The Latest iOS News Thread
- Thread starter Poke
- Start date
- Latest activity Latest activity:
- Replies 506
- Views 49K
I didn't have time to pay attention to any of it today. What were they jaded about? The iPad Pro 9.7 wasn't enough? Everything they announced had been leaked. Guess people are never happy.
Personally I'm just bummed no macbook pro updates yet, as my 4 1/2 year old Air is reaching the end...
Yeah, underwhelming products, releasing a 16gb phone of any size, comparing the power of the iPad Pro to the decade-old Xbox 360, calling 600 million PC users who haven't upgraded in the last 5 years sad when Apple's model is forced obsolescence. Just a lot of low hanging fruit (no pun intended) for the pundits and only so much meat on the bone for this presser.
The 600m sad users remark was followed by a cut to the crowd of Apple execs and employees:
Maybe it was just the mix of followers I have on Twitter now, but the hot takes followed by deadpan reporting of facts by news outlets was just a different feeling presser compared to some I've seen in the past.
The 600m sad users remark was followed by a cut to the crowd of Apple execs and employees:
Maybe it was just the mix of followers I have on Twitter now, but the hot takes followed by deadpan reporting of facts by news outlets was just a different feeling presser compared to some I've seen in the past.
I will agree about a 16GB phone. Its stupid. And I'm annoyed that the entry-level iPad Pro 9.7 is 32GB, and then skips 64GB, but jumps $150 to 128GB. But there was nothing surprising. I get the jaded reporting, because everyone wants something huge. I'm just not convinced that is the world anymore.
But I do plan to get an new iPad Pro 9.7. Primarily because even though I love my iPad Mini, my eyes really need the bigger display.
But I do plan to get an new iPad Pro 9.7. Primarily because even though I love my iPad Mini, my eyes really need the bigger display.
What do people expect when the factories are releasing parts and cases months before the Apple event. Maybe Trump is on to something asking Apple to on-shore its manufacturing...
FBI backs off Apple, finds another way into iPhone 5c
http://www.engadget.com/2016/03/21/fbi-backs-off-apple-finds-another-way-into-iphone-5c/
The Department of Justice just asked the courts to vacate tomorrow's hearing with Apple concerning the iPhone of San Bernardino shooter Syed Rizwan Farook. Apparently, the FBI will use alternative methods to get into the locked phone without Apple's help.
In a document filed with the courts, the DoJ states:
On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possiblemethod for unlocking Farook's iPhone. Testing is required to determine whether it is available method that will not compromise data on Farook's iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. ("Apple") set forthin the All Writs Act Order in this case.
This doesn't mean this is over. The DoJ proposes filing a progress report on its tests to unlock the iPhone with the courts on April 5. If the method doesn't work, it's probable that Apple and the FBI will be in court at a later date arguing the merits of unlocking that phone.
The government would not name the party that could potentially unlock the phone. It did note that the individual or group is not part of the government.
Magistrate Judge Sheri Pym has scheduled a conference call this afternoon with both parties about the government's motion to vacate tomorrow's hearing. Judge Pym might still ask Apple and the DoJ to show up to tomorrow's hearing.
Apple and CEO Tim Cook have spent the last month making its case that this is not only a undue hardship on the company to create what it called a GovtOS, but more importantly, an over-reaching use of the All Writs Act and a violation of the company's first amendment rights. Between motions and briefs, Apple has spoken with reporters multiple times and Tim Cook has appeared on ABC News to explain the company's position. At the start of today's iPhone event, the Cook talked about the ongoing case.
The DoJ and FBI Director James Comey have contended that this is about a single iPhone that may (or may not) have information that could result is thwarting future terrorist attacks or give insight into whether Farook conspired with members of ISIS.
Update: Tomorrow's hearing has been vacated by the courts. It will have to file a status report on April 5.
http://www.engadget.com/2016/03/21/fbi-backs-off-apple-finds-another-way-into-iphone-5c/
The Department of Justice just asked the courts to vacate tomorrow's hearing with Apple concerning the iPhone of San Bernardino shooter Syed Rizwan Farook. Apparently, the FBI will use alternative methods to get into the locked phone without Apple's help.
In a document filed with the courts, the DoJ states:
On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possiblemethod for unlocking Farook's iPhone. Testing is required to determine whether it is available method that will not compromise data on Farook's iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. ("Apple") set forthin the All Writs Act Order in this case.
This doesn't mean this is over. The DoJ proposes filing a progress report on its tests to unlock the iPhone with the courts on April 5. If the method doesn't work, it's probable that Apple and the FBI will be in court at a later date arguing the merits of unlocking that phone.
The government would not name the party that could potentially unlock the phone. It did note that the individual or group is not part of the government.
Magistrate Judge Sheri Pym has scheduled a conference call this afternoon with both parties about the government's motion to vacate tomorrow's hearing. Judge Pym might still ask Apple and the DoJ to show up to tomorrow's hearing.
