Tag Archives: iPhone

IKEA releases its line of wireless charging furniture

image
The IKEA Wireless Charging furniture collection, includes bedside tables, floor-and table lamps, desks and simple charging pads. Credit: IKEA

IKEA has launched its Wireless Charging collection of furniture, which has built-in Qi-enabled wireless chargers for compatible mobile phones.

In addition to offering bedside tables, floor- and table lamps, desks and simple charging pads, IKEA is also selling a DIY kit that lets users embed wireless chargers into furniture of their choice.

image

The furniture, and other items in IKEA’s wireless charging collection, ranges in price from $9.99 to $119.

The Wireless Charging collection will be rolled out globally, with U.S. stores seeing availability beginning in late spring, IKEA said today in a statement.

“With smartphones becoming such a natural part of our lives, we wanted the charging part to become a natural part of our homes,” Holly Harraway, IKEA’s lighting sales leader, said.

image

The furniture uses the most popular wireless charging specification, Qi, which is supported by brands such as Samsung and Energizer and has gotten an extension to its specification allowing it to charge devices at short distances

Users can check whether their mobile phone is compatible with the Qi standard at the Wireless Power Consortium’s this website.

The WPC with its Qi specification is up against two other industry organizations with their own wireless charging protocols: the Power Matters Alliance (PMA) and the Alliance for Wireless Power (A4WP).

To see more information and more photos follow this link to Computerworld for the full story.

Advertisements

Backdoors and surveillance mechanisms in iOS devices

image

This paper is actually half a year old – give or take – but it’s gotten a lot of attention recently due to, well, the fact that he has uploaded a PowerPoint from a talk about these matters, which is obviously a little bit more accessible than a proper scientific journal article.

For instance, despite Apple’s claims of not being able to read your encrypted iMessages, there’s this:

“In October 2013, Quarkslab exposed design flaws in Apple’s iMessage protocol demonstrating that Apple does, despite its vehement denial, have the technical capability to intercept private iMessage traffic if they so desired, or were coerced to under a court order. The iMessage protocol is touted to use end-to-end encryption, however Quarkslab revealed in their research that the asymmetric keys generated to perform this encryption are exchanged through key directory servers centrally managed by Apple, which allow for substitute keys to be injected to allow eavesdropping to be performed. Similarly, the group revealed that certificate pinning, a very common and easy-to-implement certificate chain security mechanism, was not implemented in iMessage, potentially allowing malicious parties to perform MiTM attacks against iMessage in the same fashion.”

There are also several services in iOS that facilitate organisations like the NSA, yet these features have no reason to be there. They are not referenced by any (known) Apple software, do not require developer mode (so they’re not debugging tools or anything), and are available on every single iOS device.

One example of these services is a packet sniffer, com.apple.pcapd, which “dumps network traffic and HTTP request/response data traveling into and out of the device” and “can be targeted via WiFi for remote monitoring”. It runs on every iOS device. Then there’s com.apple.mobile.file_relay, which “completely bypasses Apple’s backup encryption for end-user security”, “has evolved considerably, even in iOS 7, to expose much personal data”, and is “very intentionally placed and intended to dump data from the device by request”.

This second one, especially, only gave relatively limited access in iOS 2.x, but in iOS 7 has grown to give access to pretty much everything, down to “a complete metadata disk sparseimage of the iOS file system, sans actual content”, meaning time stamps, file names, names of all installed applications and their documents, configured email accounts, and lot more. As you can see, the exposed information goes quite deep.

Apple is a company that continuously claims it cares about security and your privacy, but yet they actively make it easy to get to all your personal data. There’s a massive contradiction between Apple’s marketing fluff on the one hand, and the reality of the access iOS provides to your personal data on the other – down to outright lies about Apple not being able to read your iMessages.

Those of us who aren’t corporate cheerleaders are not surprised by this in the slightest – Apple, Microsoft, Google, they’re all the same – but I still encounter people online every day who seem to believe the marketing nonsense Apple puts out. People, it doesn’t get much clearer than this: Apple does not care about your privacy any more or less than its competitors.

Source: OS News

Note: this is not mentioned in the original article but is definitely worth noting that there is at least one company put there that cares about your privacy and always has and is the leader in security. That’s BlackBerry of course, they should be recognized for how great they are and they continually get over looked unless it is for something negative. BlackBerry for life! Best mobile OS is BlackBerry 10, period.

