Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
11.2K views | +1 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

The Fappening is more than just nude celebrity pics -- Can we trust Apple's iCloud?

The Fappening is more than just nude celebrity pics -- Can we trust Apple's iCloud? | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Sometimes I wish the internet could just be a place to exchange wholesome information, such as cooking recipes and tips on Linux, but sadly, there is a dark side. There are deviant people lurking on the web doing all sorts of horrible things. Yesterday, a hacker leaked the private pictures and videos (nude and semi-nude) of many celebrities, and they have spread across the net. For these celebrities, who are real people, I am sure it has been a very trying time; their privacy has been destroyed and I offer my sympathies. For the many people (if they can be called that) viewing and spreading the pictures, the occasion has been dubbed


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
Gust MEES's curator insight, September 1, 2014 7:24 AM

Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=iCloud



Ammanda Daniher's curator insight, September 11, 2014 10:33 PM

It is pretty clear that iCloud has become a threat to most Apple users due to the recent "Celebrity nudes" scandal. I strongly believe that you shouldn't be worried about people being able to get a hold of photographs and videos of personal moments, such as family dinners and Christmas parties. This incident really makes you wonder just how easy it is to hack in to Apple's software systems, and how much Apple's developers have seen of our personal lives. Scandals such as thing will keep things talking, but will Apple release a statement regarding everything that has happened? 

Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage

Forensic scientist identifies suspicious 'back doors' running on every iOS device | Privacy | Cyberespionage | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:



Gust MEES's insight:
During his talk at HOPE/X Jonathan Zdziarski detailed several undocumented services (with names like 'lockdownd,' 'pcapd,' 'mobile.file_relay,' and 'house_arrest') that run in the background on over 600 million iOS devices.


Zdziarski's questions for Apple include:

  • Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount?
  • Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone?
  • Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU?
  • Why is there still no mechanism to review the devices my iPhone is paired with, so I can delete ones that don’t belong?

... and his last slide (page 57 of the PDF) sums it up nicely: 


  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Learn more:


more...
Gust MEES's curator insight, July 21, 2014 9:26 AM
  • Apple is dishing out a lot of data behind our backs
  • It’s a violation of the customer’s trust and privacy to bypass backup encryption
  • There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.
  • Much of this data simply should never come off the phone, even during a backup.
  • Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals
  • Overall, the otherwise great security of iOS has been compromised… by Apple… by design.

Scooped by Gust MEES
Scoop.it!

Apple corrige des vulnérabilités critiques dans iOS et OS X

Apple corrige des vulnérabilités critiques dans iOS et OS X | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it

La firme à la pomme a annoncé plusieurs mises à jour pour iOS et Mac OS X corrigeant 44 vulnérabilités dont 30 critiques pour le premier, et 19 vulnérabilités dont 11 critiques pour le second. Des patchs de sécurité pour Safari sont également au programme.


Gust MEES's insight:

La firme à la pomme a annoncé plusieurs mises à jour pour iOS et Mac OS X corrigeant 44 vulnérabilités dont 30 critiques pour le premier, et 19 vulnérabilités dont 11 critiques pour le second. Des patchs de sécurité pour Safari sont également au programme.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Sécurité : des personnes ont perdu accès à leur Mac à cause d’iCloud

Sécurité : des personnes ont perdu accès à leur Mac à cause d’iCloud | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Imaginez : vous allumez votre Mac ou votre iPhone, et soudain vous avez un message vous informant que votre appareil a été hacké et que vous devez payer pour en retrouver l'usage.


En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Rescooped by Gust MEES from #Security #InfoSec #CyberSecurity #Sécurité #CyberSécurité #CyberDefence & #DevOps #DevSecOps
Scoop.it!

Computrace - Le mouchard universel présent sur les PC, Mac et appareils Android

Computrace - Le mouchard universel présent sur les PC, Mac et appareils Android | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Et si je vous disais qu'il y a dans votre ordinateur un mouchard que vous ne pouvez pas enlever, qui a été mis en place par le constructeur, qui est sur les listes blanches de la plupart des antivirus et dont vous n'avez jamais entendu parler ? La société Kaspersky, spécialisée dans la détection et …

Via Frederic GOUTH
Gust MEES's insight:


C'est très fort cela!!! :(((


more...
Gust MEES's curator insight, May 22, 2014 8:08 AM
C'est très fort cela !!! :(((


Scooped by Gust MEES
Scoop.it!

Apple fixes hole that leaked employees' and developers' personal info

Apple fixes hole that leaked employees' and developers' personal info | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple quietly slipped its Developer Center offline on Sunday night to patch a serious security hole that let anybody access personal contact information for any registered Mac, iOS or Safari develo...






Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



Gust MEES's insight:

Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

#Update asap! Apple releases iOS 7.1.1

#Update asap! Apple releases iOS 7.1.1 | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple patches a number of bugs in the iOS platform, and takes a second stab at fixing the Touch ID fingerprint recognition "fade" reported by some iPhone 5S users.


