Hacker creates a software-only brute force tool for jailbroken devices

By Jeff Benjamin on Mar 23, 2015

Well-known iOS jailbreak developer and hacker Majd Alfhaily was intrigued when read about MDSec’s black box hardware brute force for iOS devices. The tool, which runs over a USB connection, tries every possible passcode combination in an attempt to unlock an iPhone secured with a simple passcode.

The downside of such a tool, is that each PIN entry takes approximately 40 seconds, so it could take more than 110 hours to brute force an iPhone. Majd, being the curious person that he is, devised a way to do it in a fraction of the time using only software. The only caveat, if you even want to call it that given what it does, is that the device must be able to run unsigned code, i.e., the device must be jailbroken. Read More

 

New security update is available for OS X Yosemite 10.10.2 users

By Christian Zibreg on Mar 19, 2015

Thursday, Apple issued a new security update for Mac users running OS X Yosemite 10.10.2. The update, titled ‘Security Update 2015-003 1.0,’ is available right now through the Updates tab of the Mac App Store and is recommended for all users as it improves the security of OS X.

If you’re running a public beta of OS X Yosemite 10.10.3, you won’t see this update because the stable OS X Yosemite 10.10.3 release is bound to include contents of today’s security update. Read More

 

New ‘IP Box’ tool unlocks iPhone PINs via brute force attacks

By Cody Lee on Mar 18, 2015

A new device is causing commotion around the interwebs today, that has the ability to unlock PIN-protected iOS devices. The tool, first spotlighted by security firm MDSec, is being used in the phone repair markets to brute-force iPhone and iPad Lock screens.

According to MDSec, these ‘IP Boxes’ are about the size of an Apple TV, and you can acquire one for around $300. It works by simulating the PIN entry on a device over a USB connection, and is able to sequentially bruteforce every possible PIN combination. Read More

 

CIA reportedly working to crack Apple device security to gain spy access

By Jake Smith on Mar 10, 2015

The Intercept reports the Central Intelligence Agency has been working for years to find ways to break through the security of Apple devices, with work spanning a year before the first iPhone was released. The Intercept basis its report on leaked documents, that explain a yearly gathering of CIA officials, called the “Jamboree”, to talk about flaws in commercial electronics. Read More

 

Apple issues updates for OS X, iOS and Apple TV to address ‘FREAK’ attack

By Cody Lee on Mar 9, 2015

Apple on Monday issued a security update for OS X to address a handful of vulnerabilities, including the high profile SSL flaw known as “FREAK.” Spotlighted last week, the bug allows would-be attackers to spy on communications made through Safari.

More specifically, FREAK stands for Factoring RSA Export Keys, and it affects certain embodiments of web encryption technologies SSL and TLS. If used maliciously, the flaw could leave systems open to what are known as man-in-the-middle attacks. Read More

 

Last Chance: 92% off the White Hat Security Hacker Bundle

By iDB Deals on Mar 4, 2015

Hacking often boils down to identifying weak points in digital security systems and infrastructure. Ethical hacking (aka White Hat hacking) is all about plugging those holes before someone with nefarious intentions exploits them. So how do you get started working with the “good guys” and protecting your own systems when it comes to hacking? With the White Hat Security Hacker Bundle, of course.

Offering access to six comprehensive online courses, this is your last chance to take advantage of the White Hat Security Hacker Bundle at the price of $49 – saving more than 90% off the $622 MSRP. The deal ends tomorrow. Read More

 

Apple confirms ‘FREAK Attack’ patch for iOS and OS X due next week

By Christian Zibreg on Mar 4, 2015

A new exploit dubbed ‘FREAK Attack’ — which stands for “Factoring attack on RSA-EXPORT Keys” — that takes advantage of a security flaw dating back to the 1990s will be patched soon by Apple.

As we speak, the iPhone maker is readying a fix in iOS and OS X that will be available in software updates next week, a spokesperson for the Cupertino firm told iMore.

