Apple Fixes Passcode Bypass Flaw in iOS 9.3.1
Apple has fixed a serious vulnerability in iOS that allowed any user to access the contacts and some other information on some iPhone models when they were locked. The bug was the result of a problem in the way that iOS 9.3.1 handled some commands through Siri. In some specific cases, an attacker with access […]
Crypto Debate is About Power and Authority, Experts Say
Building devices and communications infrastructure that are resistant to compromise and surveillance has become an imperative in today’s environment, but it’s work that can run into roadblocks from government. The most pertinent current example is the encryption debate, and security experts say the security and privacy of users depends on the outcome of the conflict. The […]
Wyden: ‘Plans to Weaken Strong Encryption Are a Double Loser’
Sen. Ron Wyden, who has been perhaps the most outspoken legislator on the topic of encryption, privacy, and government intervention in technology, said he will “use every power I have as senator” to prevent lawmakers from passing laws that weaken encryption. Wyden (D-Ore.) spoke Tuesday at RightsCon, a conference on digital rights and privacy, and […]
1,418 Bugs in Medical Devices, Zero Patches
There are vulnerability reports, and there are Vulnerability Reports. The latest and perhaps best entry in the latter category is a disclosure of more than 1,400 vulnerabilities in a variety of medication-supply devices manufactured by CareFusion. The affected devices are CareFusion’s Pyxis SupplyStation systems, automated cabinets that allow medical personnel to dispense medication and monitor […]
Apple Case May Cast a Long Shadow
Now that the Department of Justice has withdrawn its lawsuit against Apple in the case concerning the San Bernardino shooter’s iPhone, it’s clear that the legal and media battles of the last month and a half have produced more questions than they’ve answered. Chief among those remaining questions is this: What was the point? The […]
Critical Rooting Flaw Haunts Android
Google is warning users about a critical security flaw in Android that opens the devices up to attacks that could completely compromise the phones and give attackers persistent control of them. The vulnerability has been exploited by an app found in the Google Play store, and Google officials said it has been used to root […]
Apple Says FBI’s Request for Backdoor is ‘Offensive’
In a new brief in its ongoing legal battle with the FBI and Department of Justice, Apple said that the government does not have any legal authority to force the company to create a backdoored version of iOS and that the FBI has “belittled” Apple’s concerns about the danger of creating such software. In the […]
WhatsApp May Be Next Front in Crypto Battle
The United States government, still entangled with Apple in the battle over an encrypted iPhone, has taken on another big opponent in its efforts to access encrypted communications: WhatsApp. The hyper-popular mobile messaging app is, in some parts of the world with poor phone coverage, the default communications mechanism. Now owned by Facebook, WhatsApp employs end-to-end […]
More Android Malware Bypassing Mobile Banking 2FA
The kind of features that once were reserved solely for top-shelf malware is becoming standard equipment for mobile malware. The latest must-have feature is the ability to bypass two-factor authentication and it is showing up in more and more malicious apps, especially those that impersonate banking apps. A couple months ago a new version of […]