Anyone familiar with the jailbreak scene knows that Luca Todesco sports l33t hacking skills, but the security researcher reaffirmed those skills this week after sharing a demonstration video of what appears to be a hacked iPhone X-style device running the eighth developer beta of iOS 13.
The video, embedded below for your viewing pleasure, showcases what appears to be a WebKit-based software bug at work:
Originally introduced in January at CES 2019, the YubiKey 5Ci security key for two-factor physical authentication on iPhone, iPad, Mac and more is now available for $70.
Apple’s legal team filed a lawsuit against mobile device virtualization company Corellium LLC this week for purported “copyright infringement,” citing that Corellium’s business model “is based entirely on commercializing the illegal replication of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other Apple devices.”
Corellium’s services are a valuable asset to security researchers because they enable deployment of Apple’s mobile operating system in a virtualized environment. With such a tool, hackers can research iOS vulnerabilities, and in the case of unc0ver lead developer Pwn20wnd, it can even help with jailbreak tool development by ensuring stability across all device and firmware combinations.
Apple is making some big changes to iOS 13, including alterations to privacy in the mobile operating system, but some App Store developers aren't happy with them.
A major vulnerability discovered in the Bluetooth wireless protocol, officially acknowledged by the Bluetooth Special Interest Group (SIG), has been patched by Apple in the latest iOS, macOS, watchOS and tvOS updates to the iPhone, iPad, Mac, Apple Watch and Apple TV devices.
Not all Lightning cables are created equal. In fact, the security researcher known as MG has managed to create a special cable that looks like Apple's official Lightning cable with one crucial difference: it gives an attacker a way to remotely tap into your computer.
Anytime you jailbreak an iOS device, one of the first things you’re ever advised to do is change your handset’s root password, which is commonly used to access elevated privileges in mobile terminal when entering complex commands. The password is always “alpine” out of the box, but users can change this to almost anything they want to increase their handset's security from a commonly-known password.
As imperative as changing the root password may be, many jailbreakers either forget to do so or shrug off its importance. For that reason, we’re particularly fond of a sleek concept that was shared to /r/jailbreak over the weekend that rethinks the way jailbreakers will interact with their root password after jailbreaking their handset for the first time.
Apple billed Face ID as being far more secure than Touch ID way back in 2017 when it introduced the TrueDepth camera in the iPhone X. The company has reiterated that sentiment more than a few times, even if the biometric security measure has technically been beaten a few times.
Last month, it was revealed that some contractors for Apple have the capability to listen to Siri interactions. Unsurprisingly, a class action lawsuit has already been leveled against Apple for the infraction.
Apart from unveiling a dedicated macOS bounty program at this week's Black Hat security conference, Apple is expected to hand researchers special pre-jailbroken iPhone devices that will make it easier for them to detect security vulnerabilities in the iOS operating system.
Apple is predicted to unveil a macOS bounty program at the upcoming Black Hat security conference which takes place in Las Vegas, Nevada later this week, Forbes reported today.
Apple's decision to temporarily halt the Siri grading initiative in order to review privacy policies and safeguards has prompted rival Google and Amazon to suspend their own programs which permitted employees to listen to recorded voice assistant audio for quality control purposes.