If you make something private, obviously you want it to stay that way. But with hackers trying to get at your data, you need to be prepared. Following the recent iCloud hacking that leaked tons of private celebrity photos, there’s a renewed focus on security.
In today’s video, we show you how to enable two-step verification on all your Apple devices so you’ll have a better chance of keeping everything that’s near and dear to you private and secure.
In fact, according to a new list drawn up by the country’s National Development and Reform Commission and Ministry of Finance, Apple products are persona non grata when it comes to high tech devices that public money is allowed to be spent on.
The reason is security concerns, in the wake of increased fears about hacking and cyberspying. “When the government stops the procurement of products, it sends a signal to corporates and semi-government bodies,” says Mark Po, an analyst with UOB Kay Hian Ltd. in Hong Kong. “The Chinese government wants to make sure that overseas companies shouldn’t have too much influence in China.”
According to findings by researchers Karsten Nohl and Jakob Lell, USB security may be profoundly broken, with no way around it.
Nohl and Lell have highlighted a flaw in USB devices which potentially offer hackers the ability to sidestep all currently known security measures used by a computer. Called the BadUSB exploit, the vulnerability allows hackers to meddle with the firmware which controls the functions of various USB plug-ins, such as mice, keyboards and thumb drives.
Earlier this week, forensic data scientist Jonathan Zdziarski made a bold claim: iOS may be vulnerable to government snooping by design. According to Zdziarski, iOS had multiple backdoors installed that made any device running the OS “almost always at risk of spilling all data,” which in turn made for some “tasty attack points for .gov and criminals.”
Apple, of course, denied having ever worked with the government to install any backdoors. But that didn’t change the fact that these unsecured services do exist, and worse, have gone entirely undocumented. But thankfully, Apple has rectified at least that last problem, penning a new support document that explains what each of Zdziarski’s snoopsome services actually does.
If you’re flying into or out of the United Kingdom, you’d better make sure your Android or iOS handset is fully charged. With the U.S. government recently announcing that all airline passengers with personal electronics devices will now be required to turn them on to prove that they work, the U.K.’s Department for Transport has announced that the same rules will now apply in the United Kingdom.
The new ruling follows reports that terrorists may be able to use phones and electronic devices as a conveyor of explosives that can get around current security checks.
Future Apple devices may be able to dynamically modify user interface elements, security levels, and other types of behavior based on location, according to a new patent application published Thursday.
Referred to as “Location-sensitive security levels and setting profiles based on detected location,” Apple’s application describes a setup in which both the hardware and software of your iPhone, iPad, and whatever other mobile devices Apple releases in future can seamlessly work together to automatically adjust various UI and device behavior settings.
Despite Apple’s claims that email attachments are safely locked away with data encryption in iOS 7, a new report has found that all your email attachments have been vulnerable and unencrypted for months.
For the second time in around one month, a major flaw has been found in popular open-source security software. The hole, which exists in the login tools OAuth and OpenID, affects many websites including Google, Facebook, Microsoft, LinkedIn, Yahoo, GitHub and others.
The flaw was discovered by Wang Jing, a Ph.D student at the Nanyang Technological University in Singapore. Jing notes that the serious “Covert Redirect” flaw can act as a login popup based on an affected site’s domain. Exploited by an attacker, affected sites may result in users losing control of their login information and personal data — including email addresses, birth dates, and contact lists.