Back in November of 2015, Apple quietly acquired security consultancy firm LegbaCore it has recently been discovered. The acquisition was initially revealed back in December by security researcher Trammell Hudson during a presentation at the 32C3 conference. The acquisition was further corroborated by a series of tweets from founder Xeno Kovah (seen below) and the company’s website, which states that it is “not accepting any new customer engagements.”
Security February 2
Security February 1
BlackBerry phones were once the default choice for enterprise, the combination of physical keyboard and secure messaging facility the two key selling-points. Those days are long gone.
The company dismissed the iPhone when it was launched in 2007, claiming that touchscreen phones could never compete with physical keyboards – before doing a U-turn by launching its own touchscreen phone less than a year later. A series of major service outages and a failure to deliver the promised BlackBerry 10 in 2011 sealed the company’s fate as a major player, and it today appears set to completely cede the secure messaging space to Apple.
BlackBerry CEO John Chen effectively admitted in December that the company had a ‘backdoor’ into its supposedly secure messaging system, and the company has now stated that it will this year make only Android phones – a platform not noted for its security credentials. This shortly after Microsoft’s Windows Phone looked even more irrelevant, the company reporting that revenues had halved year-on-year …
Security January 22
Three days ago Apple released an iOS 9.2.1 update with seemingly arbitrary ‘security updates and bug fixes’ listed in the release notes. As we’ve seen time and time again with these type of software updates, most often these small updates seem to go ignored by the general public. We stress how important it is to keep your device up to date, even with small security updates like this.
As is customary after Apple releases a security update version of iOS, the firms and people that discovered the vulnerabilities are coming out explaining how and why these security updates matter. Apple has already included a breakdown of what security issues were resolved in iOS 9.2.1, but it’s still nice to get a further detailed look into what made the vulnerabilities possible in the first place.
Security January 21
AT&T CEO Randall Stephenson is the latest to weigh in on the issue of data encryption policy with the executive telling The Wall Street Journal that Apple CEO Tim Cook and other tech execs should leave the decision making on encryption policy up to Congress:
“I don’t think it is Silicon Valley’s decision to make about whether encryption is the right thing to do. I understand Tim Cook’s decision, but I don’t think it’s his decision to make”… I personally think that this is an issue that should be decided by the American people and Congress, not by companies,”
…The AT&T chief said his own company has been unfairly singled out in the debate over access to data. “It is silliness to say there’s some kind of conspiracy between the U.S. government and AT&T,” he said, adding that the company turns over information only when accompanied by a warrant or court order.
That statement follows a meeting among Cook, other Silicon Valley executives and White House officials last week to discuss topics related to encryption policies and government access to data.
California is now presenting a new bill that, if passed into law, would stop Apple from selling iPhones on its home turf, via ZDNet. The bill requires smartphone manufacturers to sell devices that have backdoors to allow them to be decrypted. Naturally, this affects iPhones which use high-strength security methods and make it practically impossible for anyone including Apple to gain access without the passcode. If this proposed bill sounds familiar, there’s a reason for that. A nearly identical proposition was made in New York state earlier in the month.
Although the bill is only being proposed and isn’t law at this time, it poses a big issue for Apple which is facing pressure from politicians across the US to relax its stance on privacy in favor of security. The California case is especially problematic given the location of Apple’s HQ. It would be very awkward if Apple was barred from selling iPhones in the state where they’re designed.
Security January 17
For nearly half a decade, teams of hackers and programmers have worked tirelessly to crack Apple’s iOS software code in order to inject new features, themes, and applications. Now, a team led by noted former jailbreak developers Will Strafach, otherwise known as “Chronic”, and Joshua Hill, known as P0sixninja, is working to secure Apple’s mobile platform. The duo, along with a list of unnamed former jailbreak developers, has been working on a new comprehensive platform to secure iOS devices for both enterprises and consumers. Strafach provided us with a preview of the platform known as “Apollo,” the first security product from his new company Sudo Security Group.