All Articles by Nick Arnott

Signature check circumvention allows free tethering without a jailbreak

An interesting security hole has been discovered that allows people to circumvent Carrier.plist file checks by creating, modifying, and restoring backup files. The example presented iTweakiOS uses the hack to enable tethering without having to go through a carrier.

More →

4
loading...
0
loading...
36
loading...
0
loading...

Investigating iMessage security and privacy claims

How secure and how private is iMessage, Apple's SMS/MMS-like communications platform? Earlier this month, after news broke about the NSA's electronic surveillance program, codenamed PRISM, Apple released a statement detailing some specifics on the number of requests they receive from government agencies for customer records. As part of the statement, Apple claimed that iMessage conversations use end-to-end encryption and therefore cannot be decrypted by Apple:

More →

4
loading...
0
loading...
47
loading...
0
loading...

iOS Personal Hotspot passwords vulnerable to brute force attacks

Researchers at the University of Erlangen-Nuremberg have discovered weaknesses in the Personal Hotspot feature in iOS. The weak, and somewhat predictable password generation -- used in all current versions of iOS up through iOS 6 -- means people are susceptible to brute force attacks when using the personal hotspot feature on their iPhone or cellular iPad.

More →

2
loading...
0
loading...
52
loading...
0
loading...

iOS 7 preview: New security features

Apple's iOS 7, announced earlier this week, brings a lot of changes to all areas of the operating system, and security is no exception. iOS 7, at least as much of it as has been publicly disclosed by Apple to date, includes a number of security-related enhancements, seeking not just to make your data more secure, but also make security more convenient.

More →

12
loading...
0
loading...
95
loading...
0
loading...

Reveal: A promising runtime inspector for iOS apps

Reveal is a new debugging app by Itty Bitty Apps. It gives you the ability to inspect view elements and hierarchies in your iOS apps in realtime, providing a unique perspective to developers for debugging their apps.

More →

3
loading...
0
loading...
22
loading...
0
loading...

iOS malware injecting charger to be presented at Black Hat

Three researchers from the Georgia Institute of Technology are scheduled to give a talk at the 2013 Black Hat security conference on iOS malware injection using malicious chargers. While the full details of the exploit won’t be revealed until the talk this July, the researchers have said that their method works on the latest version of iOS and does not require a jailbreak.

More →

6
loading...
13
loading...
37
loading...
0
loading...

Security Researcher Raises Concerns over Apple's Two-Step Authentication

CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.

More →

4
loading...
0
loading...
37
loading...
0
loading...

Second Gear teases new app... using Passbook!

The fine folks over at Second Gear have a couple of exciting announcements this week: A new product, and a new service for developers. What makes these announcements particularly interesting is their use of Passbook.

More →

3
loading...
0
loading...
24
loading...
0
loading...

Apple neglects to secure streaming album previews

Periodically, albums become available for live streaming on iTunes prior to their official release date. The hope is that not only do consumers get a chance to hear the album before buying it, but also that by offering a free and legal way to listen to the album before it’s available, there will be less motivation for eager fans to pirate leaked albums. With unreleased albums from Daft Punk and The National currently streaming on iTunes, 9to5Mac has discovered that the streams are being left completely unprotected, offering an easy way for pirates to get high-quality cuts of the albums before they’re officially released.

More →

4
loading...
0
loading...
33
loading...
0
loading...

Multiple Vulnerabilities Found in File Lite and File Pro iOS Apps

Bad news this week for any users of the iOS file management apps File Lite and File Pro. Researchers over at Vulnerability Laboratory have published details for three vulnerabilities that they discovered in the latest versions of both apps.

More →

3
loading...
0
loading...
45
loading...
0
loading...

iTunes 11.0.3 brings a number of important security fixes

Apple recently released iTunes 11.0.3 with a number of cosmetic improvements including an updated MiniPlayer and songs view. However, this release is more than just a pretty face, bringing a number of security patches which address a wide range of vulnerabilities. Even users not interested in the visual treatments will want to grab this update.

More →

4
loading...
0
loading...
34
loading...
0
loading...

