Your spare iOS device can be turned into a home security camera with Manything

By Lory Gil on Jan 24, 2015

Most of us have at least one extra iOS device lying around somewhere that doesn’t get used as much as the others. Instead of letting it sit around, slowly losing battery life, why not set it up to be a home security monitor?

Manything is a free app that you can download onto two iOS devices. One device acts as the camera to record everything, while the other acts as the remote viewer so you can check in to see what your cat is up to while you are away. Read More

 

Apple bows to pressure, consents to security audits of iPhones, iPads and Macs sold in China

By Christian Zibreg on Jan 23, 2015

CEO Tim Cook has agreed to allow Chinese government officials to conduct security audits on Apple devices sold in China, IDG News Service reported yesterday.

The surprising development comes amid tensions that have erupted in the 1.33 billion people country, Apple’s second largest market by revenue, over allegations that other governments are using Apple devices for surveillance and accusations of state-sponsored phishing attacks on Apple’s iCloud users. Read More

 

Poll: should Apple add multi-user access to iOS?

By Christian Zibreg on Jan 21, 2015

Yesterday, I stumbled upon an intriguing post over at The Loop which I felt raised a valid point about multi-user access in iOS, or the lack of.

It’s especially relevant in light of the fact that Android Lollipop enables multi-user support on phones.

Tablets, of course, have had this for nearly three years with Jelly Bean and up. Now, adding the ability to share your iPhone or iPad with someone else isn’t as trivial as it may appear at first sight as there are many technical hurdles to overcome.

On the other hand, can anyone imagine Apple not working on solving this pain point for its users? I mean, OS X supports multiple user accounts by design and iOS is basically a slimmed down version of OS X.

Anyways, is multi-user access one of those features the company should prioritize for the next major refresh of iOS, do you think? Read More

 

LastPass finally launches as dedicated Mac app

By Jake Smith on Jan 20, 2015

Password manager LastPass has finally launched a dedicated Mac app that will allow users to find and store their passwords.

Previously available as a web portal and browser extension, the new Mac app gives you the same features natively, along with a Quick Look feature that allows you to instantly search for passwords and other login information, as well as the ability to scavenge through secure notes. Read More

 

Snowden docs give new insight into how GCHQ tracked iPhone users

By Christian Zibreg on Jan 19, 2015

New documents by NSA leaker Edward Snowden were published this weekend by German newspaper Der Spiegel, giving us new insight into how the GCHQ tracked iPhone users without their consent.

Rather than tap specific exploits that GCHQ’s U.S. counterpart, NSA, relied on in order to compromise the iPhone’s software, GCHQ surveilled targets by following a device’s UDID across different services.

They were even able to pull data from the device itself when syncing with a compromised computer took place. Read More

 

Facebook adds AMBER Alerts to people’s News Feeds on mobile and the web

By Christian Zibreg on Jan 13, 2015

Facebook on Tuesday announced adding AMBER Alerts to both its mobile applications and the web interface in order to help find missing children in a more systematic way than before.

Realized through a partnership with the National Center for Missing and Exploited Children, the initiative will deliver AMBER Alerts, which include photographs and other details about the missing child, to people’s News Feeds in targeted search areas after a child has been abducted and the National Center has issued an alert, said the social networking behemoth.

Facebook is betting that the power of its network will help find the missing children and is encouraging users to share these alert with friends and link directly to the National Center’s missing child poster. Read More

 

Spotlight bug exposes your Mac’s IP address and more to spammers

By Christian Zibreg on Jan 9, 2015

An unusual oversight in how OS X’s Spotlight feature handles privacy settings in Apple Mail leaves the door open to spammers, phishers and online tracking companies who can obtain private data such as your IP address, current operating system version, browser details and more, whenever an email message is previewed in Spotlight.

