Apple releases iOS 10.3.1 update, offers bug fixes, security fixes

Posted by:
Date: Tuesday, April 4th, 2017, 05:36
Category: Hack, iOS, iPad, iPhone, iPod Touch, News, security, Software

After a major OS update come the fixes.

Apple on Monday released iOS 10.3.1, an update available for its iOS devices available as an over-the-air update or when connected to iTunes via a Mac or Windows PC.

The update, which weighs in at just under 30 megabytes as an OTA download, resolves issues such as a hardware-specific problem wherein iPhone 5 and iPhone 5c handsets had trouble updating over the air.

(more…)

LastPass exploit discovered, company scrambles to repair the vulnerability

Posted by:
Date: Monday, April 3rd, 2017, 05:04
Category: Hack, News, security, Software

A serious vulnerability was recently discovered in the popular LassPass password manager and developers are scrambling to fix the issue which makes it possible for malicious websites to steal user passcodes and in some cases execute malicious code on computers running the program.

The flaw, which affects the most recent version of the browser extension, was briefly described on Saturday, March 25th, by Tavis Ormandy, a researcher with Google’s Project Zero vulnerability reporting team. When people have the LastPass binary running, the vulnerability allows malicious websites to execute code of their choice. Even when the binary isn’t present, the flaw can be exploited in a way that lets malicious sites steal passwords from the protected LastPass vault. Ormandy said he developed a proof-of-concept exploit and sent it to LastPass officials. Developers now have three months to patch the hole before Project Zero discloses technical details.

Ormandy offered the following statement:

“It will take a long time to fix this properly, It’s a major architectural problem. They have 90 days, no need to scramble!”

The blog post describing the issue had LastPass company officials thanking Ormandy for the alert and stating that a fix was on the way. In the meantime, it was suggested that LastPass users protect themselves by by entering stored passwords into websites using the LastPass vault as a launch pad for opening websites and entering passwords and enabling two-factor authentication on sites that offer it.

The attack was described as both unique and highly sophisticated. LastPass, in turn, stated that the company didn’t want to disclose details regarding the vulnerability or the fix to outside parties. Users, in turn, could expect a more detailed post mortem once the work was complete.

The string of vulnerabilities underscores the tradeoff that comes from use of any password manager. Storing dozens, hundreds, or even thousands of passwords in a single place poses catastrophic risks should that resource be breached. Exploits become easier by convenience features that, for example, store encrypted password vaults in Internet-accessible locations or automatically paste passwords into websites. Ultimately, password managers likely make the average user safer because they make it possible to use long, complex, and unique passwords. And that protects people in the event that their password is exposed in website breaches, which are much more common than real-world password manager exploits.

If you use LastPass, please take care and stay tuned for additional details as they become available.

Via Ars Technica, Twitter and blog.lastpass.com

Apple repairs iOS 10.3 vulnerability that caused iOS devices to repeatedly dial 911

Posted by:
Date: Friday, March 31st, 2017, 05:28
Category: iOS, iPad, iPhone, News, security, Software

Following the release of iOS 10.3 earlier this week, a number of users reported that their iOS devices were repeatedly attempting to call 911.

The flaw was discovered by an 18-year old who found a way to use Javascript to remotely cause iOS devices to open popup alerts, open apps, and make phone calls. In an effort to show the severity of the problem, he created a code that caused iPhones to dial 911 repeatedly. All in all, he ended up being arrested and charged with four counts of computer tampering after causing thousands of accidental 911 calls.

It appears that Apple has worked with app developers to examine the issue and close the loophole.

(more…)

tvOS 10.2 update may conflict with some third-party streaming applications

Posted by:
Date: Thursday, March 30th, 2017, 05:40
Category: News, Software, TvOS

As nifty as tvOS 10.2 is (the new fast scrolling feature, for example, is much appreciated), it might be causing problems with some third-party streaming applications.

A new report has stated that tvOS 10.2 including functionality that makes the Apple TV require device verification from an AirPlay streaming device. In such a case, only Apple hardware can provide such verification.

The new verification requirement can cause certain third-party streaming applications not to work. Per Rogue Amoeba’s Paul Kafasis, the tvOS 10.2 update prevents the company’s AirFoil app for Mac and Windows from working with the Apple TV. Rogue Amoeba recommends not updating to tvOS 2 until the company has a fix for AirFoil.

