This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking. Why does this work? iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates, or iOS apps … Read More “Impersonating iOS Password Prompts” »
Category: apple
Auto Added by WPeMatico
This is a good interview with Apple’s SVP of Software Engineering about FaceID. Honestly, I don’t know what to think. I am confident that Apple is not collecting a photo database, but not optimistic that it can’t be hacked with fake faces. I dislike the fact that the police can point the phone at someone … Read More “Apple’s FaceID” »
A new feature in Apple’s new iPhone operating system — iOS 11 — will allow users to quickly disable Touch ID. A new setting, designed to automate emergency services calls, lets iPhone users tap the power button quickly five times to call 911. This doesn’t automatically dial the emergency services by default, but it brings … Read More “iOS 11 Allows Users to Disable Touch ID” »
Apple is fighting its own battle against leakers, using people and tactics from the NSA. According to the hour-long presentation, Apple’s Global Security team employs an undisclosed number of investigators around the world to prevent information from reaching competitors, counterfeiters, and the press, as well as hunt down the source when leaks do occur. Some … Read More “Fighting Leakers at Apple” »
Turkish hackers are threatening to erase millions of iCloud user accounts unless Apple pays a ransom. This is a weird story, and I’m skeptical of some of the details. Presumably Apple has decided that it’s smarter to spend the money on secure backups and other security measures than to pay the ransom. But we’ll see … Read More “Hackers Threaten to Erase Apple Customer Data” »
Ever since Ian Krstić, Apple’s Head of Security Engineering and Architecture, presented the company’s key backup technology at Black Hat 2016, people have been pointing to it as evidence that the company can create a secure backdoor for law enforcement. It’s not. Matthew Green and Steve Bellovin have both explained why not. And the same … Read More “Apple's Cloud Key Vault” »
Last week, Apple issued a critical security patch for the iPhone: iOS 9.3.5. The incredible story is that this patch is the result of investigative work by Citizen Lab, which uncovered a zero-day exploit being used by the UAE government against a human rights defender. The UAE spyware was provided by the Israeli cyberweapons arms … Read More “iPhone Zero-Day Used by UAE Government” »
Apple received a patent earlier this year on collecting biometric information of an unauthorized device user. The obvious application is taking a copy of the fingerprint and photo of someone using as stolen smartphone. Note that I have no opinion on whether this is a patentable idea or the patent is valid. Powered by WPeMatico
EDITED TO ADD (10/28): This is a more nuanced discussion of this issue. At this point, it seems clear that there is a lot less here than described in the blog post below. The latest version of Apple’s OS automatically syncs your files to iCloud Drive, even files you choose to store locally. Apple encrypts … Read More “Apple Copies Your Files Without Your Knowledge or Consent” »