Security researchers point out Apple-granted API that could have allowed Uber to monitor iPhone users’ activities

Posted by:
Date: Monday, October 9th, 2017, 05:55
Category: Apple Watch, Developer, iOS, News, security, Software, Wearables

Last week, a controversial background API given from Apple to Uber designed to improve performance of the Uber app on the Apple Watch made headlines when security researchers told stated that Uber could have used it to record a user’s iPhone screen even with the Uber app just running in the background.

In a statement, Uber said the entitlement was used for an old version of the Apple Watch app and was provided to Uber because the original Apple Watch couldn’t render maps.

The company offered the following statement regarding the situation:

(more…)

Apple releases macOS High Sierra 10.13 Supplemental Update, works to address security concerns, bugs

Posted by:
Date: Friday, October 6th, 2017, 05:39
Category: High Sierra, macOS, News, security, Software

Every so often after a major operating system update, Apple releases a supplemental update to sort things out.

This is one of those times.

On Thursday, Apple released macOS High Sierra 10.13 Supplemental Update. The update, a 915 megabyte download through the App Store’s “Update” tab, fixes two important security flaws, one of which was just recently publicized. It also addresses three relatively minor bugs in macOS High Sierra.

Per Apple’s patch notes, the macOS High Sierra 10.13 Supplemental Update offers the following fixes:

Improves installer robustness
Fixes a cursor graphic bug when using Adobe InDesign
Resolves an issue where email messages couldn’t be deleted from Yahoo accounts in Mail
Security patch notes for macOS High Sierra 10.13 Supplemental Update
StorageKit

(more…)

Verizon reveals that all 3 billion existing Yahoo accounts were breached in 2013 attack

Posted by:
Date: Wednesday, October 4th, 2017, 05:45
Category: Finance, Hack, News, security

If you had a Yahoo account in 2013, there’s a 100 percent chance that you were hacked.

Yahoo’s parent company has revealed that the massive data breach that occurred in August of 2013 affective all three billion Yahoo accounts that existed at the time.

Previously, Yahoo said the hack affected 1 billion accounts, or a third of all accounts. Verizon now says new intelligence suggests the attack was much larger, compromising all Yahoo accounts in 2013.

(more…)

Gray area: Apple changes the definition of ‘on’ and ‘off’ in iOS 11

Posted by:
Date: Wednesday, October 4th, 2017, 03:29
Category: iOS, iPhone, Wi-Fi, wireless
Gray area: Are they on or are they off?

Gray area: Are they on or are they off?

During the iOS 11 beta I noticed a strange bug: I’d turn off Wi–Fi in Control Center and it would turn itself back on. After doing this multiple times, I filed a bug. Turns out that it wasn’t a bug, it was working as intended.

This is problem for me because I turn Wi–Fi off when I leave the office so that my iPhone won’t try to connect to the building’s Wi–Fi (or that of a passing Google bus). When your iPhone can’t connect reliably to Wi-Fi, it leaves the device in a state of limbo and data packets stop flowing.

When I leave the office I flip up Control Center and turn off Wi–Fi. When my iPhone would inevitably stop receiving data, I’d check Wi–Fi and notice that it had been turned back on. It’s Wi–Fi disobedience, essentially.

Rather than giving us a feature that many have requested (3D Touch the Wi–Fi icon and select from available networks) Apple nerfed the feature and made it worse.

Who asked for this “feature” anyway?

(more…)

HomePod firmware hints at possible Face ID scanning even when next-gen iPhone is laying flat

Posted by:
Date: Monday, August 7th, 2017, 05:55
Category: Developer, Hardware, HomePod, iPhone, Rumor, security, Touch ID

The leaked HomePod firmware might have given away yet another feature for Apple’s upcoming next-gen iPhone.

iHelp has noted a line that references support for facial recognition even when the device is laying flat on its back. The term “Pearl” is believed to be Apple’s name for Face ID:

AXRestingPearlUnlock

com.apple.accessibility.resting.pearl.unlock

(more…)

Wikileaks publishes two more Mac-specific exploits from CIA Vault 7 files

Posted by:
Date: Friday, July 28th, 2017, 05:49
Category: Hacks, News, security, Software

If you’re interested in security, you’ll like this.

Wikileaks has just Wikileaks published two more Mac exploits from the so-called CIA Vault 7 under the name Project Imperial. The new exploits—Achilles and SeaPea—affect older versions of OS X, such as Mac OS X 10.6 Snow Leopard and Mac OS X 10.7 Lion.

The exploits behave as follows:

(more…)

New TSA policy requires U.S. passengers to remove iPads, MacBooks from carry-on bags for scanning

Posted by:
Date: Thursday, July 27th, 2017, 05:26
Category: Hardware, iPad, Legal, MacBook, News

Per a new policy issued by the Transportation Safety Administration on Wednesday, over the coming weeks and months, passengers will no longer be able to keep their iPads or smaller MacBook notebooks in their bags when passing through security screenings. Instead, the devices will have to be placed in a separate bin to be x-rayed.

The new policy states that “all electronics larger than a cell phone” will be subject to this scrutiny.

Previously, Apple’s ultra-thin iPad, as well as the MacBook Air and 12-inch MacBook, were given approval to stay in a bag when being scanned.

(more…)

Adobe announces “end of life” date for Flash Player at end of 2020

Posted by:
Date: Wednesday, July 26th, 2017, 05:10
Category: Apple, Developer, Google, iOS, iPad, Microsoft, News, Software

Adobe’s Flash Player now has an end date: the end of 2020.

Adobe says it’s working with companies including Apple and Google to prepare for the upcoming death of Flash, as quoted here:

Given this progress, and in collaboration with several of our technology partners – including Apple, Facebook, Google, Microsoft and Mozilla – Adobe is planning to end-of-life Flash. Specifically, we will stop updating and distributing the Flash Player at the end of 2020 and encourage content creators to migrate any existing Flash content to these new open formats.

(more…)

iOS 10.3.3 update resolves Wi-Fi exploit that allowed for complete outside control of devices

Posted by:
Date: Friday, July 21st, 2017, 05:14
Category: Hardware, iPad, iPhone, iPod Touch, News, security, Software

Even if you’re generally a bit hesitant to accept iOS updates until they’ve been out for a while, it might be a good idea to accept the new iOS 10.3.3 update, which was released on Wednesday.

Per Apple’s security document, the update includes the following major fix:

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A memory corruption issue was addressed with improved memory handling.

(more…)

Apple releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3 updates

Posted by:
Date: Thursday, July 20th, 2017, 05:56
Category: iOS, macOS, News, security, Software, watchOS

‘Twas a day of updates as Apple released new versions of macOS Sierra, iOS 10, and watchOS 3 on Wednesday.

As usual, Apple’s comments as to the changes involved bug fixes, performance improvements and security fixes with the release of macOS Sierra 10.12.6, iOS 10.3.3 and watchOS 3.2.3, respectively.

Specific changes for macOS 10.12.6 included the following:

(more…)