Plagued by this security flaw, users of Mac, iPhone, iPad, iPod touch and Android devices are at risk when visiting vulnerable websites that downgrade a secure HTTPS connection to a weaker encryption method. Read More

 

Apple to make ‘a large number’ of day-to-day security guards full-time employees

By Christian Zibreg on Mar 3, 2015

Following the outcry in Silicon Valley regarding the treatment of part-time employees, and in general people who work for technology companies, Apple is now moving to “dramatically expand” its in-house security team by giving contracted workers the same benefits as other employees, as per Mercury News Tuesday.

A company spokesperson confirmed to the paper that Apple has now decided to hire the majority of its day-to-day security staff in Silicon Valley as full-time workers, following a yearlong review. Read More

 

Tim Cook: there is no reason why you would have to choose between privacy and security

By Oliver Haslam on Feb 28, 2015

Apple CEO Tim Cook is on the final leg of his tour of Isreal and Europe and has been speaking to UK publication The Telegraph about a range of things including Apple customers’ privacy and of all things, terrorism.

Known for his unusual stance on privacy – one which doesn’t jive with other high profile tech executives who are happy to share everything about you – Cook told the publication during an interview that he feels people’s information is being “trafficked around” in ways that they just don’t yet understand. Read More

 

Apple and other Western firms removed from China’s approved government purchase list

By Christian Zibreg on Feb 26, 2015

Apple, along with other leading Western technology companies, has been taken off the list of approved tech companies for state purchases in China, Reuters reported last evening.

Apparently in response to widespread Western cyber-surveillance, companies like Apple, network equipment maker Cisco Systems and chip giant Intel have now been removed from the Central Government Procurement Center’s (CGPC) list.

The list, maintained and approved by China’s Ministry of Finance, covers regular spending by central ministries. Read More

 

Hackers break Apple’s Lightning connector making it easier to debug kernel bugs for future jailbreaks

By Jeff Benjamin on Feb 14, 2015

Big news for the hacking community, and by extension, iPhone jailbreakers. Apple’s Lightning connector—a proprietary bus and power connector found in all modern iPhones, iPads and iPod touches—has had its security compromised by a team of resourceful hackers. What does this mean for the jailbreak community? Read More

 

Apple Pay gets major backing from US Government

By Sébastien Page on Feb 13, 2015

As Apple CEO Tim Cook spoke at the President Obama’s Summit on Cybersecurity on Friday, the White House announced that Apple Pay will be enabled for federal payment cards, including Social Security and veterans benefits that are issued via debit cards.

The news represents a major vote of confidence for Apple Pay and Apple in general. While it shouldn’t be considered a proper endorsement from the White House, it is still a major win for Apple. Read More

 

You need to enable two-factor authentication everywhere right now

By Oliver Haslam on Feb 13, 2015

You just can’t take security too seriously these days, because even if you don’t think your personal information is all that interesting to others, you’re probably wrong. Whether it’s people selling your banking data or trawling your emails for ways to get into all of your social media accounts, you really don’t want anyone having access to your data when they don’t have your permission.

Recent high profile so-called hacks have highlighted the need for improved personal online security, with numerous celebrities having their personal photographs stolen and then leaked online. It transpired that the photos had been acquired via compromised iCloud accounts, and with the move to iCloud Photo Library and the soon to be released Photos app for the Mac, we’re likely to have more and more of our digital lives sat on Apple’s servers.

Throw the data Google has into the mix, especially if you use Gmail, and things can get scary, fast.

Strong passwords are obviously the way to go here, but that isn’t always going to be enough to stop bad people from doing bad things, especially if they manage to get that password via another compromised service. But you’re OK, because you don’t re-use passwords, right? Right. Read More

 

Apple enables two-step verification for FaceTime and iMessages

By Cody Lee on Feb 12, 2015

Apple has enabled two-step verification for its FaceTime and iMessage services, The Guardian reported on Thursday. The move will force users who have the authentication system enabled to input an app-specific password when logging into either of the two services.

