iOS 7 developer beta incorporates password disable feature

Posted by:
Date: Wednesday, June 26th, 2013, 07:00
Category: iOS, News, security, Software

ios7logo

As mentioned before, it’s the beta versions that point out the cool stuff on the horizon.

Per AppleInsider, Apple’s latest beta build of iOS 7 makes it more difficult for thieves to get away with stealing an iOS device by requiring a user’s password to be entered when disabling the “Find My iPhone” functionality.

The new feature, found in pre-release builds of iOS 7 made available to developers, also applies to the iPad. Users can open the Settings application, choose iCloud, then “Find My iPhone,” and flipping the switch to off brings up a password prompt.

The addition addresses a potential issue that users have noticed for years, since the “Find My iPhone” functionality came to iOS 4 in 2010. With iOS 7, users who may not feel the need to utilize the passcode lock screen can still enjoy added security for the Find My iPhone feature, making it more difficult for a thief to turn it off.

Of course, someone who has stolen an iPhone or iPad could simply turn off the device, or remove a SIM card. But the new feature is just an added level of security for those who may be unfortunate enough to have their device stolen.

Still, not a bad addition.

Please let us know what you think of this in the comments.

Apple releases Java 2013-004 update for Mac OS X 10.7, 10.8 operating systems

Posted by:
Date: Wednesday, June 19th, 2013, 05:00
Category: News, security, Software

applelogo_silver

A well-timed security update never hurts.

On Wednesday, Apple released its Java 2013-004 update for its Mac OS X 10.7 and 10.8 operating systems. The update, a 64 megabyte download, adds the following fixes and changes:
- Java for OS X 2013-004 supersedes all previous versions of Java for OS X.

- This release updates the Apple-provided system Java SE 6 to version 1.6.0_51 and is for OS X versions 10.7 or later.

- This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled “Missing plug-in” to go download the latest version of the Java applet plug-in from Oracle.

- This update also removes the Java Preferences application, which is no longer required to configure applet settings.

The Java 2013-004 update requires an Intel-based Mac running Mac OS X 10.7 to install and run. If you’ve installed this new update and have any feedback to offer, please let us know in the comments.

Apple releases Java for Mac OS X 10.6 Update 16

Posted by:
Date: Tuesday, June 18th, 2013, 14:07
Category: News, security, Software

applelogo_silver

This might come in handy.

On Tuesday, Apple released Java for Mac OS X 10.6 Update 16, a security update that stands as a 69.48 megabyte download and offers the following fixes and changes:

- This update enables website-by-website control of the Java plug-in within Safari 5.1.9 or later, and supersedes all previous versions of Java for Mac OS X v10.6.

- This release updates the Apple-provided system Java SE 6 to version 1.6.0_51 for Mac OS X v10.6.

The update requires an Intel-based Mac running Mac OS X 10.6.8 or later to install and run.

The updates can be located, snagged and installed via the Software Update feature built into the Mac OS X operating system.

If you’ve tried the updates and have any feedback to offer, please let us know in the comments.

Apple to include “kill switch” feature in iOS 7, require Apple ID and password to reenable stolen devices

Posted by:
Date: Wednesday, June 12th, 2013, 07:44
Category: iOS, iPhone, News, security, Software

iOS-7-Logo

This shouldn’t be overlooked.

According to CNN, Apple will add an Activation Lock features as part of iOS 7. The feature, which functions as a “kill switch”, will require an Apple ID and password before an iOS device’s “Find My iPhone” feature can be turned off or any data can be erased.

At a keynote address opening its annual Worldwide Developers Conference, the company said the same ID and password will be needed to reactivate a device after it’s been remotely erased. The same ID and password will still be required even after the SIM card has been removed from the stolen device.

As mobile devices become more popular, stealing them has become a unique sort of crime that has law enforcement and government officials taking notice.

In New York, a special police unit has been created to deal with stolen mobile devices.

Stay tuned for additional details as they become available.

