Security | Page 4 | iMore

Order Now iPhone SE | iPhone 6s | iPad Pro | Apple Watch | Apple TV

Security

USB-C and BadUSB attacks: What you need to know

Apple announced the new MacBook with USB-C connector last Monday and already headlines are appearing linking it to known security issues, like BadUSB.

BadUSB is an attack that uses the way computers interface with the universal serial bus (USB) standard to try and load malware onto the machine. It's a longstanding issue with USB in general, and nothing specific to Apple or the MacBook's implementation of USB-C. Throwing Apple and a hot new product under the headline bus is a great way to get attention, but what's really going on?

More →


How secure is the Apple Watch?

That was a question posed by MarketWatch today. It's also an important question. Unfortunately, MarketWatch didn't treat the question that way. And that's a profound disservice to its readers.

The Apple Watch is, by Apple's own admission the most personal, most intimate device the company has ever released. It tracks health, it handles communications, it can control our homes, it can pay for our purchases. Security on the Apple Watch is something that's going to matter to everyone who uses it. The response to the sensational headline used by MarketWatch, is that they don't know. And the follow up is pure fear, uncertainty, and doubt. That's not only bad journalism, it's an actively harmful attack.

More →


CIA program sought to compromise security of Apple devices

More information has come to light on government surveillance, with new information revealing a campaign by the CIA to break through the security of Apple devices.

More →


How to set up two-factor authentication for Dropbox

Don't let your Dropbox account get compromised. Protect it with two-factor authentication.

More →


How to set up two-factor authentication for Tumblr

Protect your Tumblr gifsets, memes, songs, blogs, and more.

More →


How to set up two-factor authentication for Facebook

Protect your Facebook account from potential hacks with the company's two-factor authentication system.

More →


iPhone vs. Android and hardware encryption

iPhones have supported hardware encryption for over 5 years. Android phones... well, it's complicated.

When Google announced Android Lollipop, one of the most important features for customers in the post-Edward Snowden era was hardware encryption enabled by default. Put simply, on first-boot your personal data would be kept far safer on your personal device. Unfortunately, it looks like default hardware encryption in Lollipop is a nice-to-have, not a must-have, and many Android phone vendors have simply decided to keep it off.

More →


Authy snapped up by Twilio for two-factor authentication

Authy, a company that specializes in security through two-factor authentication, has been purchased by cloud communication services company Twilio. The two companies have been working together since 2012, with Authy using Twilio's technology to deliver authentication codes through SMS and phone calls. For the time being, Authy will continue to function as it always has, though certain parts of the company will expand with the acquisition, according to fonder Daniel Palacio:

More →


No, OS X is NOT the 'most vulnerable OS' despite shoddy reporting

Security, as we take great pains to repeatedly point out, is something that deeply affects people. It affects their stress and trust levels when dealing with technology. When it's misreported it turns what should be an empowering experience into one of fear, uncertainty, and doubt. And it's far too frequently done just to get the worst kind of attention. The latest case in point is a — I don't want to call it a report — from GFI which claims OS X and iOS were the "most vulnerable operating systems of 2014. And, frankly, it's bullshit.

More →


Gemalto denies 'massive theft' of SIM card encryption keys by NSA and GCHQ [updated]

Update: A new report in The Intercept claims that Gemalto is drastically downplaying the effects of this attack. In the report, several security researchers came to the conclusion that "the company made sweeping, overly-optimistic statements about the security and stability of Gemalto's networks, and dramatically underplayed the significance of the NSA-GCHQ targeting of the company and its employees."

Original story: Digital security vendor Gemalto revealed its findings today following last week's report of an incursion by the NSA and the GCHQ into the vendor's SIM card encryption keys. While Gemalto noted that an operation by NSA and GCHQ "probably happened" in 2010 and 2011, the intrusion could not have resulted in a "massive theft" of SIM card encryption keys as the breach affected the company's office network and not its secure networks.

More →


Pages