Learn more:



Gust MEES's insight:


Learn more:



more...
Scooped by Gust MEES
Scoop.it!

Update asap!!! ===> Apple Fixes More Than 25 Flaws in Safari

Update asap!!! ===> Apple Fixes More Than 25 Flaws in Safari | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has fixed more than 25 security flaws in its Safari browser.


That flaw was fixed in iOS and other products earlier this year but Apple just released the fix for Safari on Monday. Along with the 25 memory corruption vulnerabilities the company fixed, it also pushed out a patch for a separate issue in Safari that could enable an attacker to read arbitrary files on a user’s machine.


=========> UPDATE ASAP!!! <========


Gust MEES's insight:


=========> UPDATE ASAP!!! <========



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple iOS 7.1 Fixes More Than 20 Code-Execution Flaws

Apple iOS 7.1 Fixes More Than 20 Code-Execution Flaws | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple iOS 7.1 fixes more than 20 code execution flaws on the iPhone.


Apple has fixed a slew of vulnerabilities that could lead to code execution on the iPhone, along with a number of other security vulnerabilities in the latest version of its mobile operating system, iOS 7.1. The new release comes just a little more than two weeks after Apple released iOS 7.06 to fix the SSL certificate validation error.


Gust MEES's insight:


Apple has fixed a slew of vulnerabilities that could lead to code execution on the iPhone, along with a number of other security vulnerabilities in the latest version of its mobile operating system, iOS 7.1. The new release comes just a little more than two weeks after Apple released iOS 7.06 to fix the SSL certificate validation error.


more...
No comment yet.
Rescooped by Gust MEES from 21st Century Learning and Teaching
Scoop.it!

Fin du support de Snow Leopard : 1 Mac sur 5 gravement vulnérable

Fin du support de Snow Leopard : 1 Mac sur 5 gravement vulnérable | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple a définitivement abandonné la sécurité de son Mac OS X 10.6, pourtant encore largement utilisé.
Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
Scooped by Gust MEES
Scoop.it!

Apple finally patches critical SSL flaw in OS X

Apple finally patches critical SSL flaw in OS X | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has released an update for OS X that, among other things, patches the infamous  "gotofail" bug whose existence was publicly revealed last Friday.

The flaw was initially patched on iOS and Apple TV with updates pushed out on that same day, but OS X users were left to wonder why a fix hasn't been provided for them as well. 


Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=gotofail


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Mac OS X 10.9.2 released. Apple fixes critical SSL security hole

Mac OS X 10.9.2 released. Apple fixes critical SSL security hole | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple has just issued OS X Mavericks version 10.9.2, fixing the same serious SSL security hole that they patched for iPhone and iPad users at the end of last week.
Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple and the SSL/TLS bug: Open questions

Apple and the SSL/TLS bug: Open questions | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
[UPDATE] It says something about Apple's priorities that they fixed the iOS version of a very serious bug but left Mac users conspicuously vulnerable.


The SSL bug Apple patched on iOS on Friday is a shocking and embarrassing one. That it appears to have been in both iOS and OS X for some time and the way Apple is addressing it show both that Apple knows how serious it is and that Mac users play second fiddle in Apple's orchestra. 

Apple has only released a patch for iOS, not OS X.


Make no mistake about it, this is a very serious bug. The bug makes it fairly straightforward to intercept and decrypt SSL/TLS communications, probably the most important security protocol there is today.


Any time you see Apple (or really any major vendor) release an update that fixes a single bug, you can be sure it's a high-priority bug. And there's no reason to believe that it's higher-priority for iOS users than for Mac users.


So why did they not fix OS X at the same time? Because OS X isn't top priority anymore.

Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Yes, Hackers Could Build an iPhone Botnet—Thanks to Windows

Yes, Hackers Could Build an iPhone Botnet—Thanks to Windows | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A reminder to Apple and smug iPhone owners: Just because iOS has never been the victim of a widespread malware outbreak doesn’t mean mass iPhone hacking isn’t still possible. Now one group of security researchers plans to show how to enslave an entire botnet of Apple gadgets through a perennial weak point—their connection to vulnerable…



Gust MEES's insight:

A reminder to Apple and smug iPhone owners: Just because iOS has never been the victim of a widespread malware outbreak doesn’t mean mass iPhone hacking isn’t still possible. Now one group of security researchers plans to show how to enslave an entire botnet of Apple gadgets through a perennial weak point—their connection to vulnerable…


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

How to Steal an iPhone's Passcode (from up to 150 feet away!)

How to Steal an iPhone's Passcode (from up to 150 feet away!) | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
See that guy on on the other side of the room wearing Google Glass?

He could have just stolen your iPhone's passcode.
Gust MEES's insight:

See that guy on on the other side of the room wearing Google Glass?

