Rumor: macOS code base hints at possible “Hey Siri” functionality, A10 Fusion co-processor for iMac Pro

Posted by:
Date: Monday, November 20th, 2017, 03:00
Category: Developer, Hardware, iMac, Processors, Rumor, Siri

It’s just a rumor right now, but it’s got some interesting sources behind it.

Developers Guilherme Rambo and Stephen Troughton-Smith, who’ve been exploring the macOS, have found references to the “Hey Siri” function in the code base with support for multiple user accounts, just as macOS has long supported user switching.

At present, it’s been rumored that the iMac Pro could feature an A10 Fusion coprocessor which could manage the “Hey Siri” functionality as well as the boot process, security, and the FaceTime camera. It also appears that the inclusion of the A10 Fusion allows the iMac Pro to accept the voice command ‘Hey Siri’ rather than requiring the click in macOS on the Siri icon or keystroke to prompt Siri.

(more…)

Hacker group claims iPhone X Face ID feature can be fooled with mask technique

Posted by:
Date: Tuesday, November 14th, 2017, 03:16
Category: Face ID, Hack, Hardware, iPhone, News, security

It’s been noted that Apple’s the iPhone X’s Face ID feature can be fooled by an identical twin. Now it looks like a mask might do the trick as well.

On Friday, Vietnamese security firm Bkav released a blog post and video showing that—by all appearances—they’d cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking. That demonstration, which has yet to be confirmed publicly by other security researchers, could poke a hole in the expensive security of the iPhone X, particularly given that the researchers say their mask cost just $150 to make.

The hack stands as a proof-of-concept for the time being, so the average iPhone owner isn’t at grave risk.

Bkav, offered the following comments:

“Apple has done this not so well. Face ID can be fooled by mask, which means it is not an effective security measure.”

(more…)

Security researchers hack iOS 11.1 at Pwn2Own event

Posted by:
Date: Friday, November 3rd, 2017, 03:17
Category: Google, Hack, iOS, iPhone, News, Samsung, security

Trend Micro’s annual Pwn2Own has kicked off over at the PacSec Security conference in Tokyo, complete with security researchers spending the day attempting to hack into the iPhone 7, the Samsung Galaxy S8, the Google Pixel, and the Huawei Mate 9 Pro in an effort to win prizes totaling more than $500,000.

And, for better or worse, Apple’s iPhone 7, running the newly-released iOS 11.1, was successfully breached twice Tencent Keen Security Lab. The first hack targeted a Wi-Fi bug and won the team $110,000 and 11 Master of Pwn points, while the second hack targeted the Safari Browser and earned Tencent Keen Security Lab $45,000 and 12 Master of Pwn points.

The group used a total of four bugs to both gain code execution and escalate their user privileges to allow their rogue application to install via a reboot. In addition, the group snagged $60,000 for the WiFi exploit and added $50,000 for the persistence bonus, thereby totaling $110,000 and 11 Master of Pwn points.

(more…)

FBI director reveals that 6,900 devices have yet to be unlocked/decrypted

Posted by:
Date: Tuesday, October 24th, 2017, 05:18
Category: iOS, iPad, iPhone, News, security

If you were looking to live in an era of digital privacy, it may have just arrived.

According to a statement shared by FBI Director Christopher Wray at the International Association of Chiefs of Police on Sunday, the FBI has been unable to retrieve data from 6,900 mobile devices that it attempted to access over the course of the last 11 months.

“To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board — narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”

(more…)

Apple confirms fix against “KRACK Attack” WPA-2 exploit in macOS, iOS, tvOS, and watchOS betas, has yet to comment on AirPort firmware

Posted by:
Date: Tuesday, October 17th, 2017, 05:08
Category: Android, iOS, macOS, News, security, Software, TvOS, watchOS

Following the recent “KRACK Attack” Wi-Fi WPA-2 exploit, Apple has cited that it has addressed the issue in its macOS, iOS, tvOS and watchOS betas, but has yet to officially state as to whether a patch is en route for its AirPort series of routers.

Sources within the company have stated that the patch to remove hardware susceptibility was included in a “previous” beta of the current range of operating systems, indicating a release before Monday’s batch.