The State of Apple's Location Services and User Privacy

Apple’s handling of location data has made its way back into headlines recently due to a tool written by security researcher Hubert Seiwert. Seiwert presented the iSniff GPS tool, which makes it easy to capture potentially sensitive iPhone user data, last July at the Blackhat USA security conference and posted the source code to Github a month later. While the tool isn’t particularly new, it has been the recipient of some media attention after being covered earlier this month by SC Magazine. While the disclosure of the sensitive information by iPhones was previously known, iSniff makes the information more easily accessible and is worth a closer look to determine if users need to worry.

More →

6
loading...
0
loading...
33
loading...
0
loading...

New OS X Spyware Discovered at Oslo Freedom Forum

During the 2013 Oslo Freedom Forum, an annual conference focused on human rights, a new piece of spyware was discovered on an attendee's Mac. The spyware, which was discovered by security researcher Jacob Appelbaum, is currently being analyzed by F-Secure to fully understand what it does.

More →

5
loading...
0
loading...
49
loading...
0
loading...

Spark Inspector review: Audacious real-time debugging for iOS that might just be too audacious

Spark Inspector, by Foundry376 and J. Benjamin Gotow, brings a new approach to debugging, offering developers the ability to view their apps in an exploded 3D model, as well as change characteristics of elements on the fly, without the need to recompile. Often times apps appear to be relatively flat, two-dimensional beings. After all, they are displayed on a flat glass screen. However, developers and designers (as well as many users) are well aware that apps are made up of a series of layers, with many elements changing states, hiding some layers while revealing others. This can make it difficult to understand how an app is composed and what elements you’re interacting with, even for developers. So, can Spark Inspector help? Let's find out!

More →

6
loading...
0
loading...
37
loading...
0
loading...

iOS app flagged for malware, and why you shouldn't worry

An iOS game called Simply Find It, when run through BitDefender’s virus scanner, reportedly returns a positive result for Trojan.JS.iframe.BKD. This has drawn into question the effectiveness of Apple’s App Store approval process. Is this something that Apple should have caught, and is it something App Store customers should be worried about?

More →

6
loading...
0
loading...
108
loading...
0
loading...

Briefs 2 review: Quickly and easily prototype iOS and Android apps on your Mac

"Providing a clean interface and intuitive layout, Briefs offers an easy way to prototype apps, share ideas, tweak functionality, and adjust designs as new feedback arrives and your project evolves. It’s an app made for professionals, by professionals."

Briefs 2 is a Mac app by MartianCraft that allows you to quickly and easily create, edit and share prototypes for iOS and Android apps. Prototyping allows you to hash out features and designs before full development on a project begins, when it’s still easy and relatively inexpensive to make changes. A handful of iOS prototyping tools exist, but many of them have either fallen out of date or are simply lacking in functionality. Briefs seeks to provide a truly complete and professional solution for designers and developers. How well does it do?

More →

5
loading...
0
loading...
55
loading...
0
loading...

The Mailbox security failure that wasn’t

A few days ago it was reported that the popular Mailbox app was falling short on protecting user data. Developer Subhransu Behera published a post on his blog outlining what he considered to be security failures on the part of Mailbox.

More →

8
loading...
0
loading...
93
loading...
0
loading...

Apple declines to fix vulnerability in Safari's Web Archive files, likely because it requires user action to exploit

Metasploit software developer Joe Vennix has detailed a vulnerability in Safari’s webarchive file format along with how it can be exploited. The post on Rapid7 indicates that after being reported to Apple back in February, the bug was closed last month with a status of “wontfix”, indicating that Apple has no plans to address the bug. So what is it and why is that?

More →

8
loading...
0
loading...
75
loading...
0
loading...

Facebook Blast: Threaded group chat could be coming soon to Messenger app

iMore has learned that, following Facebook Home, Chat Heads, and other recent releases, Facebook has additional, incremental updates in the works for their Messenger app as well. One of the updates in the pipeline is Facebook Blast, an enhancement to how users can send messages to multiple recipients.

More →

5
loading...
8
loading...
69
loading...
0
loading...

How to test Facebook Chat Heads and stickers for iOS right now, even if they haven't yet been enabled for your account

Today Facebook released a fairly major update for the iOS Facebook app. Among the new features are messenger stickers and Chat Heads (a horribly named feature first announced for Facebook Home). Currently these new features have only rolled out to a limited number of users. However, if you have an urgent need to test them out, and you don't mind doing a little tweaking, you can temporarily enable them on your iOS device right now.

More →

8
loading...
0
loading...
86
loading...
0
loading...

Pages