Jamf Threat Labs subverts iPhone security with fake Airplane Mode

Fresh security research from Jamf Threat Labs may not reflect an active attack, but it does illustrate the layered complexity of today’s threat environment.

When Airplane mode isn’t Airplane mode

In brief, the researchers have figured out a proof of concept attack that tricks victims into thinking they are using Airplane Mode. However, in reality the attacker has put in place a fake version of that mode that looks normal but lets the attacker maintain access to the device.

This is by no means a straightforward attack and hasn’t been seen in the wild. The exploit is complex and would require an attacker to successfully take control of the target device through a series of exploits, the research claims. 

To read this article in full, please click here

Read more

Was Steve Jobs right about this?

Perhaps Steve Jobs was right to limit the amount of time he let his children use iPhones and iPads — a tradition Apple maintains with its Screen Time tool, which lets parents set limits on device use. Now, an extensive UNESCO report suggests that letting kids spend too much time on these devices can be bad for them.

Baked in inequality and lack of social skills

That’s the headline claim, but there’s a lot more to the report in terms of exploring data privacy, misuse of tech, and failed digital transformation experiments.

To read this article in full, please click here

Read more

Apple: Proposed UK law is a ‘serious, direct threat’ to security, privacy

New UK government surveillance laws are so over-reaching that tech companies can’t possibly meet all of their requirements, according to Apple, which argues the measures will make the online world far less safe

Apple, WhatsApp, Meta all threaten to quit UK messaging

The UK Home Office is pushing proposals to extend the Investigatory Powers Act (IPA) with a range of proposals that effectively require messaging providers such as Apple, WhatsApp, or Meta to install backdoors into their services. All three services are now threatening to withdraw messaging apps from the UK market if the changes move forward.

To read this article in full, please click here

Read more

This is why personal encryption is vital to the future of business

Data encryption is threatened by government forces who haven’t yet recognized that without personal security, you cannot have enterprise security. Because attackers will exploit any available weakness to undermine protection — and if your people or your customers aren’t secure, neither is your business.

Get with the data

Attackers will always go where the money is. They will spend lots of it to mount attacks. They will delve deeper, and if they’re spending money, they also have the necessary resources to investigate absolutely anyone they can identify as a potential target.

To read this article in full, please click here

Read more

Proposed Massachusetts law to ban sale of your mobile location data

Categories: News

Categories: Personal

Tags: mobile

Tags: cellphone

Tags: location

Tags: locational

Tags: sale

Tags: selling

Tags: broker

Tags: data

Tags: tracking

Tags: anonymous

A proposed law would ban brokers from selling mobile location data in Massachusetts.

(Read more…)

The post Proposed Massachusetts law to ban sale of your mobile location data appeared first on Malwarebytes Labs.

Read more

Apple warns that UK's Online Safety Bill puts people at 'greater risk'

Apple has raised its voice against a UK law that will dramatically undermine secure commerce and trust online, warning it could put UK citizens at risk.

And Apple is not alone. More than 80 civil society organizations, academics, and experts from 23 nations have warned against the UK government’s decision, which would turn the UK into the first democracy to require routine surveillance of people’s private chats.

The current UK government’s Online Safety Bill includes the power to force encrypted messaging tools such as WhatsApp, Signal, and iMessage to scan messages.

To read this article in full, please click here

Read more

How and why to use FIDO Security Keys for Apple ID

In a world that needs Apple’s recently-improved Lockdown Mode to protect good people against bad ones, high-risk individuals should consider using physical security keys to protect their Apple ID.

What are Security Keys and what do they do?

Security keys are small devices that look a little like thumb drives. Apple at WWDC 2020 confirmed plans to support FIDO authentication beginning with iOS 14 and macOS 11; now, with the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple lets you use them to verify your Apple ID, replacing a passcode. They become one of the two forms of identification you require with two-factor authentication (2FA).

To read this article in full, please click here

Read more

WWDC: 18+ ways Apple plans to make you more secure

Vision Pro, Apple Silicon, Macs, new enterprise tools — and privacy protection were all among the many WWDC announcements Apple made this week.

Introducing these protections, Craig Federighi, Apple’s senior vice president for  software engineering said: “We are focused on keeping our users in the driver’s seat when it comes to their data by continuing to provide industry-leading privacy features and the best data security in the world.

To read this article in full, please click here

Read more

OpenAI’s ChatGPT app for iPad, iPhone hits 500K downloads

OpenAI shipped its ChatGPT app for iPads and iPhones just a week ago, but it has already become one of the most popular applications in the last two years, with over half a million downloads in the first six days. That’s a real achievement, but also a challenge — that’s half a million potential data vulnerabilities.

Not to rest on its laurels, this year’s favorite smart assistant (so far) is now also available in 41 additional nations. There’s little doubt that this has been one of the most successful software/service introductions of all time, but that doesn’t change the inherent risk of these technologies.

To read this article in full, please click here

Read more

Apple bans employees from using ChatGPT. Should you?

Read more