Adobe Flash Player updated to 11.7.700.225

Posted by:
Date: Wednesday, June 12th, 2013, 06:00
Category: News, security, Software

An update’s an update.

On Wednesday, Adobe released Flash Player 11.7.700.225 for Mac OS X, an 18 megabyte download via MacUpdate. The new version adds the following fixes and changes:
- Camera is not working for stageVideo(iOS)(3558247).

- No option to disable hardware acceleration(3560209).

- No option to fallback to WAV audio(3553459).

- Addresses vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe Flash Player 11.7.700.225 requires an Intel-based Mac running Mac OS X 10.6 or later to install and run.

If you’ve tried the new Flash Player and have any feedback to offer, please let us know in the comments.

Security researchers to demo 30-pin dock connector hack/malware injection at Black Hat next month

Posted by:
Date: Friday, June 7th, 2013, 07:57
Category: Hack, iPad, iPhone, iPod, News, security, Software

dockconnector

You’re not going to like this.

Per Senor O’Grady over on the Apple Core, a group of researchers from Georgia Tech have discovered a way to hack into an iPhone or iPad in less than a minute using a “malicious charger.” The group plans to present its findings at the Black Hat conference in Las Vegas on July 27, 2013.

Billy Lau, Yeongjin Jang and Chengyu Song are presenting a session is called “Mactans: Injecting Malware Into iOS Devices Via Malicious Chargers” at the popular security conference next month. The name “Mactans” comes from Latrodectus Mactans, the highly venomous (and deadly) black widow spider.

According to the synopsis on the Black Hat website, the Mactans session will describe how USB capabilities can be leveraged to bypass Apple’s defense mechanisms built into the iPhone.

Jason’s got the full details, so head on over, take a gander and get ready to never completely trust your iOS device’s 30-pin dock connector again…

Apple releases Security Update 2013-002 for Mac OS X 10.6, 10.7 operating systems

Posted by:
Date: Wednesday, June 5th, 2013, 06:40
Category: News, security, Software

applelogo_silver

There were security updates yesterday.

And we’re still trying to figure out what was specifically changed.

Per The Mac Observer, Apple released security updates for Snow Leopard (OS X 10.6) and Lion (OS X 10.7) on Tuesday, for both the client and server versions of the OSes.

The patch notes for all four updates say precisely nothing, and Apple’s security update page—where security patch notes get released—has not yet been updated with these releases.

Still, if you’re running Mac OS X 10.6 or later, make sure to run the Software Update feature to snag and install the latest updates.

For those of you who like the direct approach, here are the download links for the updates:
About Security Update 2013-002 (Lion) – 57.68MB

About Security Update 2013-002 Server (Lion) – 105.61MB

About Security Update 2013-002 (Snow Leopard) – 329.85MB

About Security Update 2013-002 Server (Snow Leopard) – 404.83MB

If you’ve tried the security updates and noticed any differences, please let us know in the comments.

How-To: Encrypt volumes on your hard drive

Posted by:
Date: Tuesday, May 28th, 2013, 07:26
Category: How-To, News, security

encryption

It’s understandable that you’d want to keep your personal stuff, well, personal. That being said, CNET’s mighty Topher Kessler has turned out a spiffy step-by-step guide as to how to encrypt certain parts of your Mac’s hard drive while keeping other parts open as needed using OS X’s Disk Utility and Terminal applications.

Take a gander here and if you know of any cool security tricks you’d like to share, please let us know in the comments.

Adobe Reader, Acrobat Pro updated to 11.0.03

Posted by:
Date: Wednesday, May 15th, 2013, 07:36
Category: News, security, Software

Handy updates are handy updates.

Late Tuesday, Adobe released version 11.0.03 of its Adobe Reader and Adobe Acrobat Pro applications. The updates, which can also be snagged through the Adobe Update Utility, add the following fixes and changes:

Japanese support:
- Automatic signature detection is supported.