BlackBerry’s ultra-secure chat gives each message its own security key

image

Chat systems like BBM (BlackBerry Messenger) are typically very secure, since they’re encrypted end-to-end. However, they still have a glaring flaw: if intruders do crack the code, they can see everything you’ve said. That’s where BlackBerry’s soon-to-launch BBM Protected comes in. As the company showed at its BlackBerry Experience Washington event (CrackBerry’s video is below), the new service makes it extremely difficult to spy on an entire conversation. Each message has its own random encryption key; even a very clever data thief would only get one tidbit at a time, so it could take ages to piece together a full chat.

BBM Protected will only be available for corporate-controlled BlackBerry devices when it launches as part of an enterprise suite in June, although that will include anything running the now-ancient BlackBerry OS 6 or higher. The chat client won’t be available for personal phones running BlackBerry Balance until early fall, while Android and iOS users will have to wait until late fall or early winter. All the same, it might be worth holding out if you’re really, truly worried that someone is watching your private discussions.

Source: Engadget

EA Games hackers get Apple ID, Origin passwords and payment info

image

If you’ve been prompted to enter your Apple ID login, payment and security credentials via an EA Games subdomain recently, change your passwords immediately.

Same goes if you’ve logged in at an EA Origin subdomain within the past week: change your passwords and connected accounts ASAP.

Security auditor Netcraft announced yesterday it has discovered a slick Apple ID phishing scam running smoothly on an EA server, and a second phishing scam posing as an EA Origin login page. EA Origin is a popular games platform with an estimated 9.3 million users.

EA told press it patched the vulnerability later that night – but did not comment on the second compromise posing as an Origin site, also discovered by Netcraft and reported to be still in operation.

About the Apple phishing compromise EA told BBC last night, “We found it, we have isolated it, and we are making sure such attempts are no longer possible.”

Netcraft said EA’s server compromise could have been avoided with security updates on a known issue with EA’s 2008 version of WebCalendar 1.2.0. which was running on the server.

Netcraft said, “It is likely that one of these vulnerabilities was used to compromise the server, as the phishing content is located in the same directory as the WebCalendar application.”

It is unknown how long the phishing operation had been running, or how many Apple accounts were compromised.

For more information and the complete story click the source link below.

Source: ZD Net

Security experts warn against using LinkedIn app for Apple iPhone

image
App embeds link to an email sender's profile and could compromise security of the device

The new LinkedIn iPhone app that embeds a link to an email sender’s profile on the professional network presents a number of security risks and should not be used, experts warned.

Criticism of the app, called Intro, started soon after its release last week. The first to slam LinkedIn was security consultancy Bishop Fox, which accused the site of “hijacking email.”

Over the weekend, Jordan Wright, a security engineer at CoNetrix, said he was able to spoof  Intro profile information, using a technique that a criminal could easily replicate for a phishing attack.

On Monday, Neohapsis, which does penetration testing and risk assessment for mobile apps, got into the act, saying Intro users were taking on serious risks for a “marginal convenience feature at best.”

“I can’t think of a situation where a user would agree to a reduced level of transport security of their emails in exchange for the novelty of being able to instantly view their LinkedIn contact’s details in the iPhone email client,” Gene Meltser, technical director at Neohapsis Labs, said.

LinkedIn has defended Intro, saying the criticism is based oninaccuracies and misperceptions“.

Wright’s spoofing experiment started with the interception of the security profile Intro inserts into iOS. He then found the username and password used to log into the LinkedIn service and grabbed the first email to look closely at what LinkedIn injects.

His investigation found that he could remove the Intro data and replace it with his own, thereby commandeering the Intro profile tab to show whatever information he wanted.

While his proof-of-concept would be benign to an email recipient, “it would be just as easy to attach a malicious payload, request sensitive information, etc.,” Wright said.

Fox compared Intro to a “man-in-the-middle” attack, because all messages go through LinkedIn servers and are analyzed and scraped for data “pertaining to whatever they feel like it.”

Also, by pushing a security profile to the iOS device, so LinkedIn can re-route emails, posed the risk of having the profile used to wipe a phone, install apps, delete apps and restrict functionality.

“You are effectively putting your trust in LinkedIn to manage your users’ device security,” Fox said.

Continue reading by clicking the source link below.

