Security

NSA bulk collection of US phone metadata reportedly ending next Monday

Christian Zibreg ∙ May 25, 2015

The National Security Agency's (NSA) bulk phone metadata collection program should come to an end on June 1 at 5pm Eastern time as the Obama administration has reportedly decided not to ask a secret court for a 90-day extension of Section 215 in the Patriot Act, an administration official confirmed to The Guardian on Saturday.

The controversial program was established as an effective, secret means of siphoning user data, not just from carriers but also from major technology companies like Apple, AT&T, Google, Verizon, and Microsoft, with or without their willing participation.

iOS 9 security & jailbreaking: there’s no such thing as impossible

Jeff Benjamin ∙ May 22, 2015

Recent reports are claiming that Apple's upcoming iOS update—iOS 9—will make it more difficult to jailbreak iPhones and iPads going forward. Some are even stating that it will be nearly impossible to jailbreak an iPhone running iOS 9.

The reason? Rootless—the kernel-level security feature that was discussed earlier today. This new feature is said to prevent malware, increase the safety of extensions and preserve the security of sensitive data.

When it's all said and done, Apple's security efforts in iOS 9 appear to be its most prolific since iOS 5. It could make it more of a challenge for jailbreakers and hackers.

But impossible? There's nothing that's impossible when it comes to security. More difficult? Perhaps. More challenging? Maybe. But impossible?

How security technology and data protection are implemented within Apple Watch

Christian Zibreg ∙ Updated January 26, 2016

In the refreshed iOS Security Guide, Apple has for the first time detailed security technologies pertaining to the Apple Watch.

As it turns out, the wrist-worn device borrows the many security features and technology built for iOS, including hardware-encrypted storage and data protection, keychain access control, protection of wireless data exchange with its paired iPhone and much more.

Watch OS 1.0 lacks the necessary security features to dissuade thieves

Jeff Benjamin ∙ Updated June 30, 2023

The Apple Watch contains security measures to prevent thieves from accessing your data, but it doesn't include the necessary features to dissuade thieves from trying to steal your device to begin with.

The problem stems from the lack of an Activation Lock-like feature on Watch OS 1.0.

Unlike the iPhone, if someone steals your Apple Watch, they can easily reset the device (bypass the passcode), and pair it with a new iPhone logged in to a different iCloud account. In other words, it's totally feasible to steal an Apple Watch and set it up on a different device as if you just purchased it from an Apple Store.

BitTorrent launches Bleep, secure peer-to-peer messaging app for iPhone and Mac

Christian Zibreg ∙ Updated March 10, 2018

With ephemeral messaging growing in popularity, and given ongoing fear of government-sponsored snooping, small wonder that BitTorrent has now entered the market for secure chat apps — and in a pretty big way, too.

Bleep, their new Mac and iOS secure messaging and VoIP software, strives to ensure the privacy of your conversations by never saving them on your device or the servers. In a nutshell, Bleep uses encryption and peer-to-peer networking to establish a private, secure connection between devices.

With Bleep, you can whisper with friends on your Mac or iPhone and the messages will disappear after they are read.

Why you should be using a passcode on your Apple Watch

Jeff Benjamin ∙ Updated April 25, 2023

There seems to be a bit of misunderstanding when it comes to using a passcode on the Apple Watch. I've seen more than a few comments about how inconvenient it would be to have to "enter a passcode on that tiny screen every time I want to use the watch." Indeed, it would be inconvenient if that were a true statement; thankfully, it's not.

Apple releases Safari 8.0.6 with security fixes

Cody Lee ∙ Updated April 18, 2018

Apple this afternoon released Safari updates for Yosemite (8.0.6), Mavericks (7.1.6), and Mountain Lion (6.2.6). The new versions include fixes for multiple memory corruption issues in WebKit, which Apple says could lead to arbitrary code execution or unexpected application termination when visiting a maliciously-crafted website.

How to lock and unlock Apple Watch with a passcode

Jeff Benjamin ∙ Updated June 11, 2025

Learn how to secure your Apple Watch with a passcode, change the current passcode, and explore other related security settings.

iOS 8.3 patches another jailbreak exploit

Cody Lee ∙ Updated April 30, 2018

In addition to a lengthy change log of improvements, today's iOS 8.3 release also includes several security patches. In fact, as MuscleNerd points out, the new firmware features 39 security patches, rivaling the amount found in the jump from iOS 7 to iOS 8.

Among the patches is one of particular interest, to us anyway, that is credited to the TaiG Jailbreak Team. It's labeled CVE-2015-1087, and described as a backup bug that can allow an attacker to use the backup system to access restricted areas of the file system.

Hacker creates a software-only brute force tool for jailbroken devices

Jeff Benjamin ∙ Updated April 30, 2018

Well-known iOS jailbreak developer and hacker Majd Alfhaily was intrigued when read about MDSec's black box hardware brute force for iOS devices. The tool, which runs over a USB connection, tries every possible passcode combination in an attempt to unlock an iPhone secured with a simple passcode.

The downside of such a tool, is that each PIN entry takes approximately 40 seconds, so it could take more than 110 hours to brute force an iPhone. Majd, being the curious person that he is, devised a way to do it in a fraction of the time using only software. The only caveat, if you even want to call it that given what it does, is that the device must be able to run unsigned code, i.e., the device must be jailbroken.

New security update is available for OS X Yosemite 10.10.2 users

Christian Zibreg ∙ March 19, 2015

Thursday, Apple issued a new security update for Mac users running OS X Yosemite 10.10.2. The update, titled 'Security Update 2015-003 1.0,' is available right now through the Updates tab of the Mac App Store and is recommended for all users as it improves the security of OS X.

If you're running a public beta of OS X Yosemite 10.10.3, you won't see this update because the stable OS X Yosemite 10.10.3 release is bound to include contents of today's security update.

New ‘IP Box’ tool unlocks iPhone PINs via brute force attacks

Cody Lee ∙ Updated April 30, 2018

A new device is causing commotion around the interwebs today, that has the ability to unlock PIN-protected iOS devices. The tool, first spotlighted by security firm MDSec, is being used in the phone repair markets to brute-force iPhone and iPad Lock screens.

According to MDSec, these 'IP Boxes' are about the size of an Apple TV, and you can acquire one for around $300. It works by simulating the PIN entry on a device over a USB connection, and is able to sequentially bruteforce every possible PIN combination.