First discovered by German technology news site Heise, the bug takes advantage of a common information harvesting technique and a Mail setting which determines whether or not the program loads remote content in emails. Read More

 

Photego: secure the stock Photos app with Touch ID

By Jeff Benjamin on Jan 9, 2015

There are tweaks that exist on Cydia that allow you to secure an entire app, but to my knowledge, no tweak yet exists that allows you to secure specific aspects of the stock Photos app with Touch ID. That’s where Photego comes in, a new jailbreak tweak that allows you to prevent users from deleting photos, accessing albums, and more via Touch ID. Read More

 

WhitelistSwitcher cleans up your messy App Switcher

By Jeff Benjamin on Jan 9, 2015

Looking for a way to tidy up the App Switcher on iOS? Then WhitelistSwitcher may be a jailbreak tweak that appeals to you. As its name alludes to, this tweak allows you to whitelist the specific apps that appear in the App Switcher. Apps that aren’t on the whitelist do not appear in the App Switcher, even if they were recently launched. Read More

 

Apple patches serious vulnerability that let hackers take over your Apple ID

By Christian Zibreg on Jan 5, 2015

As of today, brute-forcing your way into your ex’s Apple ID or iCloud account by way of dictionary-based attacks is no longer a viable option.

As reported by James Cook of Business Insider, Apple’s reportedly patched a vulnerability in its iCloud service that determined hackers were able to exploit in order to hack into your Apple ID account.

Even though Apple IDs that employ weak passwords and don’t use Apple’s vaunted two-step verification feature were at greatest risk, we’re most certainly glad that Apple’s moved so swiftly to increase online security of its users. Read More

 

PanicLock: a good way to discretely lock your iPhone

By Jeff Benjamin on Jan 2, 2015

Have you ever been in a situation where you would like to lock your iPhone in a discrete manner? Perhaps someone has asked to see your iPhone, or they’ve figured out your password, and they want to examine your phone. Obviously, you could just say no, but if you’re the passive aggressive type of person, you could just use PanicLock for iOS 8 instead. Read More

 

New Apple ID attack tool surfaces as Apple pulls Photos web app from iCloud.com

By Christian Zibreg on Jan 2, 2015

Friday, a new attack tool was posted to GitHub that uses brute-force dictionary attacks on iCloud and Apple ID accounts with weak passwords. Using a dictionary list containing more than 500 words, the ‘iDict’ tool pretends to be a legitimate iPhone device trying to log in to iCloud.com. Somehow, it manages to avoid Apple ID lockout restrictions.

People with complex passwords shouldn’t be concerned but those with simple ones based on commonly used words such as pet names are at risk. If you fall in that category, you’re wholeheartedly recommended to change your password and optionally enable two-step verification for your Apple ID.

Seemingly unrelated to ‘iDict’, the Photos web app mysteriously disappeared from the iCloud website this morning. Read More

 

It’s easy to create a fingerprint from smartphone photos of someone’s finger

By Christian Zibreg on Dec 29, 2014

Admittedly, Touch ID has popularized and mainstreamed biometric security on mobile devices using an impression made on a surface by the inner part of the top joint of a finger.

Having debuted on the iPhone 5s, Apple’s in-house sensor built into the Home button is based on a sophisticated technology by Israeli smart sensor maker AuthenTec, which the Cupertino firm snapped up in July of 2012 for a reported $356 million.

However, existing fingerprint-based security solutions could be easily bypassed by generating a fingerprint image from a series of photos of someone’s finger, no physical print necessary whatsoever, according to claims by Chaos Computer Club, Europe’s largest association of hackers.

As relayed by VentureBeat, the hackers have now successfully demonstrated a proof-of-concept by copying the thumbprint of German Defense Minister Ursula von der Leyen.

They used a close-up photograph of von der Leyen’s thumb, obtained during a news conference in October, along with photographs taken from different angles, said Jan Krissler aka “Starbug” at the 31st annual Chaos Computer Club convention in Hamburg, Germany. Read More

 

Elcomsoft’s Phone Breaker can now help access iCloud data protected with 2-step verification

By Christian Zibreg on Dec 18, 2014

Moscow-based Elcomsoft, which produces a mobile forensic tool used by law enforcement around the world to gain access to a suspect’s iOS devices, has updated its Phone Breaker application which now makes it easier to bypass Apple’s two-step verification for Apple ID accounts in order to access underlying iCloud data, Engadget reported Thursday.

Not only does this include iWork documents stored in iCloud, but also data in third-party apps such as WhatsApp communications, 1Password password databases — even user dictionaries that may contain secret words and phrases — provided a user has enabled the app in question to sync data with iCloud.