For those unfamiliar with the term, two-step verification is an opt-in system that adds an additional layer of security to Apple ID accounts. It requires users to input authentication codes when logging into iCloud on new devices, the web, and now iMessage and FaceTime. Read More

 

Good deal: get 25% off the Sesame 2 wireless auto-lock for Mac

By iDB Deals on Feb 12, 2015

The Sesame 2 automatically locks your Mac as soon as you walk away, providing peace of mind and security, as well as protection against fraud and other malicious attacks. Better yet, it automatically unlocks your Mac when you return for a quick and convenient privacy solution.

The Sesame 2 enables you to customize its parameters, providing bespoke security solutions for the house, office or coffee shop. Utilizing the clear, simple and accessible interface, you’ll be is in control: whether it’s 5 or 50 feet, with the Sesame 2, you can lock down your Mac according to your schedule. Read More

 

iDB Deals: big discounts on VPN services

By iDB Deals on Feb 10, 2015

With news of the massive Anthem/Blue Cross hack last week, another huge corporation has been crippled by a digital security breach, exposing private data for millions of customers. At this point, taking steps to protect oneself online is just common sense, and utilizing a VPN service is an easy way to decrease your risk when browsing the web.

Whether it’s keeping your browsing history hidden, staying protected when using an unsecured or public wi-fi connection, or accessing content outside of geographic restrictions, a VPN is the safe and sensible choice for browsers across the world. With these offers from iDownloadBlog Deals, you’ll be able to get several years of a VPN service at a heavily discounted (and affordable) price. Read More

 

MacID review: unlock your Mac using Touch ID

By Lory Gil on Jan 30, 2015

Thanks to Bluetooth LE connectivity, users are able to connect their smartphones to their computers to share content between devices quickly, easily, and without being too taxing for battery life. On iOS and OS X, you can even do stuff like lock or unlock your Mac. Mac ID for iOS is one such app. Not only can you set it up to unlock your computer, but you can also lock it and wake the screen remotely. We’ve got a hands-on review of MacID for iOS for you today. Read More

 

Your spare iOS device can be turned into a home security camera with Manything

By Lory Gil on Jan 24, 2015

Most of us have at least one extra iOS device lying around somewhere that doesn’t get used as much as the others. Instead of letting it sit around, slowly losing battery life, why not set it up to be a home security monitor?

Manything is a free app that you can download onto two iOS devices. One device acts as the camera to record everything, while the other acts as the remote viewer so you can check in to see what your cat is up to while you are away. Read More

 

Apple bows to pressure, consents to security audits of iPhones, iPads and Macs sold in China

By Christian Zibreg on Jan 23, 2015

CEO Tim Cook has agreed to allow Chinese government officials to conduct security audits on Apple devices sold in China, IDG News Service reported yesterday.

The surprising development comes amid tensions that have erupted in the 1.33 billion people country, Apple’s second largest market by revenue, over allegations that other governments are using Apple devices for surveillance and accusations of state-sponsored phishing attacks on Apple’s iCloud users. Read More

 

Poll: should Apple add multi-user access to iOS?

By Christian Zibreg on Jan 21, 2015

Yesterday, I stumbled upon an intriguing post over at The Loop which I felt raised a valid point about multi-user access in iOS, or the lack of.

It’s especially relevant in light of the fact that Android Lollipop enables multi-user support on phones.

Tablets, of course, have had this for nearly three years with Jelly Bean and up. Now, adding the ability to share your iPhone or iPad with someone else isn’t as trivial as it may appear at first sight as there are many technical hurdles to overcome.

On the other hand, can anyone imagine Apple not working on solving this pain point for its users? I mean, OS X supports multiple user accounts by design and iOS is basically a slimmed down version of OS X.

Anyways, is multi-user access one of those features the company should prioritize for the next major refresh of iOS, do you think? Read More

 
Page 112345...