About OS X System Integrity Protection aka ‘Rootless’ and how to disable it

By Anthony Bouchard on Feb 1, 2016

All Macs with OS X El Capitan installed on them have a new layer of security known as System Integrity Protection, which has been given the nickname ‘Rootless’ because it closes off a lot of system files to user access to prevent malicious programs and code from causing harmful changes to the core of OS X.

For some, the added security feels like a must for protection of your personal information, but for more advanced users who poke their noses into system files quite often, the feature can get in the way and prevent user modifications to the operating system. In this tutorial, we’ll give you an overview of System Integrity Protection and show you a way to disable it. Read More

 

Why you should avoid free VPNs

By Anthony Bouchard on Jan 29, 2016

VPNs are great tools for helping secure your internet access on an unsecured Wi-Fi network, such as those at McDonald’s, but did you know that not all VPNs are created equally?

By using a free VPN that you haven’t carefully read the terms and conditions of, you might be putting your privacy at more of a risk than it would have been just using the unsecured Wi-Fi network to browse the web in the first place. Read More

 

Ten ways to increase privacy on iOS

By Anthony Bouchard on Jan 22, 2016

Privacy is an invaluable right to anyone who owns a computer or mobile device. With so much of your information being so easy to track with today’s technology, it really is an important step in protecting our identities, information, and data from being snooped on or stolen.

In this guide, we’ll take you through several steps to enhance your privacy on your iPhone or iPad by using many of the mobile operating system’s built-in tools. Read More

 

Increasing privacy in Safari for iOS

By Anthony Bouchard on Jan 14, 2016

Most of you who use an iOS device probably use Safari as your main web browser despite the vast number of third-party alternatives available in the App Store, but how often do you think about the privacy of your information when you’re using it?

Apple gives users a number of privacy options for using Safari on your iOS device to keep your information safe, and in this tutorial, we aim to make you more familiar with them and talk a little about how to use them. Read More

 

How to uninstall a VPN from your iOS device

By Anthony Bouchard on Jan 12, 2016

Many people use VPNs (virtual private networks) to protect their identities on public Wi-Fi networks. A VPN can help secure your information and it can also be used to spoof your location for some services that use your location.

Sometimes you may want to remove a VPN from your iOS device, either to try another one, or to solve networking issues. There are actually two different ways to remove a VPN from your iPhone or iPad, and it all depends on how the VPN application (or service) is installed and configured on your device. In this tutorial, we’ll explain both of them to you so you can remove your VPN service if the need arises. Read More

 

Mac App Store authentication glitches forcing users to reinstall apps

By Christian Zibreg on Nov 12, 2015

As first spotted by Tweetbot developer Paul Haddad, some Mac owners are being forced to download and reinstall apps on their computer following what appears to be a security glitch in the Mac App Store.

The affected users are seeing a message saying that their app has been damaged and cannot be opened, with the prompt advising folks to download the app again from the Mac App Store.

Here’s what you can do about it. Read More

 

How to use a 4-digit passcode for purchases on Apple TV

By Jeff Benjamin on Nov 3, 2015

Yesterday, on Let’s Talk iOS, we discussed how arduous and tedious it is to enter a password on the Apple TV interface. It’s a difficult process, because the Apple TV lacks support for Bluetooth keyboards, and features an A-Z text entry setup that makes the process even more difficult that it was on last generation’s Apple TV.

Fortunately, the Apple TV features an option that allows you to never require a password for iTunes & App Store purchases. While using such an option works, it leaves your device open to unauthorized purchases. The good news is that, as we discussed on the podcast, you can easily set up restrictions for App Store and iTunes purchases, which will make it so that purchases only require the entry of a 4-digit passcode.
Read More

 

The million dollar jailbreak you can’t have

By Sébastien Page on Nov 2, 2015

Vulnerability and exploit acquisition platform Zerodium announced today that the million dollar bounty it had put together has expired, noting that a team of researchers has won the prize. Launched in September of this year, the bounty program aimed at rewarding anyone one who would come forward with an “exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.”

