All items tagged with "NSA"

CIA spends years trying to break Apple’s security

The CIA is gunning for Apple's security. Photo: Spy vs. Spy

The CIA is gunning for Apple’s security. Photo: Spy vs. Spy

The CIA has been been involved in a multi-year effort to crack iOS security, according to new information provided to The Intercept by whistleblower Edward Snowden. The attempts have been the focal point of multiple yearly CIA conferences called “The Jamboree.”

Among the possible solutions proposed include a means of “whacking” Xcode, the software used to create apps for iOS and Macs. Researchers claimed they had discovered a means by which Xcode could be manipulated to allow devices to be infected, so as to allow for the extraction of private data — thereby creating a “remote backdoor” that would disable core security features and allow undetected access to Apple devices.

Read the rest of this post »

Apple is working on fix for newly discovered ‘FREAK’ security bug

Photo: Jim Merithew/Cult of Mac

The Freak bug went unnoticed for over a decade. Photo: Jim Merithew/Cult of Mac

A newly discovered security bug has secretly left Safari users on both iOS and OS X vulnerable to attacks on hundreds of thousands of websites for years.

The ‘FREAK’ security flaw was exposed today by a group of nine researchers who discovered web browsers could be forced to use an intentionally-weakened form of encryption. FREAK effects iPhones, Macs, and Android browsers, but Apple’s spokesman says the company will release a fix next week.

Read the rest of this post »

Maybe the NSA hasn’t hacked your iPhone after all?

The NSA has just hacked 2 billion SIM cards around the globe, but Gemalto says it isn't that bad. Photo: Wikicommons

The NSA has just hacked 2 billion SIM cards around the globe, but Gemalto says it isn’t that bad. Photo: Wikicommons

Late last week, we reported on the newest leak from Edward Snowden, indicating that the NSA had hacked the SIM cards of pretty much every smartphone on Earth. iPhones included.

It looked bad. The hack allowed the NSA to tap into your phone without a court order. But today, the Dutch company responsible for 2 billion SIM cards released a statement, saying that as far as they can tell, fears of a massive NSA invasion are overblown.

Read the rest of this post »

iSpy: Snowden leak shows how the UK tracked iPhone users

iPhone_UDID

UDID identifiers could be used to link iPhones to their users. Photo: Cult of Mac

Apple has long been outspoken about the measures it goes to to keep your iPhone secure, but new documents leaked by whistleblower Edward Snowden demonstrate how the British spy agency GCHQ was able to carry out “realtime tracking of target iPhones” — by compromising users’ computers.

Rather than directly targeting the iPhones, GCHQ agents focused their attack on the computers with which the iPhones were synchronised, enabling them to access much of the data stored on the handset. The method took advantage of flaws in Apple’s UDID (unique device identifier) system, which issued a unique code for every iPhone, linking it with its owner.

The iPhone tracking report was handed over by Snowden to a group of nine journalists — including Laura Poitras, the filmmaker behind the acclaimed documentary Citizenfour.

Read the rest of this post »

Tim Cook, tech leaders urge Senate to curb government surveillance

reg34rg

Congress has dropped the ball on surveillance reform, according to Tim Cook and a host of other top tech CEOs throughout the country.

In a full-page ad printed in today’s Washington Times, the tech companies tell the Senate it’s been a year since revelations on the NSA’s over reach were made known to citizens, but Congress has failed to pass a version of the  USA Freedom Act that would restore the confidence of internet users.

Here’s the full ad:

Read the rest of this post »

Coders grapple with good and evil at WWDC’s indie spinoff

Bill Atkinson, left and Andrew Stone chat each other up at AltConf in San Francisco June 3, 2014. Photo: Jim Merithew/Cult of Mac

Apple legend Bill Atkinson, left, and Andrew Stone talk Steve Jobs, drugs and the Internet at AltConf 2014 in San Francisco. Photo: Jim Merithew/Cult of Mac

SAN FRANCISCO — At Apple’s WWDC developer conference, there are talks about interface design, writing code and fixing bugs.

