Security

Find my Mac passcode lock brute-force attack: What you need to know!

When Apple launched Find my Mac as an extension to their Find my iPhone system back in October of 2011 they included the ability to lock a Mac down so that it couldn't be accessed or rebooted into alternate modes. The lock, however, was implemented using a simple 4-digit passcode (PIN). That meant, with only 10,000 possible combinations, the passcode was susceptible to brute force attack. That's nothing new. It's been known since the start. What's new is that automated tools have now been developed to make the attack both easier and faster, and they're being reported on without a lot of context. So, is it something you should worry about?

More →

34
loading...
0
loading...
86
loading...
0
loading...

Is Snow Leopard 'vulnerable to attacks?' Has Apple really abandoned it?

"Apple retires Snow Leopard from support, leaves 1 in 5 Mac vulnerable to attacks," reads the headline on Computerworld. Is it the end for Apple's venerable OS X 10.6 "Snow Leopard" operating system, and are you at risk if you're still using it? Hardly.

(Do the world a favor and don't click on that link. I put it here in the interest of full disclosure, but let's not reward bad behavior.)

More →

17
loading...
0
loading...
78
loading...
0
loading...

This is how Touch ID and the Apple A7 processor keep your iPhone secure

As soon as the iPhone 5s was released last fall we ripped it apart and took a closer look, specifically at Touch ID. We had a hunch that Touch ID was paired to individual hardware even back then. An updated iOS security document issued by Apple looks to confirm our suspicions:

More →

11
loading...
0
loading...
73
loading...
0
loading...

Apple posts security updates for Lion, Mountain Lion — update now!

In addition to OS X 10.9.2, Apple has posted security updates for OS X 10.7 (Lion) and OS X 10.8 (Mountain Lion). Both of those are available either through the Software Update system preference or directly from Apple's web site.

More →

15
loading...
0
loading...
71
loading...
0
loading...

Researchers claim iOS multitasking exploit could allow taps, clicks to be monitored on iPhone, iPad

An exploit in the way iOS handles multitasking may allow the touch-equivalent of keylogger-type attacks — where your input is recorded in order to discover your passwords and other data — to work not only on jailbroken iPhones and iPads, but on any device. It would require a malicious app to be created, to get past App Store review, and to get installed onto your device, which is a complex chain and not one anyone has claimed to have actually seen happen yet. But according to Min Zheng, Hui Xue, and Tao Wei of FireEye, it is possible:

More →

8
loading...
0
loading...
24
loading...
0
loading...

Understanding Apple's SSL/TLS Bug

Yesterday Apple released updates for iOS 6, iOS 7, and Apple TV to squash a security bug that affected SSL/TLS connections. Often times, security patches can fix obscure bugs that could only occur under the strangest of circumstances, and they get rolled in to larger updates that address many other issues. However, this fix warranted its own updates, both for iOS 7 and for iOS 6. So what kind of bug calls for such a response? Fortunately for those of us curious enough to wonder, Adam Langley has the answer.

More →

41
loading...
0
loading...
176
loading...
0
loading...

Kickstarter hacked, no credit cards compromised but your Facebook login has been reset

Kickstarter, the popular crowd-funding service, has has been hacked. No credit cards were compromised but some user data, including encrypted passwords wee accessed, and they've reset Facebook logins as a precaution. Their CEO, Yancey Strickler, posted on the Kickstarter blog:

More →

13
loading...
0
loading...
90
loading...
0
loading...

How a fake 2014 Sochi Winter Olympics hacking story is causing real damage to NBC News' reputation

NBC News would have you believe that the life expectancy of a MacBook Air or Android phone at the Winter Olympic Games is roughly zero, at least when it comes to it being hacked and your financial and other personal information stolen. Anyone with a base level of technical knowledge at all would recognize it as complete and utter bullshit the minute they saw it. Sadly, as many of us who got contacted by concerned family members know, it's far too easy to scare everyone else. Robert Graham of Errata Security calls the report "100% fraudulent":

More →

21
loading...
0
loading...
100
loading...
0
loading...

What's really going on with the Starbucks mobile app information leak, and what you need to know

Earlier this week, security researcher Daniel Wood disclosed his findings on Starbucks' insecure handling of sensitive user information in their iPhone app. The sensitive information discovered includes usernames, passwords, emails, addresses, location data, and OAuth keys. While Wood's findings are valid, the interpretations of his findings have been inaccurate and exaggerated.

More →

29
loading...
0
loading...
111
loading...
0
loading...

Tim Cook is Apple's moral center and 'we believe' its post-PC battle-cry

Steve Jobs was not only Apple's visionary, he was one of the most important cultural influencers of our time. Apple. Mac. NeXT. Pixar. iMac. iPod. iTunes. iPhone. iPad. Any one of those would be a worthy achievement. All of them, a universe denting one. But Steve Jobs is gone and Tim Cook now helms Apple. He was an operations guy, not a product guy. He didn't dream up the next world-changing product, but he did make those dreams a reality. It would be easy, natural-even, for him to continue in an operational role as CEO, but steadily, over the course of the last two years, he's been doing more than that. He's been taking on a moral role as well.

More →

28
loading...
0
loading...
94
loading...
0
loading...

Pages