It looks like they have their winners, as a team who made a remote browser-based iOS 9.1 and iOS 9.2 beta untethered jailbreak has apparently come forward. But don’t get your hopes too high. Read More

 

Apple opens cryptographic libraries used to protect iOS and OS X to app makers

By Christian Zibreg on Oct 30, 2015

Apple yesterday announced it’s opened up its cryptographic libraries, the same ones used to protect iOS and OS X, to third-party developers. As reported by VentureBeat, the move is significant in that developers can now implement advanced security features into their apps, for free.

In addition to open-sourcing the cryptographic libraries, Apple back in the summer promised to open source its Swift programming language by the end of the year. Read More

 

Mobile Terminal now works on jailbroken iOS 9 devices

By Jeff Benjamin on Oct 28, 2015

Good news for all of you Mobile Terminal fans, or for anyone interested in easily changing their jailbroken iOS device’s root password. Saurik just pushed an update for PAM Modules on Cydia, which was a prerequisite for terminal access.

All you need to do is go out to Cydia and update to PAM Modules 36.1. Cydia should automatically prompt you for the update, since this package is installed by default. Once you update, you can download Mobile Terminal, or any terminal emulator on Cydia that you prefer. Read More

 

How to add and remove trusted devices for Apple ID two-factor authentication

By Jeff Benjamin on Oct 23, 2015

Back in July, we provided you with an overview of Apple’s two-step authentication. This is the security method that requires at least two factors of authentication—a password and a trusted device—in order to successfully access an account.

Two-factor, or two-step, as it’s sometimes referred to, is a great security method, because it forces one to have physical access to a security key, in this case, an iPhone or an iPad.

Needless to say, we here at iDB highly recommend using 2FA for any account that allows it, Apple ID, or otherwise. In fact, if a service that you’re using doesn’t offer 2FA, I’d seriously think twice about using that service—it’s that important for keeping your data secure.

If you have two-factor enabled for your Apple ID, and you should, then you’ve doubtlessly run into the screen that asks you to verify your identify when logging in with your Apple ID. On that screen, it may list some of your Apple devices, and at least one verified phone number. These devices act as security authentication keys.

Have you ever wondered what the requirements are for the devices that are listed here? Have you ever wanted to remove or add a device? In this tutorial, we’ll walk you through managing your iOS trusted devices for two-factor authentication. Read More

 

Apple opposes proposed Cybersecurity Information Sharing Act

By Cody Lee on Oct 20, 2015

Apple on Tuesday provided a statement to The Washington Post, voicing its opposition to the proposed CISA bill. The legislation, which spelled out reads the Cybersecurity Information Sharing Act, is expected to be voted on by the Senate within the next few days.

“We don’t support the current CISA proposal,” Apple told The Post, reiterating its position on the privacy and trust of iOS and Mac users. “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.” Read More

 

Apple tells judge it’s ‘impossible’ to unlock and extract data from devices running iOS 8 or later

By Cody Lee on Oct 20, 2015

Late Monday, Apple filed a brief with a federal magistrate judge in Brooklyn, New York, reiterating its inability to unlock its devices. As it has before, the company told the judge that accessing data stored on a locked device running iOS 8 or later is technically impossible, due to strengthened encryption methods. Read More

 

1Password for Mac gains large type option, changing secondary vault password and more

By Christian Zibreg on Oct 15, 2015

AgielBits’ popular password-management utility, 1Password, was refreshed in the Mac App Store today with several notable enhancements. For starters, the app has brought out a new large type option to make those passwords easier to read on huge monitors and Macs with high-resolution Retina screens.

People who happen to manage multiple vaults in 1Password should jump with joy as they can at last change passwords for secondary vaults, too.

The top layout view has seen some changes as well with rich item icons and customizable columns. Last but not least, 1Password 5.4 for Mac includes security updates to address the dreaded XARA vulnerabilities. Read More

 

What to know about ‘YiSpecter,’ new malware targeting all iOS devices

By Christian Zibreg on Oct 5, 2015

Just as all the hoopla surrounding the XcodeGhost attack appears to have died down, security researchers over at Palo Alto Networks have identified a new type of harmful malware.