Across the street at indie spinoff AltConf, the talks are concerned with spying on users and making choices between good and evil.

“We have had a hand in creating one of the most dystopian and undesirable societies imaginable,” said Andrew Stone, a veteran programmer who once worked with Steve Jobs, during a talk entitled “What Have We Built Here?”

It’s not the kind of stuff you’d expect to hear at a developer’s conference, but in an age of widespread government spying and cynicism about corporate slogans like “Don’t be evil,” AltConf highlights that programmers are often presented with moral choices. There’s a growing awareness in the coding community that although the activity of programming is benign, what’s created can be used for evil. Take Maciej Cegłowski’s talk last month in Germany, which has been widely discussed on the Web. Cegłowski argues — convincingly — that the utopian ideals of the early internet have been thoroughly corrupted, and the entire industry is “rotten.”

Read the rest of this post »

WWDC hardware expectations plus a big fake Apple rumor on our newest CultCast

Cultcast iPad Mini new logo

This time on The CultCast: No, those rumored new EarPods won’t measure your pulse. Last week’s biggest Apple rumor was a fake made up by a guy on a toilet! Plus, why you shouldn’t expect new hardware at June’s WWDC; iPhone warns you when the NSA wants you for drug trafficking; Apple’s newest executive gets a HUGE payday; Katie Cotton, Apple’s long time PR lead and Steve Jobs confidant, calls it quits; Cupertino will take on Samsung with more Guerrilla-style marketing; and since you asked, we reveal the jobs we’ve always wanted on an all-new Get To Know Your Cultist.

Have a few LOLs while we catch you up on each week’s best Apple stories! Stream or download new and past episodes of The CultCast now on your Mac or iDevice by subscribing on iTunes, or hit play below and let the audio adventure begin!

Our thanks to Smile Software for supporting this episode! If you haven’t tried TextExpander from Smile software, you’re missing out on one of the most useful apps available for the Mac. With TextExpander, you’ll save time and effort by expanding short abbreviations into frequently-used text and pictures. Try it out yourself for free at smilesoftware.com/cultcast.

WWDC hardware expectations plus a big fake Apple rumor on our newest CultCast

Click on for the show notes.

Read the rest of this post »

Apple publishes its guidelines for law enforcement data requests

Screen_Shot_2014-05-08_at_09

Ever since the Edward Snowden revelations, the question of how companies like Apple respond to law enforcement and government requests for user information has taken on a new level of importance.

In a new document added to its website, called Legal Process Guidelines U.S. Law Enforcement, Apple provides an overview of how it deals with such requests in North America.

Read the rest of this post »

Apple will now alert you when the NSA wants your data

spying-privacy-peeping-tom-peeping-through-keyhole
The data-hungry tentacles of the NSA have managed to choke America’s top tech firms into silent submission on data requests, but after months of demanding more transparency, Apple is ready to defy authorities and let you know when the NSA wants your data.

Prosecutors warn that such a move will undermine investigations by tipping off criminals and allowing them to destroy sensitive data, but according to the Washington Post, Apple and others have already changed their policies.

Read the rest of this post »

Everything You Need To Know About The NSA’s Leaky Apps

Angry Birds

While accusations about NSA backdoors to Apple devices have been doing the rounds for a while now, yesterday’s revelations about spying agencies using so-called “leaky apps” to capture user data has reignited the debate. Below is a Q&A covering everything we’ve learned so far:

Q) What is a leaky app?

A) An app that transmits private user information across the Internet. While apps have come under fire for collecting private user information before, the current outcry follows revelations leaked by Edward Snowden, suggesting that leaky apps have been the focus of spying organizations such as the NSA and its UK counterpart, GCHQ (Government Communications HQ). The NSA has cumulatively spent more than $1 billion in its phone targeting efforts. A 2010 NSA presentation cites poor secured apps as a “golden nugget” for gathering user information — including, but not limited to, address books and friend lists.

Read the rest of this post »