the situation.
It’s mind-boggling that Snapchat was aware of a security hole in its API for several weeks yet did absolutely nothing to plug it, an inexplicable move that has in turn allowed the hackers to successfully exploit Snapchat’s shortcomings and steal user data.
Today, the company has finally gone on the record to confirm that a new update to its Android and iOS apps improves security by letting folks opt out of the Find Friends feature which has, partially, allowed for the hack.
And although the company has yet to formally apologize for the messy handling of the situation, it now says it’s “sorry” for any problems this issue may have caused its users… Read More
By Christian Zibreg on Jan 1, 2014
You may have heard that the web is rampant with a new security scare involving a massive leak of 4.6 million Snapchat usernames and phone numbers on New Year’s Day. As you could imagine, the privacy implications of a breach that involves a service as popular as Snapchat are something of a headache.
First and foremost, the alleged hackers censored the last two digits of the phone numbers to “minimize spam and abuse”. The wording itself is disturbing as it implies that the phone numbers could be sold.
Indeed, the hackers make it clear they’re open to offering the uncensored database to third-parties such as “security researchers from around the world, professors from various universities, private investigators and attorneys”.
Say someone scanned the leaked Snapchat database and obtained your Snapchat username along with a phone number tied to your account. You should care because your phone number reveals your approximate geographical location (the country code).
More importantly, knowing your phone number allows them – “them” being nefarious users – to figure out your Facebook and Twitter profile names and/or other social media screen names, unless of course you’ve registered with these services using a different phone number.
If your Snapchat data has been hijacked and leaked on the web as part of this hack, here’s how to change your username and delete your profile along with all of the underlying data… Read More
By Christian Zibreg on Jan 1, 2014
Bad news, Snapchat fans: a group of anonymous hackers have successfully exploited a nasty security hole in the popular IM application to hijack a whopping 4.6 million usernames and phone numbers, publishing this private data on a website called SnapchatDB.info.
The circa 40MB SQL database dump (also available as a CSV file) includes phone numbers and usernames, along with the affected users’ geographical region information.
Why did they do it? The leaked private information “is being shared with the public to raise awareness” of a Snapchat API exploit they’d used for the hack.
Snapchat has been aware of the security loophole in its application since August, but did literally nothing to patch it. Is there a way to see if you’ve been affected? Yes, there is. Read on for the full reveal… Read More
By Cody Lee on Dec 31, 2013
Yesterday, a trove of secret documents was released regarding the NSA and its ongoing spying on citizens both abroad and here in the US. One of the programs mentioned, called DROPOUTJEEP, is particularly scary as it can give the Agency complete control of any iPhone.
These are some pretty serious allegations made against the NSA and maybe more-so Apple, who either has several unknown security holes in its mobile OS or is consciously giving the NSA access. Well the company just responded to these claims, and it appears to be the former… Read More
By Cody Lee on Dec 30, 2013
In June of this year, Edward Snowden shocked the world by leaking a number of slides and documents and revealing that the NSA has backdoor access to the databases of 9 major tech companies, including Apple and Facebook. But as it turns out, its access may not be limited to software.
Since Snowden’s initial outing, there has been a number of subsequent reports and leaks. And the latest to garner gasps from the security community is that the NSA has the ability to intercept the delivery of a new computer or mobile device—including iPhones—and build in a remote backdoor… Read More
By Cody Lee on Dec 17, 2013
As we reported yesterday, Tim Cook and a number of other executives from prominent tech companies met with US President Barack Obama at the White House to discuss a wide range of government and tech-related topics.
Among the topics were said to be the recent struggles with the rollout of the healthcare.gov website and privacy concerns regarding government surveillance. And this afternoon, a short video of the meeting surfaced on the web… Read More
By Cody Lee on Dec 16, 2013
The White House has announced that President Obama is scheduled to meet with a number of tech executives tomorrow to discuss a wide range of subjects. Two of the big topics on the menu are said to be the NSA and the troubled HealthCare.gov website.
In addition, the group—which includes Apple CEO Tim Cook, Twitter’s Dick Costolo, Netflix’s Reed Hastings, and Dropbox’s Drew Houston—will discuss ways the Obama administration can partner with the tech sector to create new jobs and grow the economy… Read More
By Christian Zibreg on Dec 9, 2013
The U.S. government’s mass-scale surveillance program which has compromised the security and privacy of millions of domestic and foreign online users, the secret PRISM initiative, did not sit well with Apple and other technology giants. In response to the scandalous revelations by the NSA contractor Edward Snowden that also put the blame on Silicon Valley giants for bowing to NSA’s request and providing the agency with hassle-free access to its users’ data, the iPhone maker chastised the practice and published how it handles government requests to give up private information belonging to its users.
And now, in the aftermath of the ongoing snooping scare, The Wall Street Journal is reporting that Apple along with seven other U.S. technology giants is making a joint appeal to reform government surveillance activities… Read More
By Christian Zibreg on Nov 19, 2013
Google’s nefarious overriding of both desktop and iOS Safari users’ privacy settings in order to better track their web browsing activity backfired after the United States Federal Trade Commission (FTC) in April 2012 took a long, hard look at the practice and decided to fine the search giant.
Google has previously agreed to pay $22.5 million fine to the government, with a judge approving the record-setting penalty. And now, the Internet giant will pay 37 U.S. states a cool $17 million to settle the Safari probe case… Read More
By Jeff Benjamin on Nov 12, 2013
Believe it or not, private browsing mode has many uses. My favorite reason for using the mode is when troubleshooting page issues with cookies. It’s a great way to have a “control” when comparing against a non-private browsing session.
In browsers like Chrome, private browsing mode is a cinch to enable using a simple keyboard shortcut. In Safari, there is no such built-in shortcut. Instead, you have to click on the Safari menu bar and click the Private Browsing option.
Inside, we’ll show you how easy it is to create a keyboard shortcut for quickly enabling and disabling private browsing mode in Safari. Read More
By Jeff Benjamin on Nov 11, 2013
To improve the quality and performance of its iOS devices, Apple routinely collects diagnostic and usage information from customer’s iPhones and iPads. Diagnostic data includes information about system performance, such as the popular low memory warnings, and other details about your specific device and OS specifications.
End users have the option of sharing this information automatically with Apple, but it can also be turned off. You’ve probably all seen the option during the initial setup of your iOS device to automatically send diagnostic and usage data to Apple.
Inside, we’ll show you where you can go to view your device’s logged diagnostic data, and manage how it is used. We’ll also show you how to completely remove the diagnostic logs from your device. Read More
By Christian Zibreg on Nov 6, 2013
Though I’ve been syncing my Safari web passwords lately using the new iOS 7 password-syncing feature called iCloud Keychain, I’m still a 1Password type of guy, mainly as iCloud Keychain doesn’t support secure notes, tagging, folders and what not.
That said, I understand AgileBit’s password manager may not be everyone’s cup of tea due to its high asking price ($17.99 for the iPhone/iPad app, plus an additional $49.99 for 1Password for Mac).
But there are other password managers out there and one of them called LastPass is free and has just received a nice little makeover for iOS 7… Read More
By Cody Lee on Nov 5, 2013
Apple has issued a public report this afternoon entitled ‘Report on Government Information Requests.’ The piece details the number and types of requests it receives from governments around the world for user and device information.
The company said it considers it a responsibility to provide its users with “the best privacy protections available,” and that it has published the report “in the interest of transparency for our customers around the world.” More after the fold… Read More