Source: NetworkWorld

New phone bypass discovered in iOS 7.0.2 lockscreen

image

Patch fails to resolve lockscreen vulnerabilities

A newly-documented technique lets people bypass the lockscreen in iOS 7.0.2 and dial any phone number, not just emergency numbers. The method involves waiting for a notification, or forcing one by sending a text message or ejecting the SIM card. Once the notification pops up, a hacker has to swipe right on it while simultaneously swiping up on the Camera icon. While keeping a finger on the Camera icon, a person must then slide to unlock and tap the Emergency Call button. After dialing, hitting the Call button quickly two or three times should crash Springboard, but allow the call to go through once Springboard restarts.

The v7.0.2 update was itself meant to resolve earlier lockscreen vulnerabilities. The person credited with discovering the new bug, Dany Lisiansky, notes that he also recently found a v7.0.2 vulnerability allowing someone to skip the lockscreen via Siri or Voice Control and access photos, emails, and messages. Apple has had a recurring problem with new versions of iOS enabling lockscreen bypasses, which it then has to quickly close.

Source: Electronista

Apple Patent Reveals Swype-like Keyboard

image

Android users are probably familiar with the Swype keyboard which basically allows users to type on their phones just by swiping (or “swyping”) between characters versus pecking at individual letters one at a time. In fact one iOS developer has event attempted to port Swype onto iOS devices although it didn’t exactly take off. However it seems that Apple did think about keyboard alternatives back in the day, and thanks to a recent patent that was published, it looks like Apple’s idea was pretty similar to Swype. According to the patent filing, it was filed for back in 2007 which is the same year that the first iPhone debuted, suggesting that Apple was already looking for keyboard alternatives for touchscreen devices back in the day.

However given that it’s 6 years later and the only revision to the Apple keyboard on iOS would be its design, it’s safe to say that Apple decided not to pursue this idea, or other keyboard ideas the Cupertino company and its team might have cooked up then. In any case Apple’s keyboard is more than functional and is pretty accurate as far as onscreen keyboards are concerned.

Source: Ubergizmo

How to turn off iOS 7 frequent location tracking and increase your privacy

image

By default, iOS 7 will track and record places that you visit most often to provide better location-based data such as in the Today summary of Notification Center. If you value your privacy more than you do location-based data, you can turn the feature off. Turning off features like these can also help save a bit of battery life too.

Here’s how:

1. Launch the Settings app from the Home screen of your iPhone or iPad.

2. Tap on Privacy.

3. Now tap on Location Services at the top.

4. Towards the bottom of the next screen, tap on System Services.

5. Again, towards the bottom of the next page, tap on Frequent Locations.

6. At the top of the next screen, turn the Frequent Locations option to the Off position.

image

image

That’s all there is to it. Locations you travel to most will no longer be tracked. While this comes at the expense of not having as accurate location data in places like the Today Summary screen, it also preserves your privacy better and to a lot of us, that’s more important.

Source: iMore

Apple Job Listing Hints At Plans With Solar Technology

image

Could solar technology power our iPhones or iPads in the future? Or perhaps even Apple’s Mac computers? While that question remains unanswered for now, it seems that at the very least Apple is interested in the technology, thanks to a recent job listing on Apple’s website which calls for a “thin films” engineer who has experience in the solar industry to join Apple’s Mobile Devices group, with the job description reading, “assist in the development and refinement of thin films technologies applicable to electronics systems.”

Given that the job was for a position in the Mobile Devices division, it has been speculated that perhaps it could be used on future iPhone or iPad products, although others have suggested that maybe it could see integration in display and touch technology as well, maybe for future iWatch devices, perhaps? Solar technology is not new to Apple as the company has in the past used the technology with its data centers, so to see Apple trying to find a way to incorporate the technology into their other products would not be a stretch of the imagination.

Source: Ubergizmo

BlackBerry Messenger for iOS submitted to App Store, waiting on approval

image

BlackBerry Messenger (BBM), once the crack in crack-berry, is going multi-platform this month, including iOS and Android. While no firm release date has been set, BlackBerry’s Alex Kinsella has just stated that BBM for iOS has already been submitted to the App Store. Twitter:

Just in case we forgot to mention, BBM for iPhone was submitted for review 2 wks ago. #waiting #BBM4ALL

Apple approved Google’s Hangouts, Facebook Messenger, the indie WhatsApp, and a plethora of other instant messaging clients, so there shouldn’t be a problem with the core concept. If BlackBerry is trying anything fancy, like screen sharing, that could complicate review. So could any issues related to this being their first iOS app, unlike other major competitors who’ve gotten past their first, painful app launches and settled into the App Store groove.

Either way, we should be getting it soon. Anyone itching to start BBM’ing from their iPhone?

Via: iMore