security - page 13

If you’re looking to plan a heist, you’d probably best stay clear of Hangouts: Google has inadvertently confirmed that its chat platform is susceptible to police and government monitoring.

While the tech giant usually keeps quiet about Hangouts’ security features, the revelation (of sorts) came out of an “Ask Me Anything” session Friday on Reddit that included members of Google’s public policy department and legal team. Its proposed topic was “the current status of U.S. government surveillance law reform and how Google thinks about these issues,” but the questions were less about laws or reform and more about Google’s practices.

So, you just got that shiny new Apple Watch. It’s amazing, right?

So amazing that someone may try to steal it from you. Sure, that sucks, but it could happen.

Here’s how to clear the credit card info from the stolen device if you no longer have physical possession of your Apple Watch.

A significant security flaw affecting OS X Yosemite hasn’t been fixed as previously thought, according to a former NSA staffer.

The flaw, known as Rootpipe, is said to have existed since 2011, and could allow an attacker to gain full control of another user’s Mac without requiring authentication.

Slack, the cool new communications app that many of the world’s top companies have flocked to, just revealed that it’s been hacked.

Attackers were able to access a Slack database, the company said Friday morning. There’s no indication the hackers were able to decrypt passwords stored on the server, but Slack is immediately ramping up security efforts in response.

Touch ID might be a more convenient and secure security implementation than PIN codes, but for now at least PINs are sticking around — which makes your iPhone vulnerable to anyone who gets their hands on it.

Of course, your iPhone only gives you a certain number of failed guesses, which means that unless the hacker somehow quickly guesses the correct code out of the 10,000 possible combinations, your iPhone’s contents remain safe.

A new video which has surfaced online, however, shows off a brute-force machine capable of trying every possible four-digit numerical combination in turn, while also resetting your iPhone to try again when it runs out of attempts. You can check it out below.

Passwords are easy to forget. They’re even easier to steal. Now Yahoo has unveiled a new scheme to make permanent passwords as outdated as Morse code.

Yahoo is rolling out its “on-demand” email passwords that utilize phone notifications so you’ll never have to memorize a password again. It works kind of like two-factor authentication, except you don’t ever have to type in your primary password.

The CIA has been been involved in a multi-year effort to crack iOS security, according to new information provided to The Intercept by whistleblower Edward Snowden. The attempts have been the focal point of multiple yearly CIA conferences called “The Jamboree.”

Among the possible solutions proposed include a means of “whacking” Xcode, the software used to create apps for iOS and Macs. Researchers claimed they had discovered a means by which Xcode could be manipulated to allow devices to be infected, so as to allow for the extraction of private data — thereby creating a “remote backdoor” that would disable core security features and allow undetected access to Apple devices.

That iPhone in your hands? It’s been compromised by the National Security Agency through its SIM card, and government spies can access your phone through a backdoor installed on it without even needing a court order.

Sound scary? It is, and it’s the latest bombshell to be dropped by American whistleblower Edward Snowden.

Apple is making iMessage and FaceTime harder to hack by turning on two-step verification for both services in an effort to tighten security for iOS and Mac users.

The extra security goes into effect today and gives users an extra layer of protection against hackers or anyone else trying to log in to your iMessage account to either impersonate you or steal data.

One of the great things about iMessage and FaceTime is that it encrypts your messages automatically, making it very, very difficult for hackers to spy on the messages you send.

But guess what? If U.K. Prime Minister David Cameron gets his way, iMessage and FaceTime encryption might soon be a thing of the past.

Apple is normally pretty hot on security, but a new glitch discovered in OS X Yosemite’s search threatens to expose the private details of Apple Mail users — including IP addresses, and more —  to online spammers and phishers.

The privacy risk occurs when people use Spotlight Search, which also indexes emails received with the Apple Mail email client. When performing searches on a Mac, Spotlight shows previews of emails and automatically loads external images in the HTML email.

So why is this dangerous?

We all make compromises daily when it comes to online security. Everybody wants to be safe and secure when making purchases online, but practically none of us do everything necessary to keep our data secure.

“People, myself included, are basically lazy,” web developer Joe Tortuga told Cult of Mac, “and ease of use is inversely related to security. If it’s too difficult, then people just won’t do it.”

With all the recent hacks into private as well as corporate data — like the credit card grab from Home Depot and the hack into Sony’s files, there’s no better time to learn some of the things we all can do to protect ourselves. We spoke to some online security experts to get their advice.

This post is brought to you by IdeaSolutions, creator of KYMS.