He could have just stolen your iPhone's passcode.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple's iOS 8 will help keep out Wi-Fi marketers and snoops, but not totally

Apple's iOS 8 will help keep out Wi-Fi marketers and snoops, but not totally | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A small change in iOS 8 will make privacy advocates happy, although it's going to be a tough pill to swallow for mobile marketers










Check the video ===> Busting wireless security myths <===


Learn more:


https://gustmees.wordpress.com/2013/05/27/dangers-of-wifi-in-public-places/


Gust MEES's insight:

Check the video ===> Busting wireless security myths <===


Learn more:


https://gustmees.wordpress.com/2013/05/27/dangers-of-wifi-in-public-places/



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple ransomware strikes Australia - pay Oleg $100 or else

Apple ransomware strikes Australia - pay Oleg $100 or else | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
This morning, a number of Australian iPad and iPhone users woke up to a strange sight.

"Device hacked by Oleg Pliss. For unlock device..."


If you've seen the "Oleg Pliss" message, you can recover without paying the ransom.


Read more in the full article...


Gust MEES's insight:

If you've seen the "Oleg Pliss" message, you can recover without paying the ransom.


Read more in the full article...


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

"Open the iPhone door, Siri!" - Apple's digital helper coughs up another lock screen hole

"Open the iPhone door, Siri!" - Apple's digital helper coughs up another lock screen hole | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
A hacker has found a way to bypass the iPhone 5 lock screen to get at your contacts. Ironically, he got in by asking Siri, Apple's voice-activated "helper."


The iPhone's lock screen is the easiest way to protect your phone from prying eyes in the event that it is lost or stolen - but activating Siri from the lock screen is like having no protection at all.

Siri caused other lock screen problems that needed fixing - it seems like déjà vu all over again - where holding down the home button allowed you to just ask nicely for your phone to bypass its own security.

The bug affects devices running iOS 7.1.1 - the latest Apple release.



Here's how to close the hole while...


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:

Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Does Apple care more about securing Mac users than iPhone users?

Does Apple care more about securing Mac users than iPhone users? | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
In the last couple of days, Apple has issued critical security patches for iOS, Mac OS X, the Apple Airport Base Station, and even the innocuous hockey puck-shaped Apple TV. And I trust, as a regul...


A malicious hacker could have taken one of these patched OS X vulnerabilities, and weaponised it for exploitation in a zero-day attack against iPhone and iPad users.

.

Every time Apple treats its smartphone and tablet customers as poor relations when it comes to security, they are putting millions of users at risk.


Learn more:



Gust MEES's insight:

Every time Apple treats its smartphone and tablet customers as poor relations when it comes to security, they are putting millions of users at risk.

.

Learn more:


.


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Heartbleed OpenSSL bug: FAQ for Mac, iPhone and iPad users

Heartbleed OpenSSL bug: FAQ for Mac, iPhone and iPad users | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
In the last couple of days you cannot fail to have seen the huge number of media articles about the so-called Heartbleed bug. In this article, we'll try and answer some of the common questions that...


Am I at risk if I use a Mac? What about an iPhone or iPad?

Unfortunately this bug doesn’t care what kind of device you are using to communicate via the Internet. This means that iPhones, iPads and Macs are just as much at risk as, say, a computer running Windows 8.1.

Learn more:


Gust MEES's insight:


Am I at risk if I use a Mac? What about an iPhone or iPad?

Unfortunately this bug doesn’t care what kind of device you are using to communicate via the Internet. This means that iPhones, iPads and Macs are just as much at risk as, say, a computer running Windows 8.1.


Learn more:



more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Fake Tor browser for iOS laced with adware, spyware, members warn

Fake Tor browser for iOS laced with adware, spyware, members warn | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Title available since November raises questions about App Store vetting process.


Apple has never described exactly what its process is for ensuring the titles in its App Store are safe.


Although the comparatively fewer reports of rogue apps for iOS suggest that the review process is more stringent than Google's, the report ticket from Tor's high-ranking members suggests that Apple may not be doing everything it can or should do to protect iPhone and iPad users.


Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple and security: 5 deadly development sins

Apple and security: 5 deadly development sins | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
If Apple carries on with its many programming misdeeds, it will soon see a breakdown in its shiny, new security
Gust MEES's insight:
Learn more:- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security
more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

FireEye discovered an Apple vulnerability which allows iOS keylogging

FireEye discovered an Apple vulnerability which allows iOS keylogging | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices
Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple corrige la faille gotofail pour Mac OS X

Apple corrige la faille gotofail pour Mac OS X | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple est finalement parvenu à corriger la faille de sécurité majeure qui a touché ses systèmes d'exploitation
Mac. Un correctif qui intervient tardivement par rapport à iOS.
Gust MEES's insight:


En savoir plus :


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.
Scooped by Gust MEES
Scoop.it!

Apple encryption mistake puts many desktop applications at risk

Apple encryption mistake puts many desktop applications at risk | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
Apple's Mail, FaceTime, Calendar, Safari browser and Software Update could be vulnerable, a researcher said.
Gust MEES's insight:


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


more...
No comment yet.