In the unfortunate event that you ever forget or lose the password to log in to your Mac running OS X Mountain Lion, hope does not have to be lost. Instead of fiddling around with recovery mode and terminal, you can easily reset it using your Apple ID as long as you've enabled your user profile to use that option.
Apple's iOS 7, announced earlier this week, brings a lot of changes to all areas of the operating system, and security is no exception. iOS 7, at least as much of it as has been publicly disclosed by Apple to date, includes a number of security-related enhancements, seeking not just to make your data more secure, but also make security more convenient.
Three researchers from the Georgia Institute of Technology are scheduled to give a talk at the 2013 Black Hat security conference on iOS malware injection using malicious chargers. While the full details of the exploit won’t be revealed until the talk this July, the researchers have said that their method works on the latest version of iOS and does not require a jailbreak.
CEO Vladimir Katalov of the security software company Elcomsoft has published a post on CrackPassword outlining where he believes Apple’s two-step authentication comes up short. While he admits that the authentication works as advertised and it’s a good idea for people to enable it, he has also identified some areas that he thinks could use some improvement.
Periodically, albums become available for live streaming on iTunes prior to their official release date. The hope is that not only do consumers get a chance to hear the album before buying it, but also that by offering a free and legal way to listen to the album before it’s available, there will be less motivation for eager fans to pirate leaked albums. With unreleased albums from Daft Punk and The National currently streaming on iTunes, 9to5Mac has discovered that the streams are being left completely unprotected, offering an easy way for pirates to get high-quality cuts of the albums before they’re officially released.
Bad news this week for any users of the iOS file management apps File Lite and File Pro. Researchers over at Vulnerability Laboratory have published details for three vulnerabilities that they discovered in the latest versions of both apps.
Apple recently released iTunes 11.0.3 with a number of cosmetic improvements including an updated MiniPlayer and songs view. However, this release is more than just a pretty face, bringing a number of security patches which address a wide range of vulnerabilities. Even users not interested in the visual treatments will want to grab this update.
Apple’s handling of location data has made its way back into headlines recently due to a tool written by security researcher Hubert Seiwert. Seiwert presented the iSniff GPS tool, which makes it easy to capture potentially sensitive iPhone user data, last July at the Blackhat USA security conference and posted the source code to Github a month later. While the tool isn’t particularly new, it has been the recipient of some media attention after being covered earlier this month by SC Magazine. While the disclosure of the sensitive information by iPhones was previously known, iSniff makes the information more easily accessible and is worth a closer look to determine if users need to worry.
Since the dawn of time, BlackBerry smartphones have been the mobile communicator of choice for the United States federal government. The federal National Institute of Standards and Technology has been approving hardware and software to meet the FIPS (Federal Information Processing Standard) since 1995, and today iOS 6.0 was granted FIPS 140-2 certification. Specifically, the iOS CryptoCore Kernel Module 3.0 was assured to to meet the security requirements of the government.