All Articles by Nick Arnott

Viber calling and messaging service hacked, 200 million phone numbers, IDs, IP addresses potentially compromised

Following just days after Tango's servers were compromised, the Syrian Electronic Army(SEA) has hacked another calling and messaging service, Viber. E Hacking News is reporting that this time SEA was able to acquire a partial database backup containing phone numbers, UDIDs (Viber generated, not Apple UDIDs) and IP addresses, among other user information for some of Viber's more than 200 million subscribers.

More →

2
loading...
0
loading...
39
loading...
0
loading...

iPhone could be susceptible to SIM card attack, still waiting on clarification

At this year's Black Hat USA security conference cryptographer and security researcher Karsten Nohl will be presenting his findings on SIM card insecurities. While Nohl's research revealed that about one-quarter of the tested SIM cards were vulnerable to an attack that exploits an outdated encryption standard, it's unclear at this point exactly who should be worried.

More →

3
loading...
4037
loading...
33
loading...
0
loading...

SF District Attorney puts iOS 7 Activation Lock to the test, shares thoughts

Last week San Francisco District Attorney George Gascón and New York Attorney General Eric T. Schneiderman announced they would be putting Apple's recently announced Activation Lock feature to test. Details of the tests remain private, but for now Gascón is saying that "clear improvements" have been made.

More →

4
loading...
2
loading...
43
loading...
0
loading...

Security researcher claims to have reported bugs shortly before Apple took down its developer portal

London-based security researcher Ibrahim Balic has come forward, claiming he may be the one behind Apple's recent security threat. Following Apple's statement to developers earlier regarding a security threat to the developer portal, Balic posted a comment on TechCrunch's report of the story trying to set the record straight that no harm was ever intended.

More →

5
loading...
3
loading...
60
loading...
0
loading...

Apple reveals they took down Developer Center due to intrusion, completely overhauling system

Apple has sent an email out to developers addressing the reason behind the ongoing multi-day outage of their developer portal, confirming suspicions that it was the result of a security breach.

More →

29
loading...
0
loading...
71
loading...
0
loading...

Tango chat service hacked, 1.5 terabytes of phone, contact, and email data reportedly compromised

The Syrian Electronic Army has reportedly hacked the popular video chat app Tango. Since announcing the hack on Twitter yesterday, the group has posted a series of photos supporting their claims, and state they've acquired 1.5 terabytes of data.

More →

17
loading...
22
loading...
147
loading...
0
loading...

How Apple's Enterprise Distribution Program was abused to enable the installation of a GameBoy emulator

There's a story making the rounds about how a GameBoy emulator can be installed on non-jailbroken iOS devices. While this initially seems surprising, it's simply the result of a company abusing Apple's iOS Developer Enterprise Program, and allow users to install much more than just one emulator.

More →

7
loading...
5
loading...
33
loading...
0
loading...

Tumblr updates iOS app, fixes important potential password security issue

Tumblr for iOS has been updated with an important security fix. According to Tumblr's blog post, there was an issue in the app that allowed for a user's password to be compromised in certain circumstances.

More →

5
loading...
6
loading...
46
loading...
0
loading...

Hemlis promises to bring secure and beautiful messaging

Information about NSA spy programs that has been leaked recent weeks has prompted many to question how secure their communications are. Those leaks have also prompted Peter Sunde, best known for co-founding The Pirate Bay, along with Leif Högberg and Linus Olsson to begin developing a secure and elegant messaging app, Hemlis.

More →

2
loading...
0
loading...
24
loading...
0
loading...

Signature check circumvention allows free tethering without a jailbreak

An interesting security hole has been discovered that allows people to circumvent Carrier.plist file checks by creating, modifying, and restoring backup files. The example presented iTweakiOS uses the hack to enable tethering without having to go through a carrier.

More →

4
loading...
7
loading...
36
loading...
0
loading...

Investigating iMessage security and privacy claims

How secure and how private is iMessage, Apple's SMS/MMS-like communications platform? Earlier this month, after news broke about the NSA's electronic surveillance program, codenamed PRISM, Apple released a statement detailing some specifics on the number of requests they receive from government agencies for customer records. As part of the statement, Apple claimed that iMessage conversations use end-to-end encryption and therefore cannot be decrypted by Apple:

More →

4
loading...
0
loading...
47
loading...
0
loading...

iOS Personal Hotspot passwords vulnerable to brute force attacks

Researchers at the University of Erlangen-Nuremberg have discovered weaknesses in the Personal Hotspot feature in iOS. The weak, and somewhat predictable password generation -- used in all current versions of iOS up through iOS 6 -- means people are susceptible to brute force attacks when using the personal hotspot feature on their iPhone or cellular iPad.

More →

4
loading...
0
loading...
52
loading...
0
loading...

iOS 7 preview: New security features

Apple's iOS 7, announced earlier this week, brings a lot of changes to all areas of the operating system, and security is no exception. iOS 7, at least as much of it as has been publicly disclosed by Apple to date, includes a number of security-related enhancements, seeking not just to make your data more secure, but also make security more convenient.

More →

12
loading...
18
loading...
95
loading...
0
loading...

Reveal: A promising runtime inspector for iOS apps

Reveal is a new debugging app by Itty Bitty Apps. It gives you the ability to inspect view elements and hierarchies in your iOS apps in realtime, providing a unique perspective to developers for debugging their apps.

More →

3
loading...
3
loading...
22
loading...
0
loading...

iOS malware injecting charger to be presented at Black Hat

Three researchers from the Georgia Institute of Technology are scheduled to give a talk at the 2013 Black Hat security conference on iOS malware injection using malicious chargers. While the full details of the exploit won’t be revealed until the talk this July, the researchers have said that their method works on the latest version of iOS and does not require a jailbreak.

More →

6
loading...
13
loading...
37
loading...
0
loading...

Security Researcher Raises Concerns over Apple's Two-Step Authentication

CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.

More →

5
loading...
9
loading...
37
loading...
0
loading...

Second Gear teases new app... using Passbook!

The fine folks over at Second Gear have a couple of exciting announcements this week: A new product, and a new service for developers. What makes these announcements particularly interesting is their use of Passbook.

More →

3
loading...
2
loading...
24
loading...
0
loading...

Apple neglects to secure streaming album previews

Periodically, albums become available for live streaming on iTunes prior to their official release date. The hope is that not only do consumers get a chance to hear the album before buying it, but also that by offering a free and legal way to listen to the album before it’s available, there will be less motivation for eager fans to pirate leaked albums. With unreleased albums from Daft Punk and The National currently streaming on iTunes, 9to5Mac has discovered that the streams are being left completely unprotected, offering an easy way for pirates to get high-quality cuts of the albums before they’re officially released.

More →

4
loading...
5
loading...
33
loading...
0
loading...

Multiple Vulnerabilities Found in File Lite and File Pro iOS Apps

Bad news this week for any users of the iOS file management apps File Lite and File Pro. Researchers over at Vulnerability Laboratory have published details for three vulnerabilities that they discovered in the latest versions of both apps.

More →

3
loading...
0
loading...
45
loading...
0
loading...

iTunes 11.0.3 brings a number of important security fixes

Apple recently released iTunes 11.0.3 with a number of cosmetic improvements including an updated MiniPlayer and songs view. However, this release is more than just a pretty face, bringing a number of security patches which address a wide range of vulnerabilities. Even users not interested in the visual treatments will want to grab this update.

More →

4
loading...
4
loading...
34
loading...
0
loading...

Pages