Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
16.1K views | +1 today
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
March 3, 2018 3:22 PM!

Cellebrite' Hacking Tool Unlocks Any iOS Devices Including iPhone X | #Apple #NobodyIsPerfect 

Cellebrite' Hacking Tool Unlocks Any iOS Devices Including iPhone X | #Apple #NobodyIsPerfect  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |

You must remember the long and tedious battle between Federal Bureau of Investigation and iPhone manufacturer firm Apple over unlocking of an iPhone owned by the terrorist involved in the San Bernardino mass shooting around two years back. In that particular case, Apple flatly refused to provide feds access to the data and the FBI had to pay more than a million dollar to an Israeli mobile forensics firm Cellebrite to unlock the shooter’s iPhone 5c.

It seems like the feds won’t need to plead Apple to unlock its phones anymore because of the breakthrough findings of Cellebrite. As per the Israeli firm, its new hacking tool would unlock just about any iPhone available in the market that runs on iOS 5 to iOS 11 including the newbie iPhone X. It is worth noting that Cellebrite develops digital forensics tools and programs for cell phones and its most popular product is the Universal Forensic Extraction Device or UFED that helps investigators extract all the passwords and data stored in a mobile phone.


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:

You must remember the long and tedious battle between Federal Bureau of Investigation and iPhone manufacturer firm Apple over unlocking of an iPhone owned by the terrorist involved in the San Bernardino mass shooting around two years back. In that particular case, Apple flatly refused to provide feds access to the data and the FBI had to pay more than a million dollar to an Israeli mobile forensics firm Cellebrite to unlock the shooter’s iPhone 5c.

More: Textalyzer Device Tells Police Everything Users Do on Their Smartphone

It seems like the feds won’t need to plead Apple to unlock its phones anymore because of the breakthrough findings of Cellebrite. As per the Israeli firm, its new hacking tool would unlock just about any iPhone available in the market that runs on iOS 5 to iOS 11 including the newbie iPhone X. It is worth noting that Cellebrite develops digital forensics tools and programs for cell phones and its most popular product is the Universal Forensic Extraction Device or UFED that helps investigators extract all the passwords and data stored in a mobile phone.


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
November 28, 2017 3:41 PM!

Vietnamesische Sicherheitsforscher: Neue Maske soll iPhone X sofort entsperren | #Apple #FaceID #CyberSecurity #NobodyIsPerfect 

Vietnamesische Sicherheitsforscher: Neue Maske soll iPhone X sofort entsperren | #Apple #FaceID #CyberSecurity #NobodyIsPerfect  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |


Neue Maske soll iPhone X sofort entsperren

Die Maske, mit denen Forscher des vietnamesischen Anbieters Bkav ein iPhone X überlistet haben, ist überarbeitet worden. Die neue Version soll die Entsperrung über Face ID ermöglichen, ohne dass das iPhone X angelernt werden muss.

Mitarbeiter des vietnamesischen Sicherheitsanbieters Bkav wollen mit einer neuen Maskenversion Apples Face ID leichter als bisher überlisten können und warnen davor, die Gesichtserkennung im geschäftlichen Bereich zu nutzen - weil diese so unsicher sei.


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:


Neue Maske soll iPhone X sofort entsperren

Die Maske, mit denen Forscher des vietnamesischen Anbieters Bkav ein iPhone X überlistet haben, ist überarbeitet worden. Die neue Version soll die Entsperrung über Face ID ermöglichen, ohne dass das iPhone X angelernt werden muss.

Mitarbeiter des vietnamesischen Sicherheitsanbieters Bkav wollen mit einer neuen Maskenversion Apples Face ID leichter als bisher überlisten können und warnen davor, die Gesichtserkennung im geschäftlichen Bereich zu nutzen - weil diese so unsicher sei.


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
November 2, 2017 5:15 PM!

Apple will share face mapping data from the iPhone X with third-party app developers | #Apps #Privacy 

Apple will share face mapping data from the iPhone X with third-party app developers | #Apps #Privacy  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |
Apple plans to share facial mapping data captured by the iPhone X’s series of front-facing cameras and sensors, according to a report by Reuters. The revelation, contained in a developer agreement detailing the use of Apple’s new facial recognition software, would appear to undermine statements Apple made during the iPhone X reveal back in September. The company’s executives at the time made an effort to placate privacy concerns with talk of strict on-device storage and end-to-end encryption.

However, there’s quite a bit of unpacking to do here regarding what developers actually have access to and under what terms. According to the developer agreement, third-party app makers only have access to the visual facial mapping data, and not the same mathematical representation of it that is used to unlock the iPhone X using Face ID. Apple claims the latter is encrypted on the device itself, so not even its own employees have access to it. Yet developers do still have access to a map of a user’s face as part of the True Depth camera, along with data on as many as 50 facial expressions that could tell a developer how exactly you raise your eyebrows or move your mouth, to name a few telling instances. This is how Snapchat’s iPhone X-specific filters, demoed onstage during the phone’s reveal, appear more sophisticated than standard ones.