(more…)

Developer outlines possible attack that could trick iOS users into giving their Apple ID credentials away

Posted by:
Date: Wednesday, October 11th, 2017, 05:33
Category: Developer, iOS, News, security, Software

This might be worth watching out for.

Per developer Felix Krause, a popup technique could be used to easily trick someone into handing over their Apple ID and password on their iOS device.

The developer noted that it is incredibly easy for an iOS app maker to recreate the Apple ID password prompt. From there, the app could send that popup and subsequently log the Apple ID and password. It takes less than 30 lines of code and could seemingly be dropped in any legitimate iOS app and sneak past App Store review teams.

(more…)

Security researchers point out Apple-granted API that could have allowed Uber to monitor iPhone users’ activities

Posted by:
Date: Monday, October 9th, 2017, 05:55
Category: Apple Watch, Developer, iOS, News, security, Software, Wearables

Last week, a controversial background API given from Apple to Uber designed to improve performance of the Uber app on the Apple Watch made headlines when security researchers told stated that Uber could have used it to record a user’s iPhone screen even with the Uber app just running in the background.

In a statement, Uber said the entitlement was used for an old version of the Apple Watch app and was provided to Uber because the original Apple Watch couldn’t render maps.

The company offered the following statement regarding the situation:

(more…)

Apple releases macOS High Sierra 10.13 Supplemental Update, works to address security concerns, bugs

Posted by:
Date: Friday, October 6th, 2017, 05:39
Category: High Sierra, macOS, News, security, Software

Every so often after a major operating system update, Apple releases a supplemental update to sort things out.

This is one of those times.

On Thursday, Apple released macOS High Sierra 10.13 Supplemental Update. The update, a 915 megabyte download through the App Store’s “Update” tab, fixes two important security flaws, one of which was just recently publicized. It also addresses three relatively minor bugs in macOS High Sierra.

Per Apple’s patch notes, the macOS High Sierra 10.13 Supplemental Update offers the following fixes:

Improves installer robustness
Fixes a cursor graphic bug when using Adobe InDesign
Resolves an issue where email messages couldn’t be deleted from Yahoo accounts in Mail
Security patch notes for macOS High Sierra 10.13 Supplemental Update
StorageKit

(more…)

Verizon reveals that all 3 billion existing Yahoo accounts were breached in 2013 attack

Posted by:
Date: Wednesday, October 4th, 2017, 05:45
Category: Finance, Hack, News, security

If you had a Yahoo account in 2013, there’s a 100 percent chance that you were hacked.

Yahoo’s parent company has revealed that the massive data breach that occurred in August of 2013 affective all three billion Yahoo accounts that existed at the time.

Previously, Yahoo said the hack affected 1 billion accounts, or a third of all accounts. Verizon now says new intelligence suggests the attack was much larger, compromising all Yahoo accounts in 2013.

(more…)

Gray area: Apple changes the definition of ‘on’ and ‘off’ in iOS 11

Posted by:
Date: Wednesday, October 4th, 2017, 03:29
Category: iOS, iPhone, Wi-Fi, wireless
Gray area: Are they on or are they off?

Gray area: Are they on or are they off?

During the iOS 11 beta I noticed a strange bug: I’d turn off Wi–Fi in Control Center and it would turn itself back on. After doing this multiple times, I filed a bug. Turns out that it wasn’t a bug, it was working as intended.

This is problem for me because I turn Wi–Fi off when I leave the office so that my iPhone won’t try to connect to the building’s Wi–Fi (or that of a passing Google bus). When your iPhone can’t connect reliably to Wi-Fi, it leaves the device in a state of limbo and data packets stop flowing.

When I leave the office I flip up Control Center and turn off Wi–Fi. When my iPhone would inevitably stop receiving data, I’d check Wi–Fi and notice that it had been turned back on. It’s Wi–Fi disobedience, essentially.

Rather than giving us a feature that many have requested (3D Touch the Wi–Fi icon and select from available networks) Apple nerfed the feature and made it worse.

Who asked for this “feature” anyway?

(more…)