Security

iOS 7 Activation Lock bypass discovered, protect yourself with Touch ID or Passcode

A bug has been found in iOS 7 that allows a an attacker with physical control over a lost or stolen iPhone to get around Activation Lock and gain access to the device. Unfortunately, the method for circumventing Activation Lock has been made public. However, the bypass process requires the attacker have access to an unlocked device, and be able to access the device after a reboot, so it can be thwarted by simply having a Passcode enabled (either by itself or as part of Touch ID).

More →

11
loading...
30
loading...
74
loading...
0
loading...

How to set your Mac's firmware password (and why you shouldn't)

Want to keep your roommate from posting your nude selfies on Facebook? Concerned that your Mac might fall into the wrong hands? You've already got a secure password on your Mac, maybe even file encryption. What happens if someone boots off an external hard drive?

Setting a firmware password is the solution. It comes with a few consequences and drawbacks, however. Follow along to read about the risks associated with firmware passwords as well as a guide on how to set one for those that think it's still worth it.

More →

10
loading...
0
loading...
52
loading...
0
loading...

So, you want to adopt BYOD?

Bring Your Own Device (BYOD) is the current hot trend. (And has been for a while, really.) There are many perceived advantages for a company that allows employees to bring their own devices to work and have access to your company resources, but is BYOD right for you? Can you make mistakes when developing your BYOD policies? Can you really let any device connect to your resources?

Lets look at a few top issues that you should be aware of.

More →

4
loading...
16
loading...
22
loading...
0
loading...

Comixology forces password resets following unauthorized database access

While there doesn't seem to be any reason for panic here, popular online comics service comixology is requiring customers reset their passwords. That's following an unauthorized database access that exposed usernames, email addresses, and cryptographically protected passwords. Databases get hacked. It's just a fact of modern, online life. Comixology looks like they're doing everything right here, including beefing up security going forward.

More →

4
loading...
9
loading...
32
loading...
0
loading...

Find my Mac passcode lock brute-force attack: What you need to know!

When Apple launched Find my Mac as an extension to their Find my iPhone system back in October of 2011 they included the ability to lock a Mac down so that it couldn't be accessed or rebooted into alternate modes. The lock, however, was implemented using a simple 4-digit passcode (PIN). That meant, with only 10,000 possible combinations, the passcode was susceptible to brute force attack. That's nothing new. It's been known since the start. What's new is that automated tools have now been developed to make the attack both easier and faster, and they're being reported on without a lot of context. So, is it something you should worry about?

More →

34
loading...
0
loading...
86
loading...
0
loading...

Is Snow Leopard 'vulnerable to attacks?' Has Apple really abandoned it?

"Apple retires Snow Leopard from support, leaves 1 in 5 Mac vulnerable to attacks," reads the headline on Computerworld. Is it the end for Apple's venerable OS X 10.6 "Snow Leopard" operating system, and are you at risk if you're still using it? Hardly.

(Do the world a favor and don't click on that link. I put it here in the interest of full disclosure, but let's not reward bad behavior.)

More →

17
loading...
31
loading...
78
loading...
0
loading...

This is how Touch ID and the Apple A7 processor keep your iPhone secure

As soon as the iPhone 5s was released last fall we ripped it apart and took a closer look, specifically at Touch ID. We had a hunch that Touch ID was paired to individual hardware even back then. An updated iOS security document issued by Apple looks to confirm our suspicions:

More →

11
loading...
0
loading...
73
loading...
0
loading...

Apple posts security updates for Lion, Mountain Lion — update now!

In addition to OS X 10.9.2, Apple has posted security updates for OS X 10.7 (Lion) and OS X 10.8 (Mountain Lion). Both of those are available either through the Software Update system preference or directly from Apple's web site.

More →

15
loading...
43
loading...
71
loading...
0
loading...

Researchers claim iOS multitasking exploit could allow taps, clicks to be monitored on iPhone, iPad

An exploit in the way iOS handles multitasking may allow the touch-equivalent of keylogger-type attacks — where your input is recorded in order to discover your passwords and other data — to work not only on jailbroken iPhones and iPads, but on any device. It would require a malicious app to be created, to get past App Store review, and to get installed onto your device, which is a complex chain and not one anyone has claimed to have actually seen happen yet. But according to Min Zheng, Hui Xue, and Tao Wei of FireEye, it is possible:

More →

8
loading...
5
loading...
24
loading...
0
loading...

Understanding Apple's SSL/TLS Bug

Yesterday Apple released updates for iOS 6, iOS 7, and Apple TV to squash a security bug that affected SSL/TLS connections. Often times, security patches can fix obscure bugs that could only occur under the strangest of circumstances, and they get rolled in to larger updates that address many other issues. However, this fix warranted its own updates, both for iOS 7 and for iOS 6. So what kind of bug calls for such a response? Fortunately for those of us curious enough to wonder, Adam Langley has the answer.

More →

41
loading...
298
loading...
176
loading...
0
loading...

Pages