WhatsApp has a backdoor that allows snooping on end-to-end encrypted messages [updated]

By Christian Zibreg on Jan 13, 2017

In 2016, WhatsApp finally enabled complete end-to-end encryption for both chats and video calls to ensure that no one but the intended recipient can decipher contents of their communications. Unfortunately, it’s come to light that WhatsApp’s system has been plagued by a major vulnerability which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley.

In an interview with the British newspaper The Guardian, Boelter said the backdoor could let Facebook read end-to-end encrypted content, meaning the social network could be complied with court orders to make decrypted messages available to law enforcement and other government agencies

UPDATE: We’ve received a response from WhatsApp regarding the alleged backdoor. Read More

 

Chrome 56 adds support for FLAC codec, “Not Secure” HTTP warning, web Bluetooth & more

By Christian Zibreg on Jan 13, 2017

Chrome 56 for Mac and other platforms has entered Google’s beta channel. When released to the general public, the browser will bring native support for the FLAC audio codec within the browser and other perks. This should come in handy because macOS does not support the FLAC file format out of the box so users often must use a third-party converter or video player to play these files. With Chrome 56, Mac users will be able to play FLAC-encoded audio files embedded in web pages or local files drag and dropped onto the browser window. Read More

 

How to check if your Mac supports Auto Unlock

By Christian Zibreg on Dec 28, 2016

macOS Sierra debuted a new feature called Auto Unlock that lets you get into your Mac without typing your account password simply by wearing a passcode-protected Apple Watch. With Auto Unlock, you just wake up your Mac and if it senses you’re nearby and wearing your watch, it’ll log you in automatically. Yes, it just works!

Auto Unlock imposes certain hardware pre-requisites in terms of modern Bluetooth and Wi-Fi chipsets. Here’s how you can quickly check if your Mac supports Auto Unlock. Read More

 

Here’s everything Cellebrite’s forensic tool can extract from iPhones

By Christian Zibreg on Dec 23, 2016

Documents uncovered by ZDNet have revealed the true scope of technology from Israeli developer Cellebrite Mobile Synchronization, which specializes in smartphone data extraction, transfer and analysis.

The leaked documents show just how much private data its smartphone forensic tool UFED, used by law enforcement, is capable of extracting from iPhones.

In a single data-extraction session, investigators were able to collect a huge array of personal data from an iPhone 5 like messages, phone calls, voicemails, images and more, including some deleted content. UFED can pull similar data from other phones, too, including Wi-Fi hotspots and cellular towers the device’s was connected to. Read More

 

Turkish police wants Apple to unlock Russian ambassador killer’s iPhone 4s

By Christian Zibreg on Dec 22, 2016

Andrei Karlov, the ambassador to Turkey, was killed while giving a speech at an art gallery in Ankara three days ago by 22-year-old off-duty police officer Mevlut Mert Altintas. According to MacReports, Turkish police approached Apple about unlocking an iPhone 4s that was recovered from the shooter.

The device is locked with a 4-digit passcode, but it’s unclear if it runs iOS 8.0+ or one of the earlier iOS editions that don’t enforce full disk encryption. Read More

 

How to log out of all active Facebook sessions from your iPhone

By Anthony Bouchard on Dec 22, 2016

If you have a Facebook account, then chances are you access it on more than one device. You might forget from time to time to sign out of sessions on other machines you don’t intend to use again, such as those in schools or at the workplace, potentially handing over access to your Facebook account to the next person(s) who uses the machine.

Facebook fortunately comes with a feature that lets you sign out of all active sessions on your account with just a few taps. We’ll show you how you can do this in this tutorial. Read More

 

How to use the on-demand VPN feature on your iPhone or iPad

By Anthony Bouchard on Dec 20, 2016

Depending on the VPN you’re using, your iPhone or iPad might be able to take advantage of a feature called VPN on demand (VPoD).

Essentially what this does is it connects you to your VPN automatically when it’s needed so you don’t have to toggle it on manually before accessing the internet from your device. As a result, you can have peace of mind because your information is protected once you begin using the internet. Read More

 

macOS Sierra 10.12.2 fixed vulnerability that let attackers obtain disk encryption password

By Christian Zibreg on Dec 19, 2016

Last week’s macOS Sierra 10.12.2 software update squashed a number of bugs and patched a few newly discovered  vulnerabilities, among them one that allowed an attacker to obtain your FileVault disk encryption password by plugging in a $300 Thunderbolt device into a locked or sleeping Mac.

As detailed by security researcher Ulf Frisk, attackers must have physical access to your Mac in order to exploit the vulnerability. The obtained password may be used to unlock your Mac’s disk and access everything on it. Read More

 

Bring your padlocks up to the 21st century with the Dog & Bone LockSmart Mini

By Anthony Bouchard on Dec 13, 2016

Chances are you have a thing or two that you like to keep locked away with a padlock of some sort.

Whether you need it for a locker at school or work, or to keep a gate or shed closed at home, you can bring your padlocks up to the 21st century with the Dog and Bone LockSmart Mini, which utilizes wireless Bluetooth connectivity so you can unlock the padlock with your smartphone. Read More

 

Hacker Luca Todesco advises jailbreakers to avoid updating to iOS 10.2

By Anthony Bouchard on Dec 5, 2016

While there’s still no public jailbreak for iOS 10 to date, there have been some very convincing demos of personal jailbreaks for it, most of which have come out of the woodwork from none other than well-known iOS hacker Luca Todesco.

