Security

The future of personal security

Apple is responding to security concerns raised by many this past week as a result of massive release of stolen celebrity photos. While this is a good move by Apple that will increase security for users, it's important to understand what these changes do and don't mean for us.

More →

9
loading...
0
loading...
66
loading...
0
loading...

How to keep all your private photos off iCloud

While what happened to Jennifer Lawrence, Kate Upton, and many other celebrities could arguably happen on any cloud storage service, many folks are pointing fingers at iCloud. While we don't believe iCloud is any less safe than any other backup service, we understand people wanting to take precautions. So if you'd prefer to not have any of your photos on iCloud, we can walk you through how to safeguard all your pics, nudies or not!

More →

9
loading...
0
loading...
82
loading...
0
loading...

iCloud security and personal responsibility

iCloud may not have been hacked but iCloud accounts are hackable. So are other online accounts. Why? Security is at constant war with convenience. Absolute security makes our data inaccessible to everyone, including us. Absolute convenience makes our data easily available to everyone, including those who would use it to harm us. The key to a workable system is balance, where a range of options are afforded and we choose and use them in a way that's best for us. That includes Apple giving us the options we need and making them as understandable as possible, and it includes us taking the time to understand them and implement them as best as we can. So what can we all do better?

More →

8
loading...
0
loading...
94
loading...
0
loading...

Lost your iCloud recovery key? Here's how to generate a new one!

If you've [enabled two-step verification]( for your iCloud account, you already know that if you ever forget your password, you'll need your iCloud recovery key in order to reset it. If you've lost the printout containing your key, you should immediately generate a new one in case your key falls into the wrong hands. As long as you know your current password, you can replace your iCloud recovery key in just a few minutes.

More →

6
loading...
0
loading...
52
loading...
0
loading...

Apple 'actively investigating' alleged celebrity iCloud account hacks

Yesterday a massive theft of photo data from celebrities made its way onto the internet. iCloud was named as the source of the data, though no information was provided as to how it was exploited. Regardless, it made headlines. Apple is aware and investigating.

More →

-
loading...
-
loading...
-
loading...
-
loading...

'BadUSB' malware highlights the danger of plugging random mystery drives into your computer

Another day, another apocalyptic prognostication of computer security doom, this time focusing on the omnipresent USB connection. It's called 'BadUSB', and it's a malware proof-of-concept created by security researchers Karsten Nohl and Jakob Lell that exploits a flaw in and resides in the firmware that controls the basic function of USB devices. The researchers claim that it's not a problem that can be patched, saying that they're "exploiting the very way that USB is designed," but in the end all they've done is highlight that you shouldn't go around plugging USB drives, devices, or whatnot that you don't trust into your computer.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Russia wants Apple's source code to prove it's not used for spying

The Russian government has asked for security cooperation from Apple and enterprise services firm SAP. The proposal would see Apple handing over the source code for their products so Russia could inspect them for backdoors or defects that could be exploited by spy agencies like the NSA. Apple has repeatedly denied working with the NSA or other government agency to create such backdoors, but the Russian government, well, they're not wanting to take any chances.

More →

-
loading...
-
loading...
-
loading...
-
loading...

On iOS, 'backdoors', and the eternal war between security and convenience

Earlier this week forensic researcher Jonathan Zdziarski's work on security exploits in iOS pairing records and potential data leaks in diagnostic services went viral. Unfortunately, it was his slides, which used more provocative language and lacked the context of his talk, and not his pay-walled yet far more understandable journal article, that made the rounds. Tragically, many in the media pounced on the attention-getting potential, posting alarming articles that did nothing but spread fear, uncertainty, and doubt (FUD) to a mainstream customer-base that deserves much, much better. Apple responded with comments to iMore on Monday, and with a Knowledge Base (KB) article on Tuesday. However, there's been no word yet on whether or not the exploits and potential data leaks will be closed and, if they will be, how soon. So, what does it all mean?

More →

-
loading...
-
loading...
-
loading...
-
loading...

iOS diagnostic services, their uses and protections, outlined by Apple in response to 'backdoor' allegations

Earlier this week Apple reaffirmed to iMore that it had never worked with any government agency to create a backdoor in any product or service. That was in answer to questions raised by Jonathan Zdziarski concerning iOS privacy and security. Apple has now published a new support page titled iOS: About diagnostic capabilities which elaborates on the services Zdziarski called out as data leaks. It does not, however, address vulnerabilities in passcode, pairing keys, or trusted device, though Apple typically does not address those types of things until they've pushed out patches. Here's Apple's full support article on the services:

More →

11
loading...
0
loading...
64
loading...
0
loading...

Apple reaffirms it has never worked with any government agency to create a backdoor in any product or service

On July 18, Jonathan Zdziarski, a former iOS jailbreaker and current iOS forensic scientist and law enforcement consultant, gave a talk at the HOPE X conference in New York City. Zdziarski's talk was on backdoors, attack points and surveillance mechanisms in iOS. In the talk he alleged that there are a number of ways for government agencies, including law-enforcement, to get at the personal data you store on your iPhone, iPod touch, and/or iPad. Zdziarski posted slides from the talk, based on an earlier journal publishing, on his website a couple of days ago. They've since been shared via other websites and social networks, and a lot of confusion and concern has arisen.

When reached for comment, Apple reiterated to iMore that it has never worked with any government agency to create a backdoor in any product or service:

"We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues," Apple told iMore. "A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent."

As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services."

So, what's going on here?

More →

-
loading...
-
loading...
-
loading...
-
loading...

Pages