Huge 1Password update brings lots of changes

By Christian Zibreg on May 13, 2013

1Password is something of a hit with some members of the iDB team. Though I can obviously speak for myself only, I happen to know Jeff is a fan so it goes without saying we’re both pretty excited about today’s update.

The new 1Password version 4.2, now available as a free download to registered users, comes with a whole bunch of changes. For starters, it’s got an optimized in-app web browser that on iPad includes the Strong Password Generator capability.

The improved browser can automatically submit passwords after using AutoFill for login items and now also recognizes a URL in the clipboard and offers to open it for you. That’s just scratching the surface, go past the fold for the full changelog… Read More

 

German court says Apple’s customer data-sharing policies violate privacy laws

By Cody Lee on May 7, 2013

While Apple has been praised for its security efforts in iOS, it does not get the same applause for its privacy policies. The company is currently involved in a US-based lawsuit over its information-sharing practices, and today, a German court ruled against it.

This morning, the Berlin Regional Court in Germany ruled that Apple’s sharing of customer data violates its privacy laws. It said that Apple cannot request “global consent” for use of a customer’s data without telling them where and how the data will be used… Read More

 

CEO defends against Path spamming allegations

By Christian Zibreg on May 6, 2013

The Path controversy just wouldn’t die down. Last week, the private social network has gotten itself in hot water (again) by spamming users’ address book contacts with unwanted robocalls and texts, sometimes even after they uninstalled the software from their devices.

It’s a feature rather than a bug, but Path’s poorly designed sign-up process tricked unsuspecting users – the types who don’t read on-screen prompts carefully – into inadvertently mass-inviting their friends to Path.

And because Path taps extra carrier services, text messages would get turned to landlines into phone calls. None of this seems to aggravate Path CEO Dave Morin, who is a former Facebook employee.

He insisted Monday that Path does not spam users and argued his service never sent mass communication without your consent. “Any allegations to the contrary are false,” Morin said… Read More

 

Path updated with enhanced privacy features and more

By Cody Lee on May 4, 2013

Attention Path users: the personal social network has just released a new version of its iOS app. The update brings the application to version 3.0.4, and includes enhanced privacy features, as well as other improvements and bug fixes.

The fact that it includes new privacy tools is particularly interesting, given that Path spent most of this past week dealing with privacy concerns after a user accused its app of ‘erroneously’ sending text messages to all of his contacts…

Read More

 

Trust Twitter and Google, not Apple, to protect you from government data demands

By Christian Zibreg on May 1, 2013

Well, this is certainly noteworthy. According to the third annual report by the Electronic Frontier Foundation (EFF) titled “Who Has Your Back?”, gadget giant Apple along with carriers AT&T and Verizon, Google’s rival Yahoo and the forgotten social network MySpace all are very likely to give in to Uncle Sam’s data demands.

Specifically, Apple and Yahoo scored one out of six possible stars, with Verizon and Yahoo rather ingloriously earning zero stars each. These companies’ weak safeguard implementation does little to circumvent data demands and protect your private information from the government’s prying eyes.

Whereas Apple and Yahoo only fight for users’ privacy rights in Congress, companies like Google, LinkedIn, Microsoft and Dropbox go to great lengths to ensure privacy of your data, earning four out of six stars each… Read More

 

Mailbox app security fail exposes your contacts, attachments and email messages

By Christian Zibreg on Apr 24, 2013

Orchestra’s Mailbox has quickly become my default iPhone email application. As you know, Mailbox offloads backend email management to the cloud so the thin client running on your device can let you zip through your inbox at a rapid pace while rethinking the workflow with abilities such as snoozing individual messages as if they were reminders and more. So is there anything not to like about Mailbox?

Apparently there is. According to one app developer, a database Mailbox maintains on your device is unsecured, potentially exposing your contacts, attachments and message contents to anyone who has physical access to your device, using just a simple file transfer tool like iExplorer or DiskAidRead More

 

Apple confirms Siri remembers your data for two years

By Christian Zibreg on Apr 19, 2013

Apple has finally disclosed how long Siri keeps your personalized data collected and stored on its servers whenever you pick up your iPhone and ask her a question. In a new report published Friday, an Apple representative was quoted confirming the company keeps Siri data stored in the  cloud for two years.

