Security

iPhone and iPad as amazing instances of applied cryptography

Following the publication of Apple's absolutely stellar iOS Security white paper in February, Steve Gibson of the TWiT network's Security Now! show spent three episodes going through it, providing extra explanation and context. Gibson was incredibly impressed by the iOS Security white paper, and by Apple's security implementation in general, calling it "amazing" many times over, especially the Apple A7 and its secure enclave. he also widely praised Apple's choices for the crypto they implemented, and especially how user- and privacy-focused their choices were.

More →

12
loading...
0
loading...
85
loading...
0
loading...

Apple says Heartbleed vulnerability did not affect their services or software

If you're concerned about iOS security or OS X security and are still wondering whether or not Apple services and software are affected by the Heartbleed vulnerability found in OpenSSL, Apple has now given an official statement on the matter.

More →

6
loading...
0
loading...
58
loading...
0
loading...

Heartbleed, the new OpenSSL hack: How does it affect OS X and iOS?

OpenSSL is popular open source encryption software used all over the Internet. It's been in the news a lot lately, with a lot of dire warnings about what a newly discovered bug means for your personal data. Is it a threat to OS X security or iOS security? Do you need to be worried about your Mac, iPhone or iPad being vulnerable?

More →

23
loading...
0
loading...
78
loading...
0
loading...

iOS 7 Activation Lock bypass discovered, protect yourself with Touch ID or Passcode

A bug has been found in iOS 7 that allows a an attacker with physical control over a lost or stolen iPhone to get around Activation Lock and gain access to the device. Unfortunately, the method for circumventing Activation Lock has been made public. However, the bypass process requires the attacker have access to an unlocked device, and be able to access the device after a reboot, so it can be thwarted by simply having a Passcode enabled (either by itself or as part of Touch ID).

More →

11
loading...
0
loading...
74
loading...
0
loading...

How to set your Mac's firmware password (and why you shouldn't)

Want to keep your roommate from posting your nude selfies on Facebook? Concerned that your Mac might fall into the wrong hands? You've already got a secure password on your Mac, maybe even file encryption. What happens if someone boots off an external hard drive?

Setting a firmware password is the solution. It comes with a few consequences and drawbacks, however. Follow along to read about the risks associated with firmware passwords as well as a guide on how to set one for those that think it's still worth it.

More →

10
loading...
0
loading...
52
loading...
0
loading...

So, you want to adopt BYOD?

Bring Your Own Device (BYOD) is the current hot trend. (And has been for a while, really.) There are many perceived advantages for a company that allows employees to bring their own devices to work and have access to your company resources, but is BYOD right for you? Can you make mistakes when developing your BYOD policies? Can you really let any device connect to your resources?

Lets look at a few top issues that you should be aware of.

More →

4
loading...
0
loading...
22
loading...
0
loading...

Comixology forces password resets following unauthorized database access

While there doesn't seem to be any reason for panic here, popular online comics service comixology is requiring customers reset their passwords. That's following an unauthorized database access that exposed usernames, email addresses, and cryptographically protected passwords. Databases get hacked. It's just a fact of modern, online life. Comixology looks like they're doing everything right here, including beefing up security going forward.

More →

4
loading...
0
loading...
32
loading...
0
loading...

Find my Mac passcode lock brute-force attack: What you need to know!

When Apple launched Find my Mac as an extension to their Find my iPhone system back in October of 2011 they included the ability to lock a Mac down so that it couldn't be accessed or rebooted into alternate modes. The lock, however, was implemented using a simple 4-digit passcode (PIN). That meant, with only 10,000 possible combinations, the passcode was susceptible to brute force attack. That's nothing new. It's been known since the start. What's new is that automated tools have now been developed to make the attack both easier and faster, and they're being reported on without a lot of context. So, is it something you should worry about?

More →

34
loading...
0
loading...
86
loading...
0
loading...

Is Snow Leopard 'vulnerable to attacks?' Has Apple really abandoned it?

"Apple retires Snow Leopard from support, leaves 1 in 5 Mac vulnerable to attacks," reads the headline on Computerworld. Is it the end for Apple's venerable OS X 10.6 "Snow Leopard" operating system, and are you at risk if you're still using it? Hardly.

(Do the world a favor and don't click on that link. I put it here in the interest of full disclosure, but let's not reward bad behavior.)

More →

16
loading...
0
loading...
78
loading...
0
loading...

This is how Touch ID and the Apple A7 processor keep your iPhone secure

As soon as the iPhone 5s was released last fall we ripped it apart and took a closer look, specifically at Touch ID. We had a hunch that Touch ID was paired to individual hardware even back then. An updated iOS security document issued by Apple looks to confirm our suspicions:

More →

11
loading...
0
loading...
73
loading...
0
loading...

Pages