By Christian Zibreg on Jul 8, 2015
At WWDC, Apple has made a promise to step up security with native two-factor authentication in iOS 9 and OS X El Capitan. Before today, the feature was unavailable on iOS 9 betas prior to beta 3.
But with today’s release of iOS 9 beta 3, the new system has made its debut, with some users offered the option to upgrade their Apple ID to use the new two-factor authentication.
Here’s what you need to know about this new system, how it increases your security and how it’s different from Apple’s existing two-step verification process. Read More
By Jeff Benjamin on Jul 7, 2015
Now that Amazon Payments is no longer an option for purchases in Cydia, users are forced to use PayPal, at least for the time being. Saurik has noted that he plans on offering an alternative to Cydia, but until that day comes, users are forced to use PayPal.
The problem with PayPal, is that you cannot make a payment via Cydia if you have 2 Factor Authentication (2FA) enabled on your PayPal account. You’ll simply receive an error message stating that you need to add your security key to the end of the password in order to login. This, unfortunately, doesn’t work, leaving users who haven’t set up the initial auth with PayPal unable to purchase Cydia tweaks.
This issue is due to the mobile PayPal interface presented while inside Cydia. If you can bring your authorization outside of Cydia and into mobile safari, you can invoke the desktop interface and login to PayPal that way. Thankfully, a new jailbreak tweak makes this easy. Read More
By Jeff Benjamin on Jul 2, 2015
After a false start earlier this morning with an update to its iOS 8.4 jailbreak tool, TaiG has officially released version 2.2.1.
This update is security oriented, as it contains the setreuid patch to prevent applications from obtaining to root privileges through setreuid. The update also contains stability improvements. If you’ve yet to jailbreak your iOS 8.4 device, it is recommended that you use this latest version of TaiG’s tool, version 2.2.1. Read More
By Jeff Benjamin on Jun 23, 2015
Jailbreakers Nikias Bassen (Pimskeks) and Melissa Archer have teamed up for a new security-oriented jailbreak tweak called Blocked. Released at WWJC 2015, Blocked brings two new operation modes to the iPhone for enhanced security.
The two modes, SleepMode and GuestMode, each work to block access to certain features. By using Activator gestures, users can quickly and stealthily enter either mode to beef up device security.
Watch our video walkthrough inside to see how to the tweak works. Read More
By Christian Zibreg on Jun 22, 2015
A cross application resource attack (XARA) that researchers at Indiana University, Georgia Tech and China’s Peking University publicized last week seems to have been partially addressed as Apple issued a server-side fix on the Mac App Store to block malicious apps and secure app data.
Additional fixes are in the works for the XARA exploits on both iOS and OS X, a company spokesperson told iMore. XARA exploits allow malicious apps to steal iCloud credentials of a user, access private data in apps like 1Password and Evernote, hijack their iCloud Keychain passwords and more. Read More
By Christian Zibreg on Jun 17, 2015
Your confidential information ranging from web passwords in Chrome and other browsers to app passwords to banking credentials stored and synced between devices though Apple’s iCloud Keychain service—even data you thought was stored safely in password managers like 1Password and LastPass—can be easily compromised due to a trio of major vulnerabilities discovered in Apple’s desktop and mobile operating systems.
As discovered by a team of researchers at Indiana University, Georgia Tech and China’s Peking University and reported by The Register, Keychain’s access control lists, URL schemes and OS X’s app containers contain flaws creating serious attack vectors. Read More
By Cody Lee on Jun 10, 2015
Good news today for jailbreakers who are hoping to update to iOS 9 this fall. Speaking with Forbes’ Thomas Fox-Brewster, Liang Chen of the elite hacking group Keen Team says they’re eyeing the firmware to release their first ever jailbreak.
Right now, Chen says the team is prodding the recently released iOS 9 developer beta, and may even reach out to the well-known Pangu Team for assistance. “We want to release it just after iOS 9, that’s our plan,” he told Forbes. “It depends how lucky we are.” Read More
By Christian Zibreg on Jun 10, 2015
A serious bug in Apple’s stock Mail application for iPhone, iPod touch and iPad permits attackers to fool users into providing their iCloud credentials.
Such phishing attacks can be devastating as iCloud increasingly becomes home for our digital life in the Apple universe, including our photo libraries, notes, contacts and other personal data.
The scam takes advantage of an exploit in the Mail application that makes it easy to deliver convincing-looking pop-ups resembling iCloud password prompts through a simple email message, The Register reported Wednesday.
While such emails look like they’re coming from a real company, they’re spoofed and once an unsuspecting user opens them on their iPhone, iPod touch or iPad running iOS 8.3, the operating system will execute malicious HTML content embedded inside. Read More
By Christian Zibreg on Jun 8, 2015
Activation Lock, Apple’s theft-deterrent feature available on iPhone, iPod touch and iPad devices running iOS 7 or later, will be available on the Apple Watch this fall, courtesy of the free watchOS 2 software update announced earlier this morning during the Worldwide Developers Conference keynote talk.