Watchers often express concern over digital voice assistants such as Siri because they store users’ voice clips, opening door to a potential privacy nightmare should this private data ever be compromised. Apple on its part argues it stores anonymized data, and for two years only. Other companies that collect data from users, such as the Internet giant Google and industries like telecommunications, have similar data retention policies in place… Read More

 

Apple moves age ratings atop App Store pages

By Christian Zibreg on Apr 4, 2013

Following a series of privacy-related kerfuffles related to Apple’s App Store, objectionable content and unauthorized or unintentional in-app purchases, the company has been gradually rolling out the enhancements designed to protect users from unwanted costs, pornography and other objectionable content. The latest tweak involves app pages viewed on iDevices.

Going forward, age ratings are displayed more prominently, right below the app’s description when browsing the App Store on the iPhone, iPod touch and iPad devices… Read More

 

Major security hole compromises your Apple ID, enable two-step verification now

By Christian Zibreg on Mar 22, 2013

The Verge claims to have discovered a major security hole which allows attackers to reset your Apple ID password using only your email address and date of birth. Yes, you read that right. The scary part is that it doesn’t take a genius to harvest these two pieces of information from Google and your social media accounts or by analyzing your online identity per se.

Exploiting the vulnerability basically lets attackers take over your Apple ID account, and with it all your purchases, iTunes credits, email messages, contacts, your Photo Stream and pretty much any personal data residing up in the Apple cloud.

Apple’s iForgot page went down “due to maintenance” shortly after the incident, presumably to prevent exploits until Apple plugs the security hole. Conveniently enough, the company just recently rolled out a new (and way overdue) two-step verification process to protect your Apple ID using not only your password, but also by tapping your trusted devices and a recovery key.

With this exploit making the headlines, you should enable two-step verification now (Cody has a timely tutorial on that)… Read More

 

iOS 6.1.3 reportedly introduces another Lock screen vulnerability

By Christian Zibreg on Mar 20, 2013

Apple yesterday let iOS 6.1.3 out of the gate, fixing the widely reported Lock screen vulnerability. As you’re probably aware, the glitch was first detailed a month ago and lets people with access to your iPhone, iPad or iPod touch easily bypass your passcode and mess with your private data on the device. But as is often the case, new software releases fix old bugs and introduce new ones to be squashed in the future.

A report Wednesday claims an all-new Lock screen vulnerability has been discovered in iOS 6.1.3, one making it easy to – you guessed right – bypass one’s passcode and gain access to an unsuspecting user’s contacts and photos kept on the device. Luckily, this one can be avoided easily by disabling the Voice Dial feature… Read More

 

EU watchdog tightens privacy rules governing mobile apps

By Christian Zibreg on Mar 14, 2013

The Article 29, a watchdog comprised of the European Union’s top privacy protection groups, today issued a set of new recommendations aimed at app developers and tech giants that run the mobile application stores in the latest attempt to bring order to how your apps handle your private information.

The new set of more detailed recommendations arrives following the recent EU probe into the privacy practices of Google and other tech firms.

The United States Federal Trade Commission set out a similar set of guidelines last month so EU’s new recommendations could have serious ramifications on how Apple’s App Store, Google’s Play Store and other application stores operate… Read More

 

Apple opposes iPhone tracking class-action bid as ‘desperate’

By Ed Sutherland on Mar 1, 2013

Apple is once again in U.S. District Court, attempting to derail a lawsuit claiming apps for the iPhone and iPad collected location data and other personal information without explicit permission from users. Responding Thursday to an effort by plaintiffs’ attorneys to classify the lawsuit a class action, Apple’s legal team argued no harm was suffered and suggested the call for class action status is a “desperate attempt” to collect legal fees… Read More

 

New document shows extent of the government’s ability to search your iPhone

By Cody Lee on Feb 27, 2013

A new document, submitted to court in connection with a drug investigation, has been discovered that provides a rare look at the amount of data the government can pull from a seized iPhone using advanced forensic tools.

