By Christian Zibreg on May 25, 2015
The National Security Agency’s (NSA) bulk phone metadata collection program should come to an end on June 1 at 5pm Eastern time as the Obama administration has reportedly decided not to ask a secret court for a 90-day extension of Section 215 in the Patriot Act, an administration official confirmed to The Guardian on Saturday.
The controversial program was established as an effective, secret means of siphoning user data, not just from carriers but also from major technology companies like Apple, AT&T, Google, Verizon, and Microsoft, with or without their willing participation. Read More
By Jeff Benjamin on May 22, 2015
Recent reports are claiming that Apple’s upcoming iOS update—iOS 9—will make it more difficult to jailbreak iPhones and iPads going forward. Some are even stating that it will be nearly impossible to jailbreak an iPhone running iOS 9.
The reason? Rootless—the kernel-level security feature that was discussed earlier today. This new feature is said to prevent malware, increase the safety of extensions and preserve the security of sensitive data.
When it’s all said and done, Apple’s security efforts in iOS 9 appear to be its most prolific since iOS 5. It could make it more of a challenge for jailbreakers and hackers.
But impossible? There’s nothing that’s impossible when it comes to security. More difficult? Perhaps. More challenging? Maybe. But impossible? Read More
By Christian Zibreg on May 19, 2015
In the refreshed iOS Security Guide, Apple has for the first time detailed security technologies pertaining to the Apple Watch.
As it turns out, the wrist-worn device borrows the many security features and technology built for iOS, including hardware-encrypted storage and data protection, keychain access control, protection of wireless data exchange with its paired iPhone and much more. Read More
By iDB Deals on May 19, 2015
An all-in-one solution for online privacy, Blur protects you from credit card fraud, identity theft, and third-party monitoring. Get a lifetime subscription to Blur from iDownloadBlog Deals today for just $49.99. Read More
By Jeff Benjamin on May 13, 2015
The Apple Watch contains security measures to prevent thieves from accessing your data, but it doesn’t include the necessary features to dissuade thieves from trying to steal your device to begin with.
The problem stems from the lack of an Activation Lock-like feature on Watch OS 1.0.
Unlike the iPhone, if someone steals your Apple Watch, they can easily reset the device (bypass the passcode), and pair it with a new iPhone logged in to a different iCloud account. In other words, it’s totally feasible to steal an Apple Watch and set it up on a different device as if you just purchased it from an Apple Store. Read More
By Christian Zibreg on May 13, 2015
With ephemeral messaging growing in popularity, and given ongoing fear of government-sponsored snooping, small wonder that BitTorrent has now entered the market for secure chat apps — and in a pretty big way, too.
Bleep, their new Mac and iOS secure messaging and VoIP software, strives to ensure the privacy of your conversations by never saving them on your device or the servers. In a nutshell, Bleep uses encryption and peer-to-peer networking to establish a private, secure connection between devices.
With Bleep, you can whisper with friends on your Mac or iPhone and the messages will disappear after they are read. Read More
By Jeff Benjamin on May 13, 2015
There seems to be a bit of misunderstanding when it comes to using a passcode on the Apple Watch. I’ve seen more than a few comments about how inconvenient it would be to have to “enter a passcode on that tiny screen every time I want to use the watch.” Indeed, it would be inconvenient if that were a true statement; thankfully it’s not. Read More
By Jeff Benjamin on May 13, 2015
If you forget your Apple Watch passcode and enter an incorrect passcode more than six times in the row, your Apple Watch will lock you out. You’ll then see a message that tells you to try entering your password again in a few minutes.
But what if you simply can’t remember your passcode? What then? If that’s the case, then you’ll need to erase your Apple Watch, re-pair it with your iPhone, and restore from backup. Check out our tutorial that shows you how to reset your Apple Watch from your paired iPhone or from the Apple Watch itself. Read More
By Cody Lee on May 6, 2015
Apple this afternoon released Safari updates for Yosemite (8.0.6), Mavericks (7.1.6), and Mountain Lion (6.2.6). The new versions include fixes for multiple memory corruption issues in WebKit, which Apple says could lead to arbitrary code execution or unexpected application termination when visiting a maliciously-crafted website. Read More
By Jeff Benjamin on Apr 27, 2015
On initial Apple Watch setup, you’ll be asked to establish a passcode, and I recommend doing this. Not only will a passcode allow you to use Apple Pay with Apple Watch, but it will help secure other sensitive data on your device.
You’ll quickly come to realize that passcode usage on the Apple Watch, while similar to the iPhone in some respects, is quite different. Because the Apple Watch is worn on your wrist and is an accessory to the iPhone, some things had to be altered to make it all work cohesively. Read More
By Cody Lee on Apr 8, 2015
In addition to a lengthy change log of improvements, today’s iOS 8.3 release also includes several security patches. In fact, as MuscleNerd points out, the new firmware features 39 security patches, rivaling the amount found in the jump from iOS 7 to iOS 8.
