Security

iOS 8 lets native apps tap into Safari’s AutoFill & Passwords for frictionless login experience

Christian Zibreg ∙ June 13, 2014

In addition to using your device’s iSight camera to scan in credit card information, Safari in iOS 8 makes it easy for third-party apps to tap into the browser's AutoFill & Passwords feature for hassle-free logins.

Provided a user has previously saved their username and password for a specific website using Safari's AutoFill & Passwords feature, a native iOS app is now permitted to retrieve this information and re-use it to authorize a user quickly and securely, bypassing the login screen altogether...

iOS 7 security flaw allows for Lock screen bypass in seconds

Joe Rossignol ∙ June 9, 2014

A new security flaw has been discovered that allows for the Lock screen on iOS 7.1.1 to be bypassed in just seconds. The vulnerability provides access to any app that was left open before the device was locked, such as Mail or Messages, but a prompt appears to re-enter your Lock screen passcode if you attempt to navigate to the Home screen or elsewhere. Read ahead for how it works…

iCloud hackers who held iOS devices ransom detained in Russia

Joe Rossignol ∙ June 9, 2014

The Sydney Morning Herald reports that Russian authorities have detained two young hackers for hijacking iOS devices through iCloud and holding them ransom for payment. The suspects, both residents of the Southern Administrative District of Moscow, are a 23-year-old named Ivan and an unnamed 17-year-old that served as his accomplice.

Russia's Ministry of Internal Affairs announced on Monday that the hackers were detained during the course of "operational activities" by the Russian Interior Ministry. The hackers were caught on closed-caption TV after attempting to withdraw ransom payment from an ATM machine. The ministry also noted that one of the suspects has already been tried before…

PayPal integrating Touch ID into its iOS app

Christian Zibreg ∙ June 5, 2014

A year ago, PayPal CISO Michael Barrett spelled doom for existing verification methods based on passwords and expressed hope that the then unreleased iPhone 5s would kill the password once and for all. As it turned out, Apple limited the handset's fingerprint scanner to iTunes purchases and user authentication on the Lock screen.

But with the iOS 8 SDK now official, Apple has opened up Touch ID to developers and PayPal is first out of the gate with the official confirmation that it is working on integrating Touch ID authentication into its mobile apps...

Apple says Australian iOS device attacks not caused by iCloud breach

Cody Lee ∙ Updated December 2, 2016

On Monday, a number of iOS and Mac users came forward with complaints that their devices had been remotely locked by hackers. In most of the cases, a message appeared via Find My iPhone on the locked devices, demanding payment for the hack to be reversed.

As far as we can tell, the attacks have been concentrated on Mac and iOS products in Australia. And among the various theories of how the hackers were able to set a remote lock has been the fear that iCloud was breached. But Apple says it hasn't been compromised...

Ryan Petrich releases jailbreak tweak to patch iOS 7 Mail encryption bug

Cody Lee ∙ May 7, 2014

Earlier this week, word got out that there's a gap in security in iOS. Security researcher Andreas Kurtz discovered that all versions of iOS 7.1, and at least iOS 7.0.4, don't encrypt email attachments.

Kurtz says that he has informed Apple of the bug, and they are working on a fix, but there's no word when it will be available. Fortunately, the jailbreak community has a much faster response time...

iOS bug leaves email attachments unencrypted, Apple working on a fix

Christian Zibreg ∙ Updated November 9, 2016

Do you access sensitive document attachments on your iPhone, iPod touch or iPad, stuff like contracts, invoices, bank statements and what not?

If so, your security and privacy could be compromised because iOS is storing email attachments in the clear - that is, in the unencrypted form - thus making stored attachments easily readable by using a piece of software to browse a person's on-device email folder for an IMAP account.

A researcher who claims to have discovered this security flaw has found that iOS 7.0.4 and later - including the latest iOS 7.1.1 - do not encrypt email attachments...

1Password for Mac updated with Watchtower support

Cody Lee ∙ Updated October 13, 2018

Following the update to the iOS app this week, AgileBits has posted a new version of 1Password for Mac, bringing the password manager to version 4.4. The update includes just a handful of improvements, but is notable because it adds Watchtower integration.

For those unfamiliar with it, 1Password Watchtower is a service that identifies websites that are vulnerable to known security risks, and suggest that you change your passwords. It's fairly new, emerging after last-month's 'Heartbleed' bug infected several websites...

UnShaker7: unlock your iPhone with a shake

Jeff Benjamin ∙ April 29, 2014

Unshaker7 is a new jailbreak tweak that was created to allow iOS 7 users to unlock their iPhones using a shake gesture. Although that's the intention of the tweak, the execution of the idea didn't exactly go as planned.

The tweak is extremely simple, and only contains a few options to configure, but it's flawed. Have look inside at our video walkthrough to see what I mean.

Stride 2: unlock your iPhone with style on iOS 7

Jeff Benjamin ∙ April 28, 2014

Adam Bell's much-loved Stride jailbreak tweak has finally received some love for iOS 7, and it comes in the form of Stride 2, a brand new upcoming incarnation of Stride that works on Apple's latest version of iOS.

Stride 2 lets users unlock their devices by drawing a password on screen using a finger. It's an elegant and individualistic method for unlocking a device. Have a look at our full video review of Stride 2 inside.

Locko password manager for OS X secures your info without breaking the bank

Lory Gil ∙ Updated October 13, 2018

In light of the recent Heartbleed exposure, a lot of companies have been updating their OpenSSL security software and asking account users to update their password information. Some companies have actually forced users to change their password. It is extremely important to have a unique, strong password that combines numbers, letters, and symbols to secure your private information. However, it is difficult to remember dozens of complex passwords and you don’t want to use the same one for every account.

Locko for OS X is a password manager that makes it possible for you to create and store as many unique passwords as you need while only needing to remember one. Plus, it comes with a file vault and cloud sync so you can keep all of your data secure and access it from any device…

TapToUnlock7: unlock iOS 7 devices with just a tap

Jeff Benjamin ∙ April 25, 2014

No more sliding! Just Tapping. That's the headline for the description for TapToUnlock7 in Cydia, and I have to say, it's apt. TapToUnlock7 is a tweak that gets rid of the "slide to unlock" action and replaces it with a simple tap.

TapToUnlock7 works with both passcode enabled devices and unsecured devices. When you have a passcode enabled, a tap will activate the passcode screen, and when you have the passcode disabled, you'll be whisked away right to iOS' Home screen.

The tweak features a variety of customization options to change up the look and feel of the tap to unlock button on the Lock screen. Have a look inside as we explore various facets of this brand new release.