Showing posts with label iPhone. Show all posts
Showing posts with label iPhone. Show all posts
15 Nov 2014
Apple responds to iOS ‘Masque Attack’ threats.
Once again, another iOS vulnerability has been reported that allow
malicious software to be installed in your iphone or ipad in place of an app
without your knowledge.
 |
| Mobiles and Gadgets groove |
This prompted the U.S. government to warn
Apple gadget owners on Thursday to look out for hackers exploiting a newly discovered vulnerability in the mobile operating system (iOS). According to the
report, the technique takes advantage of a security weakness that allows an untrusted
app (with the same “bundle identifier” as that of a legitimate app) to replace
the legitimate app on an affected device, while keeping all of the user’s
data, the warning states. “This vulnerability exists because iOS does not
enforce matching certificates for apps with the same bundle identifier.”
This
“Masque Attack” was revealed earlier this week by the network security firm
FireEye. In FireEye’s
report, this vulnerability has
been identified in iOS 7.1.1, 7.1.2, 8.0, 8.1, and the 8.1.1 beta on both
jailbroken and non-jailbroken devices. The government warns iOS users not to install apps from sources other than Apple’s
official app store or their own organizations, among other precautions.
However,
Apple has released a statement addressing this breach via a spokesperson to iMore:
Below is an excerpt of Apple's statement to iMore:
"We
designed OS X and iOS with built-in security safeguards to help protect
customers and warn them before installing potentially malicious software,"
an Apple spokesperson told iMore. "We're not aware of any customers that
have actually been affected by this attack. We encourage customers to only
download from trusted sources like the App Store and to pay attention to any .warnings
as they download apps. Enterprise users installing custom apps should install
apps from their company's secure website."
Though Apple says it hasn't received any reports from users yet, there are reports in the media that thousands of users have fallen victim to this vulnerability.
11 Nov 2014
Apple finally releases web tool to deregister phone numbers from iMessage.
At last, Apple has made a de-registration web tool available to former iPhone owners who have struggled to receive messages on their new handset because
their phone number was still associated with the iMessage service, which allows
iPhone users to send free messages to each other. The
site, first spotted in a post on Reddit should solve the problem of disappearing text messages.
Many former iphone users have
complained that they were not receiving text messages from their friends
who were using iphones and this prompted one former Apple user in
the US who was affected by the issue since she replaced her iPhone with a
Samsung Galaxy S5, to launch a class-action lawsuit against Apple, claiming that she was
being penalized for adopting Android. The issue is as a result of Apple rerouting iMessage text messages over its own
servers rather than an operator’s network, bypassing SMS costs and providing additional
features such as the ability to see when a recipient is typing or reading a
message.
Since iMessage is proprietary to
Apple's platforms, users who switched away from iOS but didn't disable iMessage
first would no longer be able to see messages sent from friends with Apple
devices.
But with
the recently released web tool, users just need to input their
phone number so they can receive a confirmation code via SMS which, when
entered back on the webpage, removes the number from Apple’s records and
ensures any text messages sent from an iPhone should make their way to the
user’s device.
If you
don't switch devices often, the new tool may seem insignificant, but for those
who often swap SIM cards into different devices for work, it should make the
transition smoother.