Of course, we all know that phone searches are a common law enforcement tool. But up until now, we’ve mostly been in the dark regarding what information the government can grab with this invasive search technique… Read More

 

FTC issues app privacy guidelines, proposes ‘Do Not Track’ for mobile

By Ed Sutherland on Feb 1, 2013

A patchwork of online privacy measures should be standardized to form a ‘Do Not Track’ list for mobile app users. In guidelines issued Friday, the U.S. Federal Trade Commission says mobile devices such as Apple’s iPhone “facilitate unprecedented amounts of data collection.”

Both devices and app developers should obtain users’ consent before obtaining personal information such as location, photos or contacts. The set of guidelines accompanied Path’s $800,000 settlement with the FTC over grabbing iOS users’ personal address books without their consent… Read More

 

Path pays dearly for stealing your iOS address book data

By Christian Zibreg on Feb 1, 2013

The private social network Path was off to a great start following its iPhone app launch in November 2010. The success was, unfortunately, short-lived as the company soon found itself at the epicenter of intense public scrutiny after it was discovered it had been uploading iOS users’ address book to its servers without their explicit permission. Even though Path did apologize and update the app with the necessary changes and user prompts, the startup never really recovered from the eerie privacy scandal.

And as a result, Apple on its end introduced deeper privacy options in iOS 6 so users can select on a per-app basis which apps can access their contacts, calendars, reminders, photos and more. And now comes word that on Friday The Federal Trade Commission (FTC) announced that Path has agreed to pay a whopping $800,000 fine… Read More

 

US authorities can access your iCloud data without a warrant

By Cody Lee on Jan 30, 2013

Cloud computing has really taken off in recent years as a cheap, flexible way for folks to store their documents and data. Apple’s iCloud service, for example, has garnered more than 250 million users in just a little over a year.

But while we’re all busy uploading our lives to the cloud, it’s worth mentioning that it’s not totally secure from prying eyes. A recently renewed Surveillance Act gives US authorities permission to access your data without a warrant… Read More

 

Apple drops from top 20 privacy ranking

By Ed Sutherland on Jan 30, 2013

Are consumers loosing trust that Apple will keep personal information private? That’s the implication from new rankings showing the iPhone maker fell out of the top 20 most-trusted firms in 2012.

The firm fell to number 21 after being among the top 20 companies viewed as protecting customer data. Mozilla, the maker of open-source web browser Firefox claimed the number 20 spot, according to privacy watcher Ponemon Institute.

Consumer credit firm American Express again took the number one position in the 2012 privacy rankings. Computer maker Hewlett-Packard and Amazon, creator of the Kindle, ranked number two and three. Amazon improved its ranking, rising to third place in 2012, up from the fifth spot in 2011. Although Apple had ranked as high as number 8 in 2009, confidence in the firm’s privacy stance has been shaken over the past year…

Read More

 

New report claims WhatsApp Messenger violates privacy laws

By Cody Lee on Jan 28, 2013

WhatsApp Messenger is a wildly popular cross-platform SMS replacement service. It allows you to group chat and send media files to other users, and it’s estimated to have in upwards of 300 million users.

Well if you’re one of those 300 million users, you might be interested to know that according to a new report, the app violates international privacy laws due to the way it handles Address Book data… Read More

 

12 Apple users in UK sue Google over Safari tracking

By Christian Zibreg on Jan 28, 2013

Although US District Judge Susan Illston recently approved the $22.5 million fine Google agreed to pay in order to settle the FTC claim that it illegally bypassed user privacy settings in Safari, the Internet giant is not yet off the hook over in the United Kingdom, where a group of twelve disgruntled users decided to take the search behemoth to the court over the scandal. A group called “Safari Users Against Google’s Secret Tracking” hired a law firm to file a complaint conveniently timed ahead of the sixth annual Data Privacy Day in the country… Read More

 

Use iFunBox’s ‘App Inspection’ tool to see which apps can access your data

By Mike Schnier on Jan 23, 2013

We’ve seen services like Clueful catalog apps that can access our private information, and many of us are familiar with tweaks like Protect My Privacy and Firewall iP that attempt to keep our data secure. But what are our leaky apps actually doing, and what are the real risks?

Unfortunately we don’t have all the answers for you, but you can do some snooping of your own. The most user-friendly tool for inspecting the APIs your actual installed apps can access is built into a popular iOS filebrowser called iFunBox… Read More

 
Page 11234