Despite the apparent protections, organizations like the American Civil Liberties Union are concerned that an era of widespread facial recognition technology, no matter the intentions or safeguards of its creator, could yield unexpected results. “Apple does have a pretty good historical track record of holding developers accountable who violate their agreements, but they have to catch them first - and sometimes that’s the hard part,” Jay Stanley, an ACLU senior policy analyst, told Reuters.


“It means household names probably won’t exploit this, but there’s still a lot of room for bottom feeders.”


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:
Apple plans to share facial mapping data captured by the iPhone X’s series of front-facing cameras and sensors, according to a report by Reuters. The revelation, contained in a developer agreement detailing the use of Apple’s new facial recognition software, would appear to undermine statements Apple made during the iPhone X reveal back in September. The company’s executives at the time made an effort to placate privacy concerns with talk of strict on-device storage and end-to-end encryption.

However, there’s quite a bit of unpacking to do here regarding what developers actually have access to and under what terms. According to the developer agreement, third-party app makers only have access to the visual facial mapping data, and not the same mathematical representation of it that is used to unlock the iPhone X using Face ID. Apple claims the latter is encrypted on the device itself, so not even its own employees have access to it. Yet developers do still have access to a map of a user’s face as part of the True Depth camera, along with data on as many as 50 facial expressions that could tell a developer how exactly you raise your eyebrows or move your mouth, to name a few telling instances. This is how Snapchat’s iPhone X-specific filters, demoed onstage during the phone’s reveal, appear more sophisticated than standard ones.


Despite the apparent protections, organizations like the American Civil Liberties Union are concerned that an era of widespread facial recognition technology, no matter the intentions or safeguards of its creator, could yield unexpected results. “Apple does have a pretty good historical track record of holding developers accountable who violate their agreements, but they have to catch them first - and sometimes that’s the hard part,” Jay Stanley, an ACLU senior policy analyst, told Reuters.


“It means household names probably won’t exploit this, but there’s still a lot of room for bottom feeders.”


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
September 27, 2017 4:03 PM!

Apple: Just squeeze the iPhone X if you're forced into a Face ID unlock | #Privacy 

Apple: Just squeeze the iPhone X if you're forced into a Face ID unlock | #Privacy  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |
Apple has given the iPhone X an emergency feature that users can trigger if they're forced by a thief or police to look at the device and unlock it.

Apple says Face ID is even better than Touch ID at thwarting biometric spoofing thanks to the hardware setup.

But just as someone else can force you to put a finger on the home button, they can also force you to look at the phone. So developer Keith Krimbel asked an Apple's senior vice president of software engineer, Craig Federighi, what happens if a thief steals your phone and then points it at your face before taking off?

He posted Federighi's response on Twitter. The iPhone X has you covered with two key mitigations, according to Federighi.

First, it won't unlock unless you stare at the iPhone. Also, if you still have possession of the phone and are asked to give it up, you can grip the buttons on both sides of the phone before you hand it over, which will temporarily disable Face ID.

iOS 11 also introduces a shortcut to disable Touch ID in emergency situations, but it requires five presses on the sleep button.


Is Face ID more secure than a passcode? It depends who you ask.

If it's a jealous partner who wants to rummage through your text messages, then it's fairly secure. But if it's a government wanting to know who you communicate with, then you're likely tough out of luck.


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:
Apple has given the iPhone X an emergency feature that users can trigger if they're forced by a thief or police to look at the device and unlock it.

Apple says Face ID is even better than Touch ID at thwarting biometric spoofing thanks to the hardware setup.

But just as someone else can force you to put a finger on the home button, they can also force you to look at the phone. So developer Keith Krimbel asked an Apple's senior vice president of software engineer, Craig Federighi, what happens if a thief steals your phone and then points it at your face before taking off?

He posted Federighi's response on Twitter. The iPhone X has you covered with two key mitigations, according to Federighi.

First, it won't unlock unless you stare at the iPhone. Also, if you still have possession of the phone and are asked to give it up, you can grip the buttons on both sides of the phone before you hand it over, which will temporarily disable Face ID.

iOS 11 also introduces a shortcut to disable Touch ID in emergency situations, but it requires five presses on the sleep button.


Is Face ID more secure than a passcode? It depends who you ask.

If it's a jealous partner who wants to rummage through your text messages, then it's fairly secure. But if it's a government wanting to know who you communicate with, then you're likely tough out of luck.


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
December 16, 2017 7:24 AM!

