More Featured Articles

Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

With iOS 9 and OS X El Capitan, Apple is introducing system-wide two-factor authentication. The idea behind two-factor authentication is exactly what the name implies: Your password alone is no longer enough to access your account, you need something else as well. In the case of iOS 9 and OS X...
Apple comments on XARA exploits, and what you need to know

Apple comments on XARA exploits, and what you need to know

'XARA' is an acronym for 'unauthorized cross-app resource access' and lumps together several exploits against OS X and iOS. Update: Apple has provided iMore with the following comment on the XARA exploits: Earlier this week we implemented a server-side app security update that secures app...
How to enable two-step verification for your Apple ID

How to set up two-factor authentication for iCloud

Most people use their Apple ID account not only for iCloud data, but to purchase content from iTunes and the App Store. That means that anyone who gets ahold of your account or manages to change your password could have access to your personal information and credit card information. If you want...
Security RSS Feed
Security writer says 'Goodbye Android', switches to iPhone

Security writer says 'Goodbye Android', switches to iPhone

I've written about the security and privacy advantages of iPhone and the benefits of timely and wide-ranging iOS software updates before but many of my Android friends dismiss it because I write about it here on an Apple-centric website. Fair enough. Lorenzo Franceschi-Bicchierai is a longtime...
DYLD_PRINT_TO_FILE exploit: What you need to know

DYLD_PRINT_TO_FILE exploit: What you need to know

DYLD_PRINT_TO_FILE is a recently-disclosed privilege escalation vulnerability on OS X Yosemite. "Privilege escalation" means that if someone already has malicious code in your Mac, they can use something like DYLD_PRINT_TO_FILE to gain deeper access to the system. To make a bad analogy, if they'...
Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

Two-factor authentication in iOS 9 and OS X El Capitan: What you need to know

With iOS 9 and OS X El Capitan, Apple is introducing system-wide two-factor authentication. The idea behind two-factor authentication is exactly what the name implies: Your password alone is no longer enough to access your account, you need something else as well. In the case of iOS 9 and OS X...
Apple comments on XARA exploits, and what you need to know

Apple comments on XARA exploits, and what you need to know

'XARA' is an acronym for 'unauthorized cross-app resource access' and lumps together several exploits against OS X and iOS. Update: Apple has provided iMore with the following comment on the XARA exploits: Earlier this week we implemented a server-side app security update that secures app...
XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks

XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks

Does the Indiana University XARA whitepaper make your head hurt? Here's an in-depth look at what "cross-app resource attacks" actually mean for your iOS and OS X systems. This week, security researchers from Indiana University released details of four security vulnerabilities they discovered in...
1Password and the XARA WebSocket exploit

1Password and the XARA WebSocket exploit

The makers of 1Password have gone into detail about how the unauthorized cross-resource attack affects their app. It's a compelling read for anyone interested in the recently disclosed XARA grouping of exploits. Specifically, AgileBits explains how this XARA exploit can be used to sniff data from...
Understanding Apple and privacy

Understanding Apple and privacy

A lot of people are getting a lot of things wrong about Apple's stance on privacy and security, and what it means for the future. Last week Apple's CEO, Tim Cook, once again reiterated the company's belief that people have a right to privacy and security, and that the cost of free-as-in-paid-for...
UEFI attack and the Mac: What you need to know

UEFI attack and the Mac: What you need to know

For owners of mid-2014 or earlier Macs, a new attack against a vulnerability in the UEFI boot script table is worth knowing about but won't affect most customers. UEFI - Unified Extensible Firmware Interface — is what the Mac uses to boot from firmware and into the OS X operating system. If you'...
How to fix iOS 8 Unicode Messages crash bug

How to fix iOS 8 Unicode Messages crash bug

Here's what you need to know about preventing and recovering from the iOS 8 Unicode crash bug. While Apple is working on a fix for the bug that causes Messages and notifications to crash iOS 8, there are several things you can do right now to help prevent your iPhone, iPad, or Apple Watch from...
Messages

Apple comments on iOS 8 unicode crash bug, fix in the works

A bug in how iOS 8 renders Unicode is causing Messages to crash or reboot when a specific string is received. Update: An Apple spokesperson told iMore: We are aware of an iMessage issue caused by a specific series of unicode characters and we will make a fix available in a software update...

Pages