By Anthony Bouchard on Feb 1, 2016
All Macs with OS X El Capitan installed on them have a new layer of security known as System Integrity Protection, which has been given the nickname ‘Rootless’ because it closes off a lot of system files to user access to prevent malicious programs and code from causing harmful changes to the core of OS X.
For some, the added security feels like a must for protection of your personal information, but for more advanced users who poke their noses into system files quite often, the feature can get in the way and prevent user modifications to the operating system. In this tutorial, we’ll give you an overview of System Integrity Protection and show you a way to disable it. Read More
By Anthony Bouchard on Jan 29, 2016
VPNs are great tools for helping secure your internet access on an unsecured Wi-Fi network, such as those at McDonald’s, but did you know that not all VPNs are created equally?
By using a free VPN that you haven’t carefully read the terms and conditions of, you might be putting your privacy at more of a risk than it would have been just using the unsecured Wi-Fi network to browse the web in the first place. Read More
By Anthony Bouchard on Jan 22, 2016
Privacy is an invaluable right to anyone who owns a computer or mobile device. With so much of your information being so easy to track with today’s technology, it really is an important step in protecting our identities, information, and data from being snooped on or stolen.
In this guide, we’ll take you through several steps to enhance your privacy on your iPhone or iPad by using many of the mobile operating system’s built-in tools. Read More
By Anthony Bouchard on Jan 14, 2016
Most of you who use an iOS device probably use Safari as your main web browser despite the vast number of third-party alternatives available in the App Store, but how often do you think about the privacy of your information when you’re using it?
Apple gives users a number of privacy options for using Safari on your iOS device to keep your information safe, and in this tutorial, we aim to make you more familiar with them and talk a little about how to use them. Read More
By Anthony Bouchard on Jan 12, 2016
Many people use VPNs (virtual private networks) to protect their identities on public Wi-Fi networks. A VPN can help secure your information and it can also be used to spoof your location for some services that use your location.
Sometimes you may want to remove a VPN from your iOS device, either to try another one, or to solve networking issues. There are actually two different ways to remove a VPN from your iPhone or iPad, and it all depends on how the VPN application (or service) is installed and configured on your device. In this tutorial, we’ll explain both of them to you so you can remove your VPN service if the need arises. Read More
By Christian Zibreg on Nov 12, 2015
As first spotted by Tweetbot developer Paul Haddad, some Mac owners are being forced to download and reinstall apps on their computer following what appears to be a security glitch in the Mac App Store.
The affected users are seeing a message saying that their app has been damaged and cannot be opened, with the prompt advising folks to download the app again from the Mac App Store.
Here’s what you can do about it. Read More
By Jeff Benjamin on Nov 3, 2015
Yesterday, on Let’s Talk iOS, we discussed how arduous and tedious it is to enter a password on the Apple TV interface. It’s a difficult process, because the Apple TV lacks support for Bluetooth keyboards, and features an A-Z text entry setup that makes the process even more difficult that it was on last generation’s Apple TV.
Fortunately, the Apple TV features an option that allows you to never require a password for iTunes & App Store purchases. While using such an option works, it leaves your device open to unauthorized purchases. The good news is that, as we discussed on the podcast, you can easily set up restrictions for App Store and iTunes purchases, which will make it so that purchases only require the entry of a 4-digit passcode.
By Sébastien Page on Nov 2, 2015
Vulnerability and exploit acquisition platform Zerodium announced today that the million dollar bounty it had put together has expired, noting that a team of researchers has won the prize. Launched in September of this year, the bounty program aimed at rewarding anyone one who would come forward with an “exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.”
It looks like they have their winners, as a team who made a remote browser-based iOS 9.1 and iOS 9.2 beta untethered jailbreak has apparently come forward. But don’t get your hopes too high. Read More
By Christian Zibreg on Oct 30, 2015
Apple yesterday announced it’s opened up its cryptographic libraries, the same ones used to protect iOS and OS X, to third-party developers. As reported by VentureBeat, the move is significant in that developers can now implement advanced security features into their apps, for free.
In addition to open-sourcing the cryptographic libraries, Apple back in the summer promised to open source its Swift programming language by the end of the year. Read More
By Jeff Benjamin on Oct 28, 2015
Good news for all of you Mobile Terminal fans, or for anyone interested in easily changing their jailbroken iOS device’s root password. Saurik just pushed an update for PAM Modules on Cydia, which was a prerequisite for terminal access.
All you need to do is go out to Cydia and update to PAM Modules 36.1. Cydia should automatically prompt you for the update, since this package is installed by default. Once you update, you can download Mobile Terminal, or any terminal emulator on Cydia that you prefer. Read More
By Jeff Benjamin on Oct 23, 2015
Back in July, we provided you with an overview of Apple’s two-step authentication. This is the security method that requires at least two factors of authentication—a password and a trusted device—in order to successfully access an account.
Two-factor, or two-step, as it’s sometimes referred to, is a great security method, because it forces one to have physical access to a security key, in this case, an iPhone or an iPad.
Needless to say, we here at iDB highly recommend using 2FA for any account that allows it, Apple ID, or otherwise. In fact, if a service that you’re using doesn’t offer 2FA, I’d seriously think twice about using that service—it’s that important for keeping your data secure.