Although hackers still need both your Apple ID username/password and a two-factor code sent to your trusted device (or a digital token stolen from your computer), once they do gain access to your account Phone Breaker can then create a digital token granting them permanent access to iCloud data, no two-step verification code needed — until you change your Apple ID password, that is. Read More

 

Poll: is your Apple ID protected with two-step verification?

By Christian Zibreg on Dec 9, 2014

Two-step verification protects your Apple ID from unauthorized access when accessing iCloud.com and the Apple ID web interface or when when making an App Store or iTunes purchase from a new device. It’s an additional layer of security which combines something you know (your Apple ID password) with something you have (an iOS device).

Once enabled, it requires that you enter a four-digit code after providing your Apple ID credentials, with the code being pushed to a trusted iOS device.

You will also get a 14-character Recovery Key to regain control of your account should you ever lose access to your trusted devices or forget your password.

So, is your Apple ID protected with two-factor verification or do you still trust your digital life with the good ol’ password in conjunction with security questions? Read More

 

How losing your Apple ID Recovery Key could permanently lock you out of your account

By Christian Zibreg on Dec 9, 2014

With two-step verification enabled for your Apple ID, you don’t need to create or remember any security questions because your identity is exclusively verified using your password, verification codes sent to your trusted devices and your Recovery Key.

The added layer of security is a tremendous convenience, but with great power comes great responsibility and I can’t stress enough how crucial it is to ensure you never forget where you stored your Recovery Key. As Owen Williams of The Next Web learned the hard way, they’re calling it “Key” for a good reason.

Losing your Recovery Key puts you at risk of being locked out of your Apple ID if Apple’s temporarily disabled it as a security precaution because someone’s tried to hack it.

Apple cannot grant you access back into your Apple ID. This is by design: the system’s been engineered in such a way so that only you can regain access to it. And in order to do that, you absolutely need a Recovery Key.

Here’s what to know about securing your Apple ID with two-step verification. Read More

 

With new Password Changer feature, Dashlane can change all your passwords at once

By Sébastien Page on Dec 9, 2014

Password manager Dashlane introduced today Password Changer, a new feature that allows you to change all your passwords at once, including accounts secured by two-factor authentication. Powered by Dashlane’s recent acquisition of startup PassOmatic came up with the core technology, the feature, that is just entering beta, currently works with about 70 different websites, including Apple, Amazon, Twitter, Facebook, but will open up to more sites in the future. Read More

 

Twitter unveils better reporting and blocking tools

By Christian Zibreg on Dec 2, 2014

Twitter isn’t exactly a great example of what you’d call a privacy-minded online service with a wide-ranging set of comprehensive tools to prevent harassment and block poor souls who spew abuse at others.

And who could blame them? At its core, Twitter is about sharing quick thoughts with the web at large. Of course, Twitter over the years did roll out a bare minimum of reporting features.

Now Twitter’s privacy capabilities have gotten a tad better. Announced Tuesday, a sweeping update to Twitter’s existing reporting and blocking tools calls for simplified forms that mobile users can fill out with easy when reporting abuse, a change to blocking policy, a better web interface to manage blocked users and more.

Read More

 

Department of Justice compelling smartphone makers to bypass encryption

By Christian Zibreg on Dec 2, 2014

The United States Department of Justice is reportedly pursuing an unusual legal strategy to compel cellphone makers to assist investigations by removing device encryption on iPhones and other mobile devices, according to findings by technology website Ars Technica.

Tapping the All Writs Act, feds want Apple’s help to defeat encrypted phones, as revealed by newly discovered court documents from two federal criminal cases in New York and California. Read More

 

WhatsApp starts encrypting instant messages on Android, iOS and other platforms coming soon

By Christian Zibreg on Nov 19, 2014

WhatsApp, the most popular instant-messaging platform with more than 600 million users which Facebook snapped up for $16 billions earlier this year, has started to protect data with end-to-end encryption, The Wall Street Journal reports.

For the time being, text messages exchanged between Android users of WhatsApp are being encrypted by default.

It shouldn’t be too long until the company adds encryption to the iOS app and other mobile platforms. Encryption protects users’ communications from governments and hackers alike by making the data unreadable as it travels between servers. Read More

 
Page 112345...