- Added support for the Japanese Postal Code barcode.

EchoSign integration:
- Acrobat and Reader now intelligently detect if a document may need to be signed. On successful detection, a document message bar appears with a button “Open Sign Pane” which on clicking opens the right-hand Sign Pane.

- Signature appearances can now be imported through the user’s webcam. Reader saves the signature for future use in signing workflows.

- Save a Copy: Allows the user to save the file locally or in cloud. The file will be renamed based on whether user signs the document or not.

- Send via Email: Allows users to upload the document to the EchoSign server where they can fill-in details and send the signed document.

- Send via Fax: Same as the Send via Email option.

- Get Others to Sign: Enables users to send documents that need signing to others through the EchoSign service.

- The dialog which asks the user if they want to save the signed document is removed, thereby streamlining the signing process.

Digital signatures:
- The product now supports allowing administrators to control trust for JavaScript execution for specific certificates through the use of cTrustCertifiedDocumentsByOIDs in HKCU and/or HKLM. If the values in this registry preference match an OID in a certificate’s Extended Key Usage field, then that certificate is trusted.

Tools Pane:
- Tools pane performance is improved.

- The Tools Pane is open by default and the user’s selected state is saved across sessions.

Services integration:
- When using Export PDF, Create PDF and Send Now services, the user can now choose Open from online account > Acrobat.com.

- In the Create PDF panel, the “Convert” button is now a “Select Files” button. After a file is selected the button changes to “Convert”.

- When you open a document from Acrobat.com that you were reading earlier on another device, the document opens to the page where you left off.

- The ExportPDF panel is now available in the Japanese version of Reader.

Fixes:
- Acrobat crashes on Export Image to Online Account (SharePoint).

- On OS X 10.8 Mountain Lion, PDF file preview color is incorrect in A10 and A11 when monitor display profile is other than sRGB.

Miscellaneous:
- PDFMaker plug-in not opening PPT file after conversion from FileSite server.

- Unable to use tabs to put focus on HTML field following embedded PDF.

- Acrobat browser plug-in does not calculate decimal numbers in an AcroForm correctly when system locale is set to French.

- Page being incorrectly identified as scanned in the PDF invokes OCR unnecessarily.

- Print button off screen on low resolution devices in Reader/Acrobat XI.

- The IE AcroIEHelper browser helper object is removed. Needed functionality is moved to a plugin.

- Cannot save PDF from Firefox when multiple windows are used.

- In Reader, doing an overwrite with content type enabled results in a “bad parameters” error.

- Error while entering the value for Managed Metadata field.

- Added support for the Turkish Currency symbol.

Acrobat Reader 11.0.03 and Acrobat Pro 11.0.03 require an Intel-based processor and Mac OS X 10.6.8 or later to install and run.

If you’ve tried the new versions and noticed any differences, please let us know what you think.

Apple rolls out two-step ID recovery option to additional countries

Posted by:
Date: Monday, May 13th, 2013, 03:58
Category: News, security

applelogo_silver

This might help keep your Apple ID credentials a bit safer.

Per The Unofficial Apple Weblog, Apple recently introduced two-step verification for your Apple ID in certain countries, and the process is now being expanded to the rest of the world. The feature, which requires two different codes for verifying your Apple ID was initially only available in the US, UK, Australia, Ireland and New Zealand. But Apple has now included Canada in on the feature, as well as users in Argentina, Pakistan, Mexico, the Netherlands, Russia, Austria, Brazil, Belgium and Portugal. In other words, two-step authentication is now rolling out to a more or less worldwide release.

The authentication process is still optional — if users don’t think you need it, they can still stick with just their Apple ID passwords as a login. The process does help security, though it’s still not a perfect solution. Apple only implemented this procedure earlier this year due to some security concerns on behalf of users. But it will help against some attacks, and it should work as another step to keep unwanted invaders out of your Apple ID account.

As always, please let us know what you make of this over in the comments section.