Among the patches is one of particular interest, to us anyway, that is credited to the TaiG Jailbreak Team. It’s labeled CVE-2015-1087, and described as a backup bug that can allow an attacker to use the backup system to access restricted areas of the file system. Read More
By Jeff Benjamin on Mar 23, 2015
Well-known iOS jailbreak developer and hacker Majd Alfhaily was intrigued when read about MDSec’s black box hardware brute force for iOS devices. The tool, which runs over a USB connection, tries every possible passcode combination in an attempt to unlock an iPhone secured with a simple passcode.
The downside of such a tool, is that each PIN entry takes approximately 40 seconds, so it could take more than 110 hours to brute force an iPhone. Majd, being the curious person that he is, devised a way to do it in a fraction of the time using only software. The only caveat, if you even want to call it that given what it does, is that the device must be able to run unsigned code, i.e., the device must be jailbroken. Read More
By Christian Zibreg on Mar 19, 2015
Thursday, Apple issued a new security update for Mac users running OS X Yosemite 10.10.2. The update, titled ‘Security Update 2015-003 1.0,’ is available right now through the Updates tab of the Mac App Store and is recommended for all users as it improves the security of OS X.
If you’re running a public beta of OS X Yosemite 10.10.3, you won’t see this update because the stable OS X Yosemite 10.10.3 release is bound to include contents of today’s security update. Read More
By Cody Lee on Mar 18, 2015
A new device is causing commotion around the interwebs today, that has the ability to unlock PIN-protected iOS devices. The tool, first spotlighted by security firm MDSec, is being used in the phone repair markets to brute-force iPhone and iPad Lock screens.
According to MDSec, these ‘IP Boxes’ are about the size of an Apple TV, and you can acquire one for around $300. It works by simulating the PIN entry on a device over a USB connection, and is able to sequentially bruteforce every possible PIN combination. Read More
By Jake Smith on Mar 10, 2015
The Intercept reports the Central Intelligence Agency has been working for years to find ways to break through the security of Apple devices, with work spanning a year before the first iPhone was released. The Intercept basis its report on leaked documents, that explain a yearly gathering of CIA officials, called the “Jamboree”, to talk about flaws in commercial electronics. Read More
By Cody Lee on Mar 9, 2015
Apple on Monday issued a security update for OS X to address a handful of vulnerabilities, including the high profile SSL flaw known as “FREAK.” Spotlighted last week, the bug allows would-be attackers to spy on communications made through Safari.
More specifically, FREAK stands for Factoring RSA Export Keys, and it affects certain embodiments of web encryption technologies SSL and TLS. If used maliciously, the flaw could leave systems open to what are known as man-in-the-middle attacks. Read More
By iDB Deals on Mar 4, 2015
Hacking often boils down to identifying weak points in digital security systems and infrastructure. Ethical hacking (aka White Hat hacking) is all about plugging those holes before someone with nefarious intentions exploits them. So how do you get started working with the “good guys” and protecting your own systems when it comes to hacking? With the White Hat Security Hacker Bundle, of course.
Offering access to six comprehensive online courses, this is your last chance to take advantage of the White Hat Security Hacker Bundle at the price of $49 – saving more than 90% off the $622 MSRP. The deal ends tomorrow. Read More
By Christian Zibreg on Mar 4, 2015
A new exploit dubbed ‘FREAK Attack’ — which stands for “Factoring attack on RSA-EXPORT Keys” — that takes advantage of a security flaw dating back to the 1990s will be patched soon by Apple.
As we speak, the iPhone maker is readying a fix in iOS and OS X that will be available in software updates next week, a spokesperson for the Cupertino firm told iMore.
Plagued by this security flaw, users of Mac, iPhone, iPad, iPod touch and Android devices are at risk when visiting vulnerable websites that downgrade a secure HTTPS connection to a weaker encryption method. Read More
By Christian Zibreg on Mar 3, 2015
Following the outcry in Silicon Valley regarding the treatment of part-time employees, and in general people who work for technology companies, Apple is now moving to “dramatically expand” its in-house security team by giving contracted workers the same benefits as other employees, as per Mercury News Tuesday.
A company spokesperson confirmed to the paper that Apple has now decided to hire the majority of its day-to-day security staff in Silicon Valley as full-time workers, following a yearlong review. Read More
By Oliver Haslam on Feb 28, 2015
Apple CEO Tim Cook is on the final leg of his tour of Isreal and Europe and has been speaking to UK publication The Telegraph about a range of things including Apple customers’ privacy and of all things, terrorism.
Known for his unusual stance on privacy – one which doesn’t jive with other high profile tech executives who are happy to share everything about you – Cook told the publication during an interview that he feels people’s information is being “trafficked around” in ways that they just don’t yet understand. Read More