Security

DYLD_PRINT_TO_FILE exploit: What you need to know

DYLD_PRINT_TO_FILE is a recently-disclosed privilege escalation vulnerability on OS X Yosemite. Here's what you need to know about it.

More →

15
21
78
0

Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

The idea behind two-factor authentication in iOS 9 and OS X El Capitan is exactly what the name implies: Your password alone is no longer enough to access your account, you need something else as well. So what happens if something goes wrong and you get locked out? What happens if someone tries to hack their way in?

More →

10
15
80
0

Apple comments on XARA exploits, and what you need to know

XARA—an acronym for unauthorized cross-app resource access on Mac OS X and iOS—describe a series of exploits that you need to know about. Update: Apple has provided iMore with a comment.

More →

32
127
372
0

XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks

Does the Indiana University XARA whitepaper make your head hurt? Here's an in-depth look at what "cross-app resource attacks" actually mean for your iOS and OS X systems.

More →

25
110
224
0

1Password and the XARA WebSocket exploit

The makers of 1Password have gone into detail about how the unauthorized cross-resource attack (XARA), specifically the WebSockets exploit, affects their app

More →

2
10
58
0

Understanding Apple and privacy

A lot of people are getting a lot of things wrong about Apple's stance on privacy and security, and what it means for the future.

Last week Apple's CEO, Tim Cook, once again reiterated the company's belief that people have a right to privacy and security, and that the cost of free-as-in-paid-for-by-your-data services isn't always clearly understood. Those for who believe the conversation about privacy and security is the most important of our generation appreciated someone as powerful and influential as Cook giving it the spotlight it deserves. Those who believe the advancement of technology requires the relinquishing of previously held beliefs about privacy and security, however, reacted harshly. The problem is, many of them also reacted in a way that's just plain wrong.

More →

168
62
180
0

UEFI attack and the Mac: What you need to know

For owners of mid-2014 or earlier Macs, a new attack against a vulnerability in the UEFI boot script table is worth knowing about but won't affect most customers.

UEFI - Unified Extensible Firmware Interface — is what the Mac uses to boot from firmware and into the OS X operating system. If you're familiar with BIOS, then this replaced that. At the Chaos Communication Congress (CCC) in 2014, a presentation showed how a vulnerability in the boot script table could be used to rewrite the firmware when a Mac wakes after being in sleep mode. As usual, it's something to be informed about, but for the vast majority of people, nothing to panic about.

More →

16
19
78
0

How to fix iOS 8 Unicode Messages crash bug

Here's what you need to know about preventing and recovering from the iOS 8 Unicode crash bug.

While Apple is working on a fix for the bug that causes Messages and notifications to crash iOS 8, there are several things you can do right now to help prevent your iPhone, iPad, or Apple Watch from being affected, and to try to recover if you've already been affected.

More →

49
294
138
0

Apple comments on iOS 8 unicode crash bug, fix in the works

A bug in how iOS 8 renders Unicode is causing Messages to crash or reboot when a specific string is received.

Update: An Apple spokesperson told iMore:

We are aware of an iMessage issue caused by a specific series of unicode characters and we will make a fix available in a software update.

The bug occurs when your iPhone, iPad, or Apple Watch (which runs a variant of iOS 8) receives a message containing the specific string of Unicode characters. Because the specific string can't be rendered, the app crashes or the system restarts.

More →

61
151
124
0

Apple Watch, Apple Pay, and wrist detection: What you need to know

Once you've unlocked your Apple Watch, wrist detection can keep it unlocked for as long as the screen is on or it maintains skin contact.

As security systems go, wrist detection is clever: It lets you have the convenience of accessing your Apple Watch without having to continually re-enter your passcode or password, but provides enough security to protect your data, including Apple Pay credentials under normal circumstances. In that way it's similar to Touch ID, which can unlock your iPhone or iPad based on your fingerprint.

More →

12
8
61
0

Pages