It was previously discovered that the Apple Watch lacks this necessary security feature to dissuade thieves due to the limitations in its software and its dependency on iPhone for network connectivity. Read More
By Cody Lee on Jun 2, 2015
Tim Cook took time out of his busy schedule yesterday to talk about privacy with folks attending EPIC’s Champions of Freedom event in Washington. EPIC, a non-profit research center focused on emerging privacy issues, was honoring the CEO for his superior “corporate leadership.”
Cook addressed attendees via a remote video feed, and spoke about a number of topics regarding privacy, security and what they mean to Apple versus other Silicon Valley tech giants. TechCrunch has a transcription of the speech, and he takes quite a few jabs at Facebook and Google. Read More
By Jeff Benjamin on May 28, 2015
Google’s annual I/O conference is currently going on in San Francisco, and as expected, Android M, its latest update to Android, was officially unveiled. Although lots of new features will be packed in with Android M, six of those features were brought to the forefront during the beginning of the I/O keynote.
Google states that Android M is rethinking fundamental aspects of how the platform has worked for years, and focuses on polish and quality and improving the core user experience. From what we’ve seen thus far, we’d have to agree.
The following six areas—App Permissions, Web Experience, App Links, Android Pay, Fingerprint Support, and Power & Charging—were specially highlighted as new features for Android M. What do these new features mean for Android and the future of mobile? Read More
By Christian Zibreg on May 25, 2015
The National Security Agency’s (NSA) bulk phone metadata collection program should come to an end on June 1 at 5pm Eastern time as the Obama administration has reportedly decided not to ask a secret court for a 90-day extension of Section 215 in the Patriot Act, an administration official confirmed to The Guardian on Saturday.
The controversial program was established as an effective, secret means of siphoning user data, not just from carriers but also from major technology companies like Apple, AT&T, Google, Verizon, and Microsoft, with or without their willing participation. Read More
By Jeff Benjamin on May 22, 2015
Recent reports are claiming that Apple’s upcoming iOS update—iOS 9—will make it more difficult to jailbreak iPhones and iPads going forward. Some are even stating that it will be nearly impossible to jailbreak an iPhone running iOS 9.
The reason? Rootless—the kernel-level security feature that was discussed earlier today. This new feature is said to prevent malware, increase the safety of extensions and preserve the security of sensitive data.
When it’s all said and done, Apple’s security efforts in iOS 9 appear to be its most prolific since iOS 5. It could make it more of a challenge for jailbreakers and hackers.
But impossible? There’s nothing that’s impossible when it comes to security. More difficult? Perhaps. More challenging? Maybe. But impossible? Read More
By Christian Zibreg on May 19, 2015
In the refreshed iOS Security Guide, Apple has for the first time detailed security technologies pertaining to the Apple Watch.
As it turns out, the wrist-worn device borrows the many security features and technology built for iOS, including hardware-encrypted storage and data protection, keychain access control, protection of wireless data exchange with its paired iPhone and much more. Read More
By iDB Deals on May 19, 2015
An all-in-one solution for online privacy, Blur protects you from credit card fraud, identity theft, and third-party monitoring. Get a lifetime subscription to Blur from iDownloadBlog Deals today for just $49.99. Read More
By Jeff Benjamin on May 13, 2015
The Apple Watch contains security measures to prevent thieves from accessing your data, but it doesn’t include the necessary features to dissuade thieves from trying to steal your device to begin with.
The problem stems from the lack of an Activation Lock-like feature on Watch OS 1.0.
Unlike the iPhone, if someone steals your Apple Watch, they can easily reset the device (bypass the passcode), and pair it with a new iPhone logged in to a different iCloud account. In other words, it’s totally feasible to steal an Apple Watch and set it up on a different device as if you just purchased it from an Apple Store. Read More
By Christian Zibreg on May 13, 2015
With ephemeral messaging growing in popularity, and given ongoing fear of government-sponsored snooping, small wonder that BitTorrent has now entered the market for secure chat apps — and in a pretty big way, too.
Bleep, their new Mac and iOS secure messaging and VoIP software, strives to ensure the privacy of your conversations by never saving them on your device or the servers. In a nutshell, Bleep uses encryption and peer-to-peer networking to establish a private, secure connection between devices.
With Bleep, you can whisper with friends on your Mac or iPhone and the messages will disappear after they are read. Read More
By Jeff Benjamin on May 13, 2015
There seems to be a bit of misunderstanding when it comes to using a passcode on the Apple Watch. I’ve seen more than a few comments about how inconvenient it would be to have to “enter a passcode on that tiny screen every time I want to use the watch.” Indeed, it would be inconvenient if that were a true statement; thankfully it’s not. Read More
By Jeff Benjamin on May 13, 2015
If you forget your Apple Watch passcode and enter an incorrect passcode more than six times in the row, your Apple Watch will lock you out. You’ll then see a message that tells you to try entering your password again in a few minutes.
But what if you simply can’t remember your passcode? What then? If that’s the case, then you’ll need to erase your Apple Watch, re-pair it with your iPhone, and restore from backup. Check out our tutorial that shows you how to reset your Apple Watch from your paired iPhone or from the Apple Watch itself. Read More