If you are a long-time iDB reader, you'll likely recognize the name Charlie Miller. The iOS hacker has broken through the security of everything from the iPhone to the App Store.
Well it looks like Miller's iOS hacking days are over, at least for now. The systems expert announced on Friday that he will be joining Twitter's security team, starting next week...
If you've been anywhere near an electrical outlet today, you already know about the latest privacy scare reportedly involving the hacking group AntiSec publishing a million UDIDs they allegedly lifted from a laptop belonging to an FBI agent. It's been all over the news and concerned citizens jumped to the rescue by writing a web app to check if your device identifier has been compromised (though I wouldn't be typing in my UDID into some web form if I were you).
Well, the Federal Bureau of Investigation, also known under the widely popular FBI moniker, issued a public statement related to the scandal. No, the Bureau absolutely had nothing to do with collecting Apple UDIDs. Its agent wasn't carrying around a file with a whopping twelve million device identifiers, thanks for your question. And of course they refuted the story and denied any wrongdoing. Sometimes, it's easier to believe in God than to trust the Government, isn't it?
Yesterday, news broke that the hacking group AntiSec published a million UDIDs from an alleged trove of twelve million device IDs claimed to have been stolen from a laptop belonging to an FBI agent. Even though the hackers had removed some of the identifiable information from the list, your UDID might be exposed out in the wild, along with 999,999 other IDs posted on the web.
And why would you want to know if your UDID is out there for everyone to see? Good question. Your UDID uniquely identifies your device and expert hackers could use it to glean all sorts of information from other data associated with your UDID.
Yeah, it's a privacy catastrophe, one that might potentially even lead to identity theft. Perhaps even more important than that, wouldn't you like to know if your device is on the FBI's watch list?
Earlier this year, Apple started rejecting applications that called on unique device identifiers (or UDIDs). The move came amidst privacy and security concerns, as several apps were found to be misusing the information.
Tonight, those concerns multiplied as the hacking group known as AntiSec announced that it had acquired more than 12 million device IDs from a recent FBI hack. And they've just released a million of them...
The iPhone receives a fair amount of praise for its security features. The Massachusetts Institute of Technology says that the handset's encryption is so good, that it's tough for law enforcement agencies to perform forensics.
But this doesn't mean it's impenetrable, as hackers continue to find flaws. In fact, another big one was recently discovered in the form of spyware, which can take over the iPhone and give a user remote access to its contents...
I've always tinkered with my devices, regardless of their OS. I remember installing leaked versions of RIM's OS 6 on my old BlackBerry Bold, and rooting my Android handsets to install the latest ROMs.
But out of all of those experiences, I can honestly say that hacking devices, customizing them and installing tweaks, is much easier to do on iOS than it is on any other platform — even the "open" Android...
Jailbreak community owes a lot to adept hackers who find and exploit weaknesses in the design of iOS mobile operating system, thus allowing Apple's mobile gadgets to run unsanctioned software. It's more often than not a neverending cat-and-mouse game between Apple and hackers that at the end benefits jailbreakers the most.
Say you're an expert hacker who just figured an exploit in one of Apple's products. You could report your findings directly to Apple and help them plug those holes with a software update.
But did you know you could also hand over this valuable information to an exploit broker who will sell it to a government agency and net you a decent profit, minus the broker's commission? A U.S. government agency, to be precise...
Foxconn, Apple's largest manufacturing partner, has been back in the media spotlight over the last few weeks. Last month, the New York Times pointed to the company in its report on the poor working conditions in Chinese factories.
Foxconn has since been the target of activists and protestors, but now it's found itself in the sights of a different breed. It seems that the world's largest component manufacturer has been hacked by a new group called Swagg Security...
The amount of customers reporting that their iTunes account have been hacked is growing steadily on Apple's Support Forum. Customers are reporting that their accounts are being hacked, and the hackers are then using the accounts to purchase gift cards, make purchases on the store, and even using their PayPal accounts.
The Globe and Mail reports customers that have been hacked are growing increasingly frustrated with Apple's response to the issue...
In case you thought computer hacking died with mid-1990's thrillers like The Net or Hackers, think again. It seems like we've seen an uprise of digital deviants over the last few months.
They've taken down Sony's PSN network, stolen mounds of credit card information, and even infiltrated Arizona's government network. According to the infamous hacking group known as "Anonymous," their latest corporate target is Apple...
Lulz Security, commonly referred to as LulzSec, has been causing all sorts of chaos around the web for the past few months. The team of hackers is responsible for a number of recent attacks, including posting a fake news story on PBS.com and knocking the CIA's website offline.
Though their recent attacks have been fairly harmless, their most recent break-in has made a lot of folks nervous. Last Thursday, LulzSec published more than 700 confidential documents stolen from the Arizona Department of Public Safety (DPS).
The 440MB of data included emails, handbooks, images and other sensitive files, some of which revealed the identities of Arizona Law Enforcement. In sifting through the data, Techland uncovered a form particularly interesting to iDB entitled "iPhone apps- used against officers.doc"
Up until the Cupertino company launched iOS 4 last year, there wasn't any real data protection for iDevices. This left much of the government and enterprise market who require top notch security, holding onto their BlackBerry devices.
iOS 4 brought about industry-standard AES-256 encryption. The new protection consisted of encrypted key sets that were either tied to the device or to the iDevice user's passcode. Up until now, that encryption has been fairly unbreakable...