apple – Page 6 – SSL and internet security news

Apple’s Tracking-Prevention Feature in Safari has a Privacy Bug

February 10, 2020 infossl

apple, leaks, privacy, Security technology, surveillance, tracking, vulnerabilities

Last month, engineers at Google published a very curious privacy bug in Apple’s Safari web browser. Apple’s Intelligent Tracking Prevention, a feature designed to reduce user tracking, has vulnerabilities that themselves allow user tracking. Some details: ITP detects and blocks tracking on the web. When you visit a few websites that happen to load the … Read More “Apple’s Tracking-Prevention Feature in Safari has a Privacy Bug” »

Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained

January 23, 2020 infossl

apple, backups, cloudcomputing, cybercrime, encryption, fbi, Security technology

This is new from Reuters: More than two years ago, Apple told the FBI that it planned to offer users end-to-end encryption when storing their phone data on iCloud, according to one current and three former FBI officials and one current and one former Apple employee. Under that plan, primarily designed to thwart hackers, Apple … Read More “Apple Abandoned Plans for Encrypted iCloud Backup after FBI Complained” »

ToTok Is an Emirati Spying Tool

December 24, 2019 infossl

apple, eavesdropping, google, malware, phones, privacy, Security technology, smartphones, spyware, surveillance, unitedarabemirates

The smartphone messaging app ToTok is actually an Emirati spying tool: But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try … Read More “ToTok Is an Emirati Spying Tool” »

Fooling Voice Assistants with Lasers

November 11, 2019 infossl

amazon, apple, authentication, google, hacking, Security technology

Interesting: Siri, Alexa, and Google Assistant are vulnerable to attacks that use lasers to inject inaudible — and sometimes invisible — commands into the devices and surreptitiously cause them to unlock doors, visit websites, and locate, unlock, and start vehicles, researchers report in a research paper published on Monday. Dubbed Light Commands, the attack works … Read More “Fooling Voice Assistants with Lasers” »

Massive iPhone Hack Targets Uyghurs

September 3, 2019 infossl

android, apple, hacking, iphone, malware, Security technology, smartphones, windows, zeroday

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google’s Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. (The vulnerabilities … Read More “Massive iPhone Hack Targets Uyghurs” »

Bypassing Apple FaceID’s Liveness Detection Feature

August 15, 2019 infossl

apple, biometrics, hacking, identification, Security technology

Apple’s FaceID has a liveness detection feature, which prevents someone from unlocking a victim’s phone by putting it in front of his face while he’s sleeping. That feature has been hacked: Researchers on Wednesday during Black Hat USA 2019 demonstrated an attack that allowed them to bypass a victim’s FaceID and log into their phone … Read More “Bypassing Apple FaceID’s Liveness Detection Feature” »

Cellebrite Claims It Can Unlock Any iPhone

June 28, 2019 infossl

apple, cellphones, hacking, ios, iphone, lawenforcement, locks, Security technology

The digital forensics company Cellebrite now claims it can unlock any iPhone. I dithered before blogging this, not wanting to give the company more publicity. But I decided that everyone who wants to know already knows, and that Apple already knows. It’s all of us that need to know. Powered by WPeMatico

iPhone Apps Surreptitiously Communicated with Unknown Servers

June 25, 2019 infossl

apple, datacollection, iphone, privacy, Security technology

Long news article (alternate source) on iPhone privacy, specifically the enormous amount of data your apps are collecting without your knowledge. A lot of this happens in the middle of the night, when you’re probably not otherwise using your phone: IPhone apps I discovered tracking me by passing information to third parties just while … Read More “iPhone Apps Surreptitiously Communicated with Unknown Servers” »

How Apple’s “Find My” Feature Works

June 20, 2019 infossl

apple, cryptography, iphone, privacy, scams, Security technology, tracking, wifi

Matthew Green intelligently speculates about how Apple’s new “Find My” feature works. If you haven’t already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: If your device is constantly emitting … Read More “How Apple’s “Find My” Feature Works” »

Fingerprinting iPhones

May 22, 2019 infossl

academicpapers, apple, cellphones, identification, iphone, phones, Security technology, sensors

This clever attack allows someone to uniquely identify a phone when you visit a website, based on data from the accelerometer, gyroscope, and magnetometer sensors. We have developed a new type of fingerprinting attack, the calibration fingerprinting attack. Our attack uses data gathered from the accelerometer, gyroscope and magnetometer sensors found in smartphones to construct … Read More “Fingerprinting iPhones” »