Apple and CEO Tim Cook have spent the last month making its case that this is not only a undue hardship on the company to create what it called a GovtOS, but more importantly, an over-reaching use of the All Writs Act and a violation of the company's first amendment rights. Between motions and briefs, Apple has spoken with reporters multiple times and Tim Cook has appeared on ABC News to explain the company's position. At the start of today's iPhone event, the Cook talked about the ongoing case.
The DoJ and FBI Director James Comey have contended that this is about a single iPhone that may (or may not) have information that could result is thwarting future terrorist attacks or give insight into whether Farook conspired with members of ISIS.
Update: Tomorrow's hearing has been vacated by the courts. It will have to file a status report on April 5.
What do people expect when the factories are releasing parts and cases months before the Apple event. Maybe Trump is on to something asking Apple to on-shore its manufacturing...
Fair enough.
An Israeli company is reportedly helping the FBI crack the San Bernardino iPhone
Not surprised here the Israelis are some of the best.
http://www.theverge.com/2016/3/23/11290374/apple-iphone-fbi-encryption-crack-cellebrite
The FBI abruptly halted its heated case against Apple on Monday, citing a new break-in method from an unnamed "outside source." In the days since, the security industry has been puzzling over the identity of that mysterious source. But now, the mask is being lifted. Cellebrite, an Israeli mobile forensic software company, is reportedly helping the FBI get into Syed Farook’s device, according to reports from Reuters and Ynet.
The FBI "has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist's locked iPhone, according to experts in the field familiar with the case," Ynet reports. The Verge reached out to Cellebrite yesterday afternoon for comment and hasn’t yet heard back.
Not surprised here the Israelis are some of the best.
http://www.theverge.com/2016/3/23/11290374/apple-iphone-fbi-encryption-crack-cellebrite
The FBI abruptly halted its heated case against Apple on Monday, citing a new break-in method from an unnamed "outside source." In the days since, the security industry has been puzzling over the identity of that mysterious source. But now, the mask is being lifted. Cellebrite, an Israeli mobile forensic software company, is reportedly helping the FBI get into Syed Farook’s device, according to reports from Reuters and Ynet.
The FBI "has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist's locked iPhone, according to experts in the field familiar with the case," Ynet reports. The Verge reached out to Cellebrite yesterday afternoon for comment and hasn’t yet heard back.
Apple iPhone SE event: the nine most important announcements
http://www.theverge.com/2016/3/21/11255472/apple-iphone-se-ipad-pro-event-recap-highlights
http://www.theverge.com/2016/3/21/11255472/apple-iphone-se-ipad-pro-event-recap-highlights
New SideStepper attack targets corporate iOS device managers
http://www.theverge.com/2016/3/31/1...te-iphone-security-sidestepper-attack-malware
Apple’s security concessions in corporate devices may have created a loophole in an otherwise secure system, according to new research from Check Point Software Technologies, a company that sells internet security hardware and software. When successful, this "SideStepper" attack gives perpetrators access to victims’ devices, including their data, as well as the power to install malicious apps. The new attack takes advantage of less rigorous software controls for corporate device users, particularly those who use Mobile Device Management solutions (or MDMs) to get apps delivered to their phones.
The majority of device owners aren't susceptible to the attack because they don't use MDMs. Even those who do, have to fall for a phishing text message, and then ignore security warnings about the malicious download. Though the attack is hard to pull off, SideStepper shows how common corporate practices can open the door to otherwise impossible iOS attacks. Successful attackers gain unprecedented powers, allowing them to masquerade as the device's manager and control it remotely.
THE ATTACK EXPLOITS LESS RIGOROUS SOFTWARE CONTROLS FOR CORPORATE DEVICE USERS
Corporate IT teams often use MDMs to deliver professional apps to their employees automatically and without the hassle of having them approve what goes on their devices. These apps are typically private and not listed in the App Store. They're not reviewed, approved, or hosted by Apple. Savvy SideStepper attackers harness this corporate loophole in order to install their own malicious apps and essentially conduct a man-in-the-middle attack.
THE DEVICE RECEIVES A MALICIOUS APP
Check Point details the process in its white paper published this morning. Once the malicious configuration profile is installed, it automatically sets up a remote enterprise app server that enables a man-in-the-middle attack. From then on, whenever the user’s legitimate MDM server sends a command, the compromised device instead calls back to the attacker’s malicious server. The device will receive a malicious app, as opposed to the real update it initially sought, and victims will have no idea.
An Apple spokesperson commented to The Verge: "This is a clear example of a phishing attack that attempts to trick the user into installing a configuration profile and then installing an app. This is not an iOS vulnerability. We've built safeguards into iOS to help warn users of potentially harmful content like this. We also encourage our customers to download from only a trusted source like the App Store and to pay attention to the warnings that we’ve put in place before they choose to download and install untrusted content."
It isn’t clear how many devices are susceptible to this attack. Check Point doesn't offer an estimate. Forrester Research reported in 2014 that Apple products accounted for eight percent of global business and government spending in 2009, and at the time, it expected that figure to reach 11 percent in 2015. The firm hasn’t updated its numbers, and it isn't clear how many of those devices are attached to MDMs.