Amid the current jailbreak situation, Todesco is now seen warning netizens that if they have any intention of jailbreaking iOS 10 in the future, they should stay on iOS 10.1.1 and refrain from updating to iOS 10.2 when it comes out. Read More

 

iOS 10.1.1 bug allows researchers to bypass Activation Lock protection on iPhone and iPad

By Christian Zibreg on Dec 2, 2016

Back in November, India-based security researcher Hemanth Joseph discovered a bug in iOS 10.1 which permitted him to bypass Apple’s anti-theft Activation Lock feature by entering an excessively long string of characters in the Wi-Fi setup text fields.

Apple has patched the flaw in iOS 10.1.1 but now, as noted by SecurityWeek, researchers at Vulnerability Lab have managed to find another method of bypassing Activation Lock protection on an iPhone, iPad or iPod touch with iOS 10.1.1 and they posted video evidence to prove it. Read More

 

SmallHint keeps a subtle hint for your passcode on your Lock screen

By Anthony Bouchard on Dec 2, 2016

Forgetful people can now combat their inability to remember their iPhone or iPad passcodes with a new free jailbreak tweak called SmallHint.

What this tweak allows you to do is put an inconspicuous hint on your Lock screen, just below the date, that can help jog your memory in the event that you forget your passcode. Read More

 

How to set up automatic login on Mac

By Anthony Bouchard on Nov 28, 2016

Wouldn’t it be nice if you could just turn on your Mac and start using it without having to log into it all the time?

If you live in a household where you don’t need Fort Knox-like security to keep people from getting into your computer, then you can set up your Mac to log in to your account automatically when you turn it on. Read More

 

How to set up and use Touch ID on your Mac

By Christian Zibreg on Nov 23, 2016

Touch ID debuted more than three years ago with the iPhone 5s release in September 2013, which filed filed as Apple’s very first device with fingerprint scanning embedded into the Home button. Of course, it didn’t take long for Touch ID to become an important security technology on iPhones and iPads.

Since October 2016, Touch ID has been available on select Mac models, such as the late-2016 MacBook Pro with Touch Bar. If you use Touch ID on your iPhone, you’ll feel right at home on your Mac.

In this step-by-step tutorial, you’re going to learn how to set up Touch ID and Apple Pay on a Mac, enroll your fingerprints in the system and use Touch ID to quickly unlock your computer, make purchases on websites with Apple Pay and much more. Read More

 

New Lock screen bug bypasses iPhone/iPad passcode, lets you see photos/contacts

By Christian Zibreg on Nov 17, 2016

Apple likes to pride itself with strong security in iOS, but for all the platitudes the fact remains that the iPhone’s Lock screen is one of iOS’s weakest links. And now, YouTuber iDeviceHelp has discovered a new Lock screen vulnerability that lets anyone in possession of your iPhone bypass the passcode and get to your contacts and photos. The bug has been reported to Apple and should be fixed in a future update. Read More

 

iOS 10 found to store call logs for up to 4 months, Apple explains

By Christian Zibreg on Nov 17, 2016

iOS 10’s been found to upload missed call logs from apps like WhatsApp and Skype to servers, as well as near-real time FaceTime call logs—even if iCloud backup has been turned off, according to a Russian company called Elcomsoft which makes iPhone forensic tools aimed at law enforcement agencies.

Elcomsoft CEO Vladimir Katalov suspects in an interview with Forbes that this is most likely a result of iOS 10’s expanded scope of call logging due to the new CallKit framework which was designed to make VoIP calls from apps like Viber, WhatsApp and Skype behave like cellular calls and integrate with Phone’s Recents and Favorites.

According to Apple itself, call log syncing through iCloud is a convenient feature that elevates user experience by allowing customers to easily return calls from VoIP apps. Read More

 

Backdoor in some Android devices sold in the US found to send data to China

By Sébastien Page on Nov 16, 2016

Security firm Kryptowire recently discovered that some Android smartphones have a backdoor that secretly sends data to China, reports the NY Times. Maybe even more concerning, American phone maker BLU Products said that 120,000 of its phones were found to have the backdoor installed in its software, which has since been updated to remove all track of that secret backdoor. Read More

 

WhatsApp rolls out end-to-end encrypted video calling

By Christian Zibreg on Nov 15, 2016

Facebook-owned WhatsApp announced yesterday that it had begun rolling out video calling to the more than one billion users it claims across iOS, Android and Windows Phone platforms around the world.

According to TechCrunch, video calls on WhatsApp are end-to-end encrypted just like with FaceTime in order to prevent rogue parties from eavesdropping on your communications.

WhatsApp previously rolled out end-to-end encryption for chats. “We obviously try to be in tune with what our users want,” WhatsApp co-founder Jan Koum told Reuters. “We’re obsessed with making sure that voice and video work well even on low-end phones.” Read More

 

How to add more fingerprints to your iPhone or iPad Touch ID sensor

By Anthony Bouchard on Nov 15, 2016

With Touch ID, you can unlock your iPhone or iPad with your fingerprint, and you can also use it to authenticate yourself for purchases from the App Store or with Apple Pay.

When you set up your device for the first time, you’ll be asked to register one finger with Touch ID, but afterwards, you can add up to five of your fingers so they can be used with Touch ID too. Read More

 

PasswordRecovery stores passwords and recovers them when you forget them

By Anthony Bouchard on Nov 9, 2016

It can be a pain to remember all your passwords, and that’s why password manager apps like 1Password exist. But if you don’t like the big price tag or the subscription models, then PasswordRecovery is a jailbreak tweak alternative you could check out instead.

This tweak comes with password remembrance and recovery options all in a single package so you’ll never forget your passcode or have to reset a password for any of its supported apps ever again. Read More

 
Page 112345...