If you have two-factor enabled for your Apple ID, and you should, then you’ve doubtlessly run into the screen that asks you to verify your identify when logging in with your Apple ID. On that screen, it may list some of your Apple devices, and at least one verified phone number. These devices act as security authentication keys.
Have you ever wondered what the requirements are for the devices that are listed here? Have you ever wanted to remove or add a device? In this tutorial, we’ll walk you through managing your iOS trusted devices for two-factor authentication. Read More
By Cody Lee on Oct 20, 2015
Apple on Tuesday provided a statement to The Washington Post, voicing its opposition to the proposed CISA bill. The legislation, which spelled out reads the Cybersecurity Information Sharing Act, is expected to be voted on by the Senate within the next few days.
“We don’t support the current CISA proposal,” Apple told The Post, reiterating its position on the privacy and trust of iOS and Mac users. “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.” Read More
By Cody Lee on Oct 20, 2015
Late Monday, Apple filed a brief with a federal magistrate judge in Brooklyn, New York, reiterating its inability to unlock its devices. As it has before, the company told the judge that accessing data stored on a locked device running iOS 8 or later is technically impossible, due to strengthened encryption methods. Read More
By Christian Zibreg on Oct 15, 2015
AgielBits’ popular password-management utility, 1Password, was refreshed in the Mac App Store today with several notable enhancements. For starters, the app has brought out a new large type option to make those passwords easier to read on huge monitors and Macs with high-resolution Retina screens.
People who happen to manage multiple vaults in 1Password should jump with joy as they can at last change passwords for secondary vaults, too.
The top layout view has seen some changes as well with rich item icons and customizable columns. Last but not least, 1Password 5.4 for Mac includes security updates to address the dreaded XARA vulnerabilities. Read More
By Christian Zibreg on Oct 5, 2015
Just as all the hoopla surrounding the XcodeGhost attack appears to have died down, security researchers over at Palo Alto Networks have identified a new type of harmful malware.
Dubbed YiSpecter, it can install itself on both jailbroken and non-jailbroken iOS devices and is the first iOS malware that exploit Apple’s private APIs to implement malicious functionalities.
Here’s everything you need to know about this new type of attack, what Apple is saying about the malware and what you can do in order to protect your devices from becoming infected with YiSpecter. Read More
By Christian Zibreg on Oct 1, 2015
iOS 9.0.2 has patched a potentially disturbing vulnerability which allowed malicious users who have access to your device to use Siri from the Lock screen in order to browse your photos and contacts.
According to Apple’ official iOS 9.0.2 release notes, the software has fixed the issue which allowed access to photos and contacts on a locked device by “restricting options offered on a locked device.”
The vulnerability was left unpatched in iOS 9.0 and iOS 9.0.1 and affected the iPhone 4s and later, fifth-generation iPod touch and later and iPad 2 and later. Read More
By Christian Zibreg on Sep 29, 2015
iOS 9.0.1 increases your security by defaulting to 6-digit passcodes on Touch ID devices. “If you use Touch ID, it’s a change you’ll hardly notice,” says Apple.
Compared to 4-digit passcodes which have 10,000 possible combinations, their 6-digit counterparts strengthen your security with one million possible combinations, meaning 6-digit passcodes will be a lot tougher to crack.
Non-Touch ID iPhones and iPads still default to less secure 4-digit passcodes, however. You can enable a 6-digit passcode with a quick trip to Settings, here’s how. Read More
By Christian Zibreg on Sep 28, 2015
The App Store offers several high-quality apps that help you create strong passwords for various services, manage your passwords and synchronize them between devices with ease, AgileBits’ freemium 1Password being perhaps the most popular one.
But there’s now a brand new password manager on the block which takes a clever approach to securing all your online accounts with strong passwords but without having to actually remember them.
How about re-creating passwords from recipes?
Welcome to Naranja Studio’s Password Chef, a novel $2.99 app for the iPhone, iPod touch and iPad which takes advantage of unique recipes to basically turn any site name into an easy-to-recall password, canceling the need for additional software or devices. Read More
By Christian Zibreg on Sep 24, 2015
Apple today refreshed its official XcodeGhost FAQ webpage, listing the top 25 iPhone and iPad apps on the App Store that contain the widely reported though mostly harmless XcodeGhost malware.
In addition to WeChat, one of the top messaging apps in the world, Rovio’s Angry Birds 2 and China Unicom’s Customer Service app, most of the listed apps are distributed on the Chinese App Store only.
“If users have one of these apps, they should update the affected app which will fix the issue on the user’s device,” writes the company. “If the app is available on App Store, it has been updated, if it isn’t available it should be updated very soon.”
Apple has pulled many of the infected apps and said it’s working closely with developers to get impacted apps back on the App Store. Read More
By Christian Zibreg on Sep 23, 2015
The XcodeGhost malware couldn’t have arrived at worst time for Apple as the company prepares to launch its iPhone 6s and iPhone 6s Plus tomorrow. The company has already removed the App Store apps infected by the malware, which has been found to inject its payload into apps compiled with compromised copies of Xcode that were distributed on non-Apple servers in China.
Wednesday, the Cupertino firm has confirmed plans to mitigate the threat by hosting local Xcode downloads within China. In addition, Apple has posted an XcodeGhost FAQ webpage on its Chinese website detailing the XcodeGhost malware and how customers might be affected by it. Read More