SideStepper isn't the first attack to prey on company devices. In 2014, Palo Alto Networks discovered a malware called Wirelurker. That malware also exploited companies' ability to automatically install apps without Apple's intense App Store approval process. That malware primarily affected Chinese users and was dismantled prior to wider infection. In this case, Apple hasn't yet addressed the loophole, and given that SideStepper isn't malware, the company can't simply patch the security problem. Addressing this attack would mean rethinking how it designs systems for corporate clients.
http://www.theverge.com/2016/3/31/1...te-iphone-security-sidestepper-attack-malware
Apple’s security concessions in corporate devices may have created a loophole in an otherwise secure system, according to new research from Check Point Software Technologies, a company that sells internet security hardware and software. When successful, this "SideStepper" attack gives perpetrators access to victims’ devices, including their data, as well as the power to install malicious apps. The new attack takes advantage of less rigorous software controls for corporate device users, particularly those who use Mobile Device Management solutions (or MDMs) to get apps delivered to their phones.
The majority of device owners aren't susceptible to the attack because they don't use MDMs. Even those who do, have to fall for a phishing text message, and then ignore security warnings about the malicious download. Though the attack is hard to pull off, SideStepper shows how common corporate practices can open the door to otherwise impossible iOS attacks. Successful attackers gain unprecedented powers, allowing them to masquerade as the device's manager and control it remotely.
THE ATTACK EXPLOITS LESS RIGOROUS SOFTWARE CONTROLS FOR CORPORATE DEVICE USERS
Corporate IT teams often use MDMs to deliver professional apps to their employees automatically and without the hassle of having them approve what goes on their devices. These apps are typically private and not listed in the App Store. They're not reviewed, approved, or hosted by Apple. Savvy SideStepper attackers harness this corporate loophole in order to install their own malicious apps and essentially conduct a man-in-the-middle attack.
THE DEVICE RECEIVES A MALICIOUS APP
Check Point details the process in its white paper published this morning. Once the malicious configuration profile is installed, it automatically sets up a remote enterprise app server that enables a man-in-the-middle attack. From then on, whenever the user’s legitimate MDM server sends a command, the compromised device instead calls back to the attacker’s malicious server. The device will receive a malicious app, as opposed to the real update it initially sought, and victims will have no idea.
An Apple spokesperson commented to The Verge: "This is a clear example of a phishing attack that attempts to trick the user into installing a configuration profile and then installing an app. This is not an iOS vulnerability. We've built safeguards into iOS to help warn users of potentially harmful content like this. We also encourage our customers to download from only a trusted source like the App Store and to pay attention to the warnings that we’ve put in place before they choose to download and install untrusted content."
It isn’t clear how many devices are susceptible to this attack. Check Point doesn't offer an estimate. Forrester Research reported in 2014 that Apple products accounted for eight percent of global business and government spending in 2009, and at the time, it expected that figure to reach 11 percent in 2015. The firm hasn’t updated its numbers, and it isn't clear how many of those devices are attached to MDMs.
SideStepper isn't the first attack to prey on company devices. In 2014, Palo Alto Networks discovered a malware called Wirelurker. That malware also exploited companies' ability to automatically install apps without Apple's intense App Store approval process. That malware primarily affected Chinese users and was dismantled prior to wider infection. In this case, Apple hasn't yet addressed the loophole, and given that SideStepper isn't malware, the company can't simply patch the security problem. Addressing this attack would mean rethinking how it designs systems for corporate clients.
Now the Iphone 7 is catching fire..
Yup, now the iPhone 7 is exploding
http://bgr.com/2016/09/29/iphone-7-exploding-fire-photos/
Yup, now the iPhone 7 is exploding
http://bgr.com/2016/09/29/iphone-7-exploding-fire-photos/
As the article say, "this clearly appears to be an isolated incident." That's not the case with Samsung.
https://www.usenix.org/system/files/sec19fall_stute_prepub.pdf details how AirDrop could be exploited due to weakness in its implementation, allowing a MitM attack and DoS.
Apple has announced another health app for the Apple watch. It's a fertility monitor. For women who are willing to track the menstrual days in this app and predict with good accuracy the days of the month she is fertile. Likewise it can be used to determine non-fertile days too as a means of birth control.
Apple WatchOS 6: How to track your menstrual cycle and fertility
Apple WatchOS 6: How to track your menstrual cycle and fertility
Is it sexist of me if I was more excited by the Apple sign-on for iOS Apps?
Hearing app as well. I’m wondering what will make the Watch 5 stand out from the 4.
Leave it to Apple to offer an app to calculate what has been pinned down without the help of an app for hundreds of years.
Not tonight, my watch says I'm fertile...
Do any of the Apple Watches measure body temperature?
For reference, the FDA approved Natural Cycles app (available on iOS and Android) is $99/year. The annual subscription includes a thermometer.
Here's a list of several such apps:
The 10 Best Period and Ovulation Tracker Apps | Parents
