Apple users accessing Gmail on mobile devices could be at risk of having their data intercepted, a mobile security company said Thursday.
The reason is Google has not yet implemented a security technology that would prevent attackers from viewing and modifying encrypted communications exchanged with the Web giant, wrote Avi Bashan, chief information security officer for Lacoon Mobile Security, based in Israel and the U.S. Websites use digital certificates to encrypt data traffic using the SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocols. But in some instances, those certificates can be spoofed by attackers, allowing them to observe and decrypt the traffic. That threat can be eliminated through certificate “pinning”.Read more
Moscow-based Elcomsoft has developed a new version of Phone Password Breaker 3.0 program with access into iCloud without Apple ID and the password function.
But this feature is mostly intended for our law enforcement and forensic customers, as using a password-free entry into iCloud requires a binary authentication token that must be extracted from the suspect’s computer (OS X or Windows). But you’ll still need the suspect’s PC with iCloud Control Panel installed which has iCloud Control Panel installed. Moreover the user must’ve been logged in to iCloud Control Panel on that PC at the time the computer is seized. If the user logged out of the Panel, the authentication tokens are then deleted.Read more
Mat Honan in a humorous manner created an everyday life picture in a "smart" house which (according to analysts) each consumer will have in 5-10 years.
I wake up at four to some old-timey dubstep spewing from my pillows. The lights are flashing. My alarm clock is blasting Skrillex or Deadmau5 or something, I don’t know. I never listened to dubstep, and in fact the entire genre is on my banned list. You see, my house has a virus again. Technically it’s malware. But there’s no patch yet, and pretty much everyone’s got it. Homes up and down the block are lit up, even at this early hour. Thankfully this one is fairly benign. It sets off the alarm with music I blacklisted decades ago on Pandora. It takes a picture of me as I get out of the shower every morning and uploads it to Facebook.Read more
Google is planning to launch a new health service called Google Fit to collect and aggregate data from popular fitness trackers and health-related apps at the Google I/O conference.
Such a service would mark a direct challenge to Apple’s HealthKit framework, launched last week and rolling out with its new mobile platform iOS 8 this fall to aggregate data from wearable devices and apps. Last month Samsung also unveiled similar device, called SAMI. Google Fit will aggregate data through open APIs, Google will also announce partnerships with wearable device makers at its I/O conference.Read more
The National Security Agency can supposedly exploit the security features in Apple’s iPhone that allows the agency to spy on people when they think the device is completely switched off.
According to Edward Snowden, the NSA can get into your iPhone, turn it on and remotely turn on apps. Apple dismissed Snowden’s claim – everyone knows that the iPhone was designed by Steve Jobs and is therefore completely unhackable and absolutely secure. For some reason, the company didn’t comment the well-known fact that it takes experts less than a minute to break into one. Some iPhone hackers claim it is possible. The only thing the spies have to do is trick the user into installing malware before shutting down the iPhone.Read more
The mobile Telegram messenger clone from a certain developer with the Vietnamese name appeared in App Store for iOS. Its relation to the initial application is unknown.
Telegram Messenger+ application was published by Nam Vu. He is a founder of several versatile applications, including a clone of popular 2048 game, which he called 2048+Plus. The application description is almost completely copied from the description of the original Telegram created by Pavel and Nikolay Durov, founders of "VKontakte". However Nam Vu wrote that Telegram + is updating of the initial application, and he also removed from the text a mention of absence in an advertising messenger.Read more
Frederic Jacobs tweeted that iOS 8 randomizes a device's MAC address while scanning for Wi-Fi networks.
It is good news because such OS behavior excludes surveillance on WiFi. When your mobile device scan for a free Wi-Fi network, whether at the shopping complex, airport, or restaurant, it sends out the MAC address which is a unique identifier of the device that allows devices to distinguish between one another on a network. Routers need this identifier to connect you to a network. Advertisers and retailers have been seeking to track these identifiers to help offer personalized advertisements to customers based on where they’ve been.Read more
Apple announced that DuckDuckGo will be included as a built-in search option in future versions of Safari on iOS and OS X at WWDC conference. We are thrilled to be included in Safari and it's great that Apple is making it easy for people to access our anonymous search option.
This makes DuckDuckGo the first privacy-focused search engine to be added to one of the top four browsers and is a huge milestone for both us and privacy supporters. For Mac users, this goes alongside an all-new private browsing option that functions like incognito mode on Chrome. The web browser on iPhone, iPad and Mac now includes the private search engine DuckDuckGo that users can set as default.Read more
Several users of Apple devices in Australia have reported that their gadgets have been "hijacked" - with a message demanding money. Experts believed the hack had targeted users by exploiting the Find my iPhone feature.
A message appeared on some targeted phones asking for "$100 USD/EUR" to be sent to a PayPal account. Networks advised affected users to contact Apple, which denied its cloud storage service had been breached. "Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same user name and password for multiple services," the firm said.Read more
iOS users in Russia began to face attacks by hackers who steal passwords to block smartphones and tablets and extort money for their unlock. To prevent this, you need to make your passwords long and complex, and not to impose them on suspicious sites, "Kaspersky Lab" recommends.
The exact number of hacked phones is unknown. The representatives of Apple declined to comment.
The attackers use the fact that in the new version of iOS 7 has become possible to block stolen smartphone that cannot be removed with help of a reset or flashing devices. If you want to use this feature, you must know the user‘s name (Apple ID, also known as e-mail address) and password.