apple – Page 4 – SSL and internet security news

Apple AirTags Are Being Used to Track People and Cars

December 31, 2021 infossl

apple, cars, geolocation, privacy, Security technology, surveillance, tracking, Uncategorized

This development suprises no one who has been paying attention: Researchers now believe AirTags, which are equipped with Bluetooth technology, could be revealing a more widespread problem of tech-enabled tracking. They emit a digital signal that can be detected by devices running Apple’s mobile operating system. Those devices then report where an AirTag has last … Read More “Apple AirTags Are Being Used to Track People and Cars” »

Thieves Using AirTags to “Follow” Cars

December 6, 2021 infossl

apple, cars, geolocation, Security technology, theft, tracking, Uncategorized

From Ontario and not surprising: Since September 2021, officers have investigated five incidents where suspects have placed small tracking devices on high-end vehicles so they can later locate and steal them. Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking … Read More “Thieves Using AirTags to “Follow” Cars” »

Apple Sues NSO Group

November 24, 2021 infossl

apple, courts, exploits, Security technology, spyware, Uncategorized

Piling more on NSO Group’s legal troubles, Apple is suing it: The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices. … Read More “Apple Sues NSO Group” »

MacOS Zero-Day Used against Hong Kong Activists

November 12, 2021 infossl

activism, apple, china, cybersecurity, exploits, google, hacking, Security technology, Uncategorized, zero-day

Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. It was a “watering hole” attack, which means the malware was hidden in a legitimate website. Users visiting that website would get infected. From an article: Google’s researchers were able to trigger the exploits and study them by visiting the websites compromised … Read More “MacOS Zero-Day Used against Hong Kong Activists” »

Zero-Click iMessage Exploit

September 17, 2021 infossl

apple, exploits, patching, Security technology, spyware, Uncategorized, vulnerabilities

Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit. Powered by WPeMatico

Lightning Cable with Embedded Eavesdropping

September 7, 2021 infossl

apple, eavesdropping, hacking, key logging, Security technology, Uncategorized, Wi-Fi

Normal-looking cables (USB-C, Lightning, and so on) that exfiltrate data over a wireless network. I blogged about a previous prototype here Powered by WPeMatico

Zero-Click iPhone Exploits

September 1, 2021 infossl

apple, Citizen Lab, cyberweapons, exploits, iphone, malware, Security technology, Uncategorized

Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. These are particularly scary exploits, since they don’t require to victim to do anything, like click on a link or open a file. The victim receives a text message, and then they … Read More “Zero-Click iPhone Exploits” »

More on Apple’s iPhone Backdoor

August 20, 2021 infossl

apple, backdoors, hashes, photos, privacy, Security technology, surveillance, Uncategorized

In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM detection system were expected, and not a concern. I’m not convinced that this secondary system was originally part of the design, since it wasn’t discussed in the … Read More “More on Apple’s iPhone Backdoor” »

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

August 18, 2021 infossl

algorithms, apple, backdoors, cryptography, hashes, ios, iphone, reverse engineering, Security technology, Uncategorized

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and someone noticed: Early tests show that it can tolerate image resizing and compression, but not cropping or rotations. We also have the first collision: two images that hash … Read More “Apple’s NeuralHash Algorithm Has Been Reverse-Engineered” »

Apple Adds a Backdoor to iMesssage and iCloud Storage

August 10, 2021 infossl

apple, backdoors, cloud computing, Edward Snowden, privacy, Security technology, surveillance, Uncategorized

Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. (Here are five news stories.) I have been following the details, and discussing it in several different email lists. I don’t have time right now to delve into the details, but wanted to post something. EFF writes: There … Read More “Apple Adds a Backdoor to iMesssage and iCloud Storage” »