What better way to keep your media safe than to encrypt your files and hide them behind an iOS app that appears to be nothing more than a stylish calculator? KYMS (Keep Your Media Safe) encrypts all your multimedia files, photos, documents, passwords and much more, then stashes them inside a military-grade vault that’s hiding in plain sight.

Google has launched a new online tool that allows users to see all the devices that have logged into their account in the last 28 days. If you have suspicions that someone may be logging into your Google account without your permission, you can log in and quickly identify any unauthorized access from computers and mobile devices.

We’re all concerned about our privacy lately. Using a different strong password for all our banking and website activities is the best way to keep malicious hackers from getting all up into our grill.

Rapper MC Safesearch, though, needs to remember not to post his passwords in the music video he’s doing about privacy and security.

Check out how this socially-conscious musician gets totally hacked during his own music video.

Recent reports of iCloud phishing attempts in China illustrate just how important it is always verify that you’re logging into legitimate websites before you enter your precious passwords.

To help, Apple today outlined how users can protect themselves from phishing attacks, in which bad guys pose as legitimate entities in an attempt to gain sensitive data on the web. Apple’s simple PSA page shows how web surfers can verify the authenticity of any website.

iCloud passwords and security passwords can be guessed using social networking and various phishing techniques, and complex passwords and two-step verification are not as intuitive as they should be.

In a delightfully complete article over at TidBITS, author Rich Mogul lays out the facts behind the current spate of Apple security problems – most of which boil down to this: People are the weakest link in the chain.

As anyone who’s worked with technology in the past decade can tell you, the thorniest technical challenges aren’t typically those that deal directly with hardware and software. No, in most cases, the toughest things to troubleshoot and fix lie along the human spectrum. System administrators have long known this, coming up with acronyms like PEBCAK and ID-10T errors.

The same goes for security, which in Apple’s case affects an ever-increasing number of people who not be savvy to the ways of information security.

Almost everyone is happy about iOS 8’s recent privacy upgrade, which means that Apple can’t unlock your phone as part of an investigation. Almost everyone, that is, except for the FBI.

Speaking with reporters Thursday, FBI director James Comey described himself as “very concerned” by steps tech companies like Apple are taking to strengthen privacy on mobile devices.

“I am a huge believer in the rule of law, but I am also a believer that no one in this country is beyond the law,” Comey said. “What concerns me about this is companies marketing something expressly to allow people to place themselves above the law.”

Apple was aware of the iCloud vulnerability which resulted in dozens of nude celebrity images being leaked earlier this month.

According to emails between Apple and noted security expert Ibrahim Balic, Cupertino was given information of a similar security flaw as early as March of this year. In an email from that month, Balic informed an Apple official that he had successfully bypassed the feature designed to stop a so-called “brute-force” attack taking place.

If you regularly use an iPhone or iPad app that uses a built-in browser, you could be vulnerable to a major vulnerability in iOS that allows unscrupulous app developers to spy on your typing.

Today Apple quietly expanded its use of two-factor authentication to protect iCloud users. Now those who have enabled the added security measure will be asked to verify their identity with a secondary device when logging into iCloud.com.

PayPal is feeling threatened. After Apple announced its new mobile payment platform Apple Pay last week, PayPal took out a full-page ad in The New York Times, blasting Apple’s security record in the wake of the celebrity nude scandal.

Tim Cook may have been on the receiving end of welcoming notes from other watchmakers now the Apple Watch has been announced, but not every note has been so friendly.

On Monday, the office of Connecticut attorney general George Jepsen revealed that he had sent an open letter to Tim Cook noting concerns about the privacy implications of Apple Watch, particularly related to the handling of health data.

Particularly on the back of the recent iCloud account hacking scandal, smartphone security is something a lot of people are paying more attention to.

With that in mind, a London-based designer recently launched an intriguing Kickstarter campaign, to create a clothing label aimed at raising awareness about high-tech security.

The clothes are all cleverly constructed around a removable waterproof stealth pocket, made from police-grade shielding fabrics, designed to securely block all Cell, WiFi, GPS and RFID signals to ~100 dB.

It was only a matter of time before Apple spoke out more publicly about the controversy surrounding the compromised iCloud accounts of numerous celebrities.

In an interview with The Wall Street Journal, Tim Cook revealed that Apple is adding new security measures to iCloud in the coming weeks. Users will be notified by email and a push notification for account activity, including whenever an iCloud backup is accessed. Two-step verification will also be strengthened to cover more aspects of iCloud.

Cook also said that Apple plans to raise more “awareness” about internet security.