Apple releases iOS 9.3 update

Posted by:
Date: Monday, March 21st, 2016, 13:25
Category: Apple Watch, Archive, iOS, security, Software, Wearables

ios9logo2

Amidst the kerfuffle of the March 21st media event, Apple also dropped the long-awaited iOS 9.3 update.

The update, which weighs in around 310 megabytes, adds the following fixes and changes:

– A fix for the iMessage encryption bug discovered by researchers at Johns Hopkins University. The exploit can lead to photos and videos sent via iMessage to be decrypted.

– Night Shift: Some apps like Tweetbot, Kindle, Waze, and Instapaper have a “night mode” so you don’t hurt your eyes trying to read a stark-white screen in a dark room. Apple’s all-new Night Shift feature works differently but has the benefit of being system-wide.

(more…)

Some Apple employees might refuse to help FBI unlock iPhone 5c if ordered to do so

Posted by:
Date: Friday, March 18th, 2016, 08:15
Category: iOS, iPhone, Legal, News, security

lockediphone5c

As the iPhone unlocking controversy roars on, a number of Apple engineers have said they may decide not to cooperate with law enforcement.

Apple employees who might be called on to help the FBI are already considering their actions should Apple lose the case. This is according to interviews conducted by the New York Times with half a dozen people involved in the development of mobile products and security at Apple.

Per the interviews, some said they they may balk at the work, while others may even quit their premium jobs rather than undermine the security of the software they have already created, according to more than a half-dozen current and former Apple employees.

(more…)

AceDeceiver trojan surfaces on iOS devices in Chinese marketplace, exploits weakness in FairPlay DRM

Posted by:
Date: Thursday, March 17th, 2016, 08:31
Category: Hack, iOS, News, security, Software

trojanhorse

A new variant of iOS trojan has been found in the wild.

The trojan, named “AceDeceiver”, has been found to infect non-jailbroken iOS devices, was discovered by Palo Alto Networks and is currently affecting iOS users in China.

The malware exploits a flaw in Apple’s FairPlay digital rights management system. It apparently uses a technique called “FairPlay Man-in-the-Middle,” which has been used to spread pirated iOS apps in the past by using fake iTunes software and spoofed authorization codes to get the apps on iOS devices. The same technique is now being used to spread the AceDeceiver malware.

(more…)

Justice Department mentions that it could compel Apple for iOS source code to create back door to unlock San Bernadino iPhone 5c

Posted by:
Date: Tuesday, March 15th, 2016, 08:00
Category: iPhone, Legal, News, security

justicedepartmentlogo

The Justice Department is now stating that it could potentially demand Apple hand over iOS source code and a signing key in the San Bernadino iPhone case.

A recent court filing states that the Justice Department made the proposal as a footnote in a recent rebuttal of Apple’s arguments in the case. In the brief, government laywers said they have so far pursued their current strategy — asking Apple to build a passcode limit break for the FBI — because they thought handing over code would be “less palatable” to the company.

(more…)

Proposed California State Assembly Bill could work against smartphone encryption

Posted by:
Date: Friday, March 11th, 2016, 07:22
Category: Android, Google, iPhone, News, security, Software

iphoneunlock

For California smartphone users, this hits pretty close to home.

Assembly Bill 1681, a California State Assembly bill, would ban default encryption on all smartphones. The bill, introduced in January by Assemblymember Jim Cooper, would require any smartphone sold in California “to be capable of being decrypted and unlocked by its manufacturer or its operating system provider.” This could be even more drastic than what’s going on with Apple’s legal showdown in the San Bernadino iPhone unlocking case.

Both Apple and Google currently encrypt smartphones running their iOS and Android operating systems by default. A.B. 1681 would undo this default, penalizing manufacturers and providers of operating systems $2,500 per device that cannot be decrypted at the time of sale.

(more…)

Justice Department cites Apple as “having raised technological barriers” in San Bernadino iPhone unlocking case

Posted by:
Date: Thursday, March 10th, 2016, 22:52
Category: Archive, iPhone, security, Software

justicedepartmentlogo

This is probably the next step in the escalating war between Apple and the Justice Department.

The Justice Department on Thursday issued a statement claiming Apple’s rhetoric of privacy protection in the San Bernadino iPhone 5c unlocking case to be “false”.

Last month, the Federal Bureau of Investigation obtained a court order requiring Apple to write new software and take other measures to disable passcode protection and allow access to shooter Rizwan Farook’s iPhone.

Apple has yet to comply, stating that the government’s request would create a back door to devices that could not be removed from existence and could be used by criminals and governments. Apple added that Congress has not given the Justice Department the legal authority to make such a demand.

Apple has also attacked the FBI investigation as “shoddy” and portrayed itself as “the primary guardian of Americans’ privacy,” federal prosecutors said in a court filing on Thursday.

(more…)

Hardware hack for San Bernadino iPhone 5c possible but risky

Posted by:
Date: Thursday, March 10th, 2016, 07:49
Category: Hardware, iPhone, News, security

lockediphone5c

The data onboard the iPhone 5c at the heart of the decryption/unlocking scandal could be accessible via a hardware technique.

This hardware technique, apparently, isn’t for the faint of heart.

In recent days, the American Civil Liberties Union’s technology fellow and former NSA contractor Edward Snowden have suggested a method that would let investigators repeatedly guess the iPhone’s password.

Federal investigators fear San Bernardino shooter Syed Rizwan Farook may have configured his work phone to use an Apple security feature that erases a key for decrypting data after 10 incorrect guesses of the phone’s password.

The forensic technique to get at the data, known as “chip off,” involves removing a NAND flash memory chip and copying its data. If successful, this would yield a decryption key that can be restored if it is erased after incorrect guesses.

(more…)

Department of Justice uses New York case to cite All Writs Act towards iPhone unlocking case

Posted by:
Date: Tuesday, March 8th, 2016, 07:35
Category: iPhone, Legal, News, security

lockediphone5c

The legal soap opera continues.

As Apple remains embroiled in the San Bernadino iPhone unlocking controversy, a New York judge ruled last week that the government couldn’t force Apple to unlock a device. Now, apparently, the Department of Justice is fighting the ruling and is again citing the All Writs Act as reasoning.

The Justice Department has today resubmitted its case to a higher judge in the Eastern District of New York. In the filing, the government argues that the case regarding the San Bernardino gunman is evidence that the All Writs Act can be used to force a company to unlock a device.

(more…)

KeRanger ransomware arrives on the Mac, Transmission 2.90 application infected

Posted by:
Date: Monday, March 7th, 2016, 08:46
Category: News, security, Software

trojanhorse

Ransomware has come to the Mac.

Over the weekend, researcher at Palo Alto Networks stated that ransomeware, which encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data, has been found to be targeting the Mac OS X platform in the form of the “KeRanger” malware. The malware first appeared on Friday and seems to be attacking Apple’s Mac computers.

Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of Microsoft Corp’s (MSFT.O) Windows operating system.

(more…)

Apple files formal objection in iPhone unlocking case, guarantees appeal via motion

Posted by:
Date: Thursday, March 3rd, 2016, 07:12
Category: iPhone, Legal, News, security

lockediphone5c

Apple is apparently creating a second chance for itself with the iPhone unlocking/San Bernadino shooter case.

The company, following yesterday’s Congressional hearing, filed a formal objection to the court order instructing it to assist the FBI in breaking into an iPhone used by one of the San Bernardino shooters.

Apple had previously filed its mandatory response, in which it called for the court to vacate the order. This was a 65-page detailed document setting out the reasons the company believed the order should not have been granted.

(more…)