Dubbed YiSpecter, it can install itself on both jailbroken and non-jailbroken iOS devices and is the first iOS malware that exploit Apple’s private APIs to implement malicious functionalities.

Here’s everything you need to know about this new type of attack, what Apple is saying about the malware and what you can do in order to protect your devices from becoming infected with YiSpecter. Read More

 

iOS 9.0.2 fixed vulnerability that allowed Lock screen access to photos and contacts

By Christian Zibreg on Oct 1, 2015

iOS 9.0.2 has patched a potentially disturbing vulnerability which allowed malicious users who have access to your device to use Siri from the Lock screen in order to browse your photos and contacts.

According to Apple’ official iOS 9.0.2 release notes, the software has fixed the issue which allowed access to photos and contacts on a locked device by “restricting options offered on a locked device.”

The vulnerability was left unpatched in iOS 9.0 and iOS 9.0.1 and affected the iPhone 4s and later, fifth-generation iPod touch and later and iPad 2 and later. Read More

 

How to make your iPhone, iPod touch and iPad more secure with 6-digit passcodes

By Christian Zibreg on Sep 29, 2015

iOS 9.0.1 increases your security by defaulting to 6-digit passcodes on Touch ID devices. “If you use Touch ID, it’s a change you’ll hardly notice,” says Apple.

Compared to 4-digit passcodes which have 10,000 possible combinations, their 6-digit counterparts strengthen your security with one million possible combinations, meaning 6-digit passcodes will be a lot tougher to crack.

Non-Touch ID iPhones and iPads still default to less secure 4-digit passcodes, however. You can enable a 6-digit passcode with a quick trip to Settings, here’s how. Read More

 

Review: Password Chef—enjoy untethered password entry with recipes

By Christian Zibreg on Sep 28, 2015

The App Store offers several high-quality apps that help you create strong passwords for various services, manage your passwords and synchronize them between devices with ease, AgileBits’ freemium 1Password being perhaps the most popular one.

But there’s now a brand new password manager on the block which takes a clever approach to securing all your online accounts with strong passwords but without having to actually remember them.

How about re-creating passwords from recipes?

Welcome to Naranja Studio’s Password Chef, a novel $2.99 app for the iPhone, iPod touch and iPad which takes advantage of unique recipes to basically turn any site name into an easy-to-recall password, canceling the need for additional software or devices. Read More

 

Apple lists top 25 apps infected by XcodeGhost

By Christian Zibreg on Sep 24, 2015

Apple today refreshed its official XcodeGhost FAQ webpage, listing the top 25 iPhone and iPad apps on the App Store that contain the widely reported though mostly harmless XcodeGhost malware.

In addition to WeChat, one of the top messaging apps in the world, Rovio’s Angry Birds 2 and China Unicom’s Customer Service app, most of the listed apps are distributed on the Chinese App Store only.

“If users have one of these apps, they should update the affected app which will fix the issue on the user’s device,” writes the company. “If the app is available on App Store, it has been updated, if it isn’t available it should be updated very soon.”

Apple has pulled many of the infected apps and said it’s working closely with developers to get impacted apps back on the App Store. Read More

 

Apple to offer local Xcode downloads in China, posts official XcodeGhost malware FAQ

By Christian Zibreg on Sep 23, 2015

The XcodeGhost malware couldn’t have arrived at worst time for Apple as the company prepares to launch its iPhone 6s and iPhone 6s Plus tomorrow. The company has already removed the App Store apps infected by the malware, which has been found to inject its payload into apps compiled with compromised copies of Xcode that were distributed on non-Apple servers in China.

Wednesday, the Cupertino firm has confirmed plans to mitigate the threat by hosting local Xcode downloads within China. In addition, Apple has posted an XcodeGhost FAQ webpage on its Chinese website detailing the XcodeGhost malware and how customers might be affected by it. Read More

 
Page 112345...