PINDROP BLOG

Category: Device Security

March 2, 2016
Balancing Privacy and Security in the Backdoor Debate
SAN FRANCISCO–The Apple-FBI debate has brought up many old arguments about wiretapping, surveillance, backdoors, and law enforcement, but while the discussions aren’t new, the technological context is. Cryptographers and privacy experts who are studying the case say that the recent proliferation of encrypted communications and devices has raised the stakes for everyone involved. “Wiretapping didn’t…
Read More →
March 1, 2016
Some Rays of Sunshine on the Security Horizon
SAN FRANCISCO–The cryptographers’ panel at the RSA Conference is not generally noted for its optimism. But amid the usual talk of mass surveillance and breaks in ciphers, several of the panelists sounded downright upbeat about the future of security. The panel, which is just about the last remaining nod to the conference’s roots as a…
Read More →
March 1, 2016
Sidestepping Apple Pay Enrollment Authentication
SAN FRANCISCO–Apple has touted its Apple Pay system as a convenient, simple, and secure alternative to using physical debit or credit cards. But researchers have identified some weaknesses in the enrollment and authentication flow of the system that could have allowed attackers to add stolen cards to their own Apple Pay accounts and use them…
Read More →
February 26, 2016
‘This is Not a Case About One Isolated iPhone’
Apple’s lawyers say that not only does the compromised operating system that the FBI wants to install on the iPhone used by a terrorist not exist, but that it would take between six and 10 engineers and other employees as long as a month to create it. That fact, the company argues, along with a…
Read More →
February 25, 2016
Cook: ‘This is Not What Should Be Happening in This Country’
As the deadline for Apple to respond to a court order to help the FBI unlock an iPhone, both sides are upping the level of their rhetoric, with Apple CEO Tim Cook saying “this is not what should be happening in this country.” In an interview Wednesday, Cook said that the company has refused to do…
Read More →
February 25, 2016
Acecard Android Malware Attacks Bank Apps
As more consumers and businesses have moved to mobile as their main platform for banking, attackers have taken notice and followed suit. The number of mobile banking Trojans increases every day, but some are more sophisticated than others, and researchers have discovered new variants in an old Android malware family that can attack more than…
Read More →
February 24, 2016
Rep. Lieu Asks Comey to Drop FBI’s Demands on Apple
Rep. Ted Lieu has sent a letter to FBI Director James Comey asking the bureau to drop its legal efforts to force Apple to circumvent its own security measures so the FBI can access data on an iPhone used by one of the shooters in the San Bernardino massacre. Lieu (D-Calif.), who has a background…
Read More →
February 22, 2016
What We Know So Far: Apple and the FBI
The public back-and-forth between the FBI and Apple over the company’s refusal to create a custom version of iOS that would let the FBI access encrypted data on an iPhone belonging to one of the shooters in the San Bernardino massacre has produced a huge amount of rhetoric and confusion. The technical details of what…
Read More →
February 19, 2016
Xbot Android Ransomware Can Steal Bank Info, Encrypt Devices
There’s a new Android Trojan circulating that has the ability to not only steal victims’ banking credentials and texts from banks, but also can lock infected devices, encrypt their contents, and hold them for ransom. The Xbot malware is part of the growing sector of mobile ransomware, a threat that has plagued desktops for years.…
Read More →
February 18, 2016
Owning VOIP Phones With Zero Clicks
Researchers have uncovered a simple method for compromising some common VOIP phones, enabling them to listen to victims’ calls covertly or use the phones to make expensive or fraudulent calls. The attack takes advantage of the fact that the affected phones don’t have any authentication set up by default, but do have a vulnerability that…
Read More →