(more…)

Final 2017 emojis approved, en route for June

Posted by:
Date: Thursday, March 30th, 2017, 05:21
Category: Fun, News, Software

Additional emojis are coming your way.

After months of work aligning Unicode 10.0 code points with new features in Emoji 5.0, the 2017 emoji list is now final.

The new emojis include smileys, people, food, drink, flags, and for the first time: new fantasy characters such as a mermaid, genie, and vampire.

(more…)

Apple clears through almost 350 security vulnerabilities with of iOS, macOS, watchOS and tvOS updates

Posted by:
Date: Wednesday, March 29th, 2017, 05:54
Category: Hack, iOS, macOS, News, security, Software, TvOS, watchOS

Apple cleaned house via a slew of operating system updates on Monday, pinning down nearly 350 known vulnerabilities between its changes to iOS, macOS, watchOS and tvOS.

Starting with iOS 10.3, Apple’s latest version includes Find My AirPods, Apple’s new file system, CarPlay, and a few other small visual tweaks. With nearly every update Apple does, they also include a handful of security fixes that easily go unnoticed by the user. iOS 10.3 is no exception with over 85 different common vulnerabilities and exposures (CVEs) listed.

In one case, the iOS 10.3 update patched a security hole that allowed attackers to spam Safari with a ‘Cannot Open Page’ dialog. Lookout, a cybersecurity company, learned of the attack after one of their users complained of losing control over their browsing experience. The dialog was meant to trick users into eventually paying money to “unlock” their Safari browser.

(more…)

Apple releases watchOS 3.2, tvOS 10.2 updates

Posted by:
Date: Tuesday, March 28th, 2017, 05:54
Category: Apple TV, iOS, iTunes, News, Siri, Software, TvOS, watchOS

‘Tis a day of updates and watchOS and tvOS are no exception.

Apple on Monday, released watchOS 3.2, which will require that you update your iPhone to iOS 10.3 and your Apple Watch have at least a 50 percent battery charge and be within range of your iPhone before beginning the installation.

watchOS 3.2 offers the following fixes and changes:

(more…)

Apple releases iOS 10.3 update

Posted by:
Date: Tuesday, March 28th, 2017, 05:08
Category: CarPlay, iOS, iPad, iPhone, iPod Touch, News, Siri, Software, Touch ID

iOS 10.3 is out and ready to go.

Apple on Monday released iOS 10.3, the latest version of its mobile operating system for its iPhone, iPod touch and iPad devices.

The update, which weighs in at about a 2.4 gigabyte download, offers the following fixes and changes:

Find My iPhone:
– View the current or last known location of your AirPods.

– Play a sound on one or both AirPods to help you find them.

(more…)

Apple releases macOS Sierra 10.12.4 update

Posted by:
Date: Tuesday, March 28th, 2017, 05:20
Category: macOS, News, Sierra, Siri, Software

If you’ve been hankering for macOS 10.12.4, it’s available and ready to go.

The new operating system update, a 1.85 gigabyte download, offers the following fixes and changes:

– Adds Night Shift for automatically shifting the colors in your display to the warmer end of the spectrum after dark.

– Adds Siri support for cricket sports scores and statistics for Indian Premier League and International Cricket Council.

– Adds Dictation support for Shanghainese.

(more…)

9.7-inch iPad, (PRODUCT)RED iPhone 7, iPhone 7 Plus now available to order online

Posted by:
Date: Monday, March 27th, 2017, 05:37
Category: Hardware, iPad, iPhone, News, retail

The new iPad and (PRODUCT)Red iPhone 7 and iPhone 7 Plus you want is now available for order online.

Apple has added the products to its online store in the United States and dozens of other countries and regions around the world. (PRODUCT)RED iPhones are also available for in-store pickup at select Apple Stores as of Friday.

The 9.7-inch iPad features a faster A9 processor and a brighter Retina display compared to the iPad Air 2, which has now been discontinued. The tablet is a bit thicker and heavier than the iPad Air 2 given that it lacks a fully laminated display with anti-reflective coating in order to keep costs down.

The tablet also features a display resolution of 2,048‑by‑1,536 at 264 PPI, an 8-megapixel rear iSight camera, 1.2-megapixel front FaceTime camera, two speakers, Lightning connector, 3.5mm headphone jack, Touch ID with Apple Pay, and Bluetooth 4.2.

(more…)