Ärger mit Face ID: Freundin kann iPhone X mit ihrem Gesicht entsperren | #Apple #NobodyIsPerfect

Ärger mit Face ID: Freundin kann iPhone X mit ihrem Gesicht entsperren | #Apple #NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |
Wie ein chinesischer TV-Sender berichtet, gab eine Chinesin ihr iPhone X zurück, nachdem ihre Kollegin es problemlos entsperren konnte.


Learn more / En savoir plus / Mehr erfahren:



Gust MEES's insight:
Wie ein chinesischer TV-Sender berichtet, gab eine Chinesin ihr iPhone X zurück, nachdem ihre Kollegin es problemlos entsperren konnte.


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
November 28, 2017 2:23 PM!

Face ID has been defeated again, and this time it was 'simple' | #Apple #iPhoneX #CyberSecurity #Awareness #NobodyIsPerfect

Face ID has been defeated again, and this time it was 'simple' | #Apple #iPhoneX #CyberSecurity #Awareness #NobodyIsPerfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |
Breaking into a locked iPhone X shouldn't ever be described as simple, but according to a group of security researchers, that's exactly where we find ourselves. 

The same Vietnamese team that managed to trick Face ID with an elaborately constructed mask now says it has found a way to create a replicated face capable of unlocking Apple's latest and greatest biometric using a series of surreptitiously snagged photographs. 

SEE ALSO: No one agrees on whether or not a dead body will unlock a smartphone

Apple has copped to the fact that Face ID, for all its technical prowess, isn't perfect. It can be tricked by twins. For most people, however, that security threat is a nonexistent one. But what about masks? The Cupertino-based company assured customers that it had designed the biometric-powered safeguard with that attack in mind — yet the researchers at Bkav are here to rain on that particular parade. 

"These materials and tools are casual for anyone."
They built a relatively inexpensive mask which, according to a blog post and video demonstration, was able to fool Face ID into unlocking. 


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:
Breaking into a locked iPhone X shouldn't ever be described as simple, but according to a group of security researchers, that's exactly where we find ourselves. 

The same Vietnamese team that managed to trick Face ID with an elaborately constructed mask now says it has found a way to create a replicated face capable of unlocking Apple's latest and greatest biometric using a series of surreptitiously snagged photographs. 

SEE ALSO: No one agrees on whether or not a dead body will unlock a smartphone

Apple has copped to the fact that Face ID, for all its technical prowess, isn't perfect. It can be tricked by twins. For most people, however, that security threat is a nonexistent one. But what about masks? The Cupertino-based company assured customers that it had designed the biometric-powered safeguard with that attack in mind — yet the researchers at Bkav are here to rain on that particular parade. 

"These materials and tools are casual for anyone."
They built a relatively inexpensive mask which, according to a blog post and video demonstration, was able to fool Face ID into unlocking. 


Learn more / En savoir plus / Mehr erfahren:


No comment yet.
Scooped by Gust MEES
September 27, 2017 4:12 PM!

I'll never use Apple's Face ID | #Privacy

I'll never use Apple's Face ID | #Privacy | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... |
“People were handling the device for the stage demo ahead of time and didn’t realize Face ID was trying to authenticate their face," the rep told Yahoo. "After failing a number of times, because they weren’t Craig [Federighi], the iPhone did what it was designed to do, which was to require his passcode." 

Theres's a few things to unpack in that statement. The spokesperson is copping to the fact that the iPhone X frequently scans faces in search of a match. This semi "always on" nature of Face ID is a huge red flag for privacy experts. What's more, if even Apple employees can't figure out how to handle the phone without locking out their boss on the company's biggest day of the year then clearly there's a usability issue.

This, combined with the security and privacy one must forfeit in order to use the technology, is more than enough to turn me off to the supposed revolution that Face ID represents. A password, at its core, is supposed to protect your data from a wide range of threats while still being practical. The latest offering from Apple just doesn't cut it.  


Learn more / En savoir plus / Mehr erfahren:


Gust MEES's insight:
People were handling the device for the stage demo ahead of time and didn’t realize Face ID was trying to authenticate their face," the rep told Yahoo. "After failing a number of times, because they weren’t Craig [Federighi], the iPhone did what it was designed to do, which was to require his passcode." 

Theres's a few things to unpack in that statement. The spokesperson is copping to the fact that the iPhone X frequently scans faces in search of a match. This semi "always on" nature of Face ID is a huge red flag for privacy experts. What's more, if even Apple employees can't figure out how to handle the phone without locking out their boss on the company's biggest day of the year then clearly there's a usability issue.

This, combined with the security and privacy one must forfeit in order to use the technology, is more than enough to turn me off to the supposed revolution that Face ID represents. A password, at its core, is supposed to protect your data from a wide range of threats while still being practical. The latest offering from Apple just doesn't cut it.  


Learn more / En savoir plus / Mehr erfahren:


No comment yet.