Even though Apple’s fight over the San Bernardino iPhone is essentially over, the overall debate regarding encryption versus national security remains. In an effort to continue to beef up security options on consumer devices, Reuters today reports that Apple has rehired well-respected security expert Jon Callas. News of this hire comes as we’re hearing from sources that Apple is in the midst of entirely overhauling its security team.
Security May 24
Security April 27
The FBI has decided it will not divulge the details of how it successfully hacked into the San Bernardino iPhone to Apple, having found a method at the last-minute just hours before going to court in late March. However, in an attempt to appear helpful and cooperative, the FBI gave Apple its first security tipoff under the Vulnerability Equities Process this month.
Reuters reports the FBI informed Apple of a security flaw affecting iOS and Mac software on April 14th, as part of a process that balances the needs of law enforcement to hack devices and the needs of manufacturers to patch found flaws before criminals can use them …
Security April 7
It has been widely speculated that the method used by the FBI to access the San Bernardino iPhone might not work with phones that have the Secure Enclave, and this has now been effectively confirmed. FBI director James Comey told CNN that the method doesn’t work with the latest iPhones.
The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5S.
This fact also lends support to the main theory about how the hack was performed …
Security April 6
Just over a week ago, the FBI revealed that it had successfully unlocked the iPhone 5c used by one of the San Bernardino gunmen without the help of Apple. To this day, the FBI has not publicly disclosed the method it used to gain access, and it’s unclear if it ever will. The National Journal, however, reports today that the FBI has been briefing members of the Senate on how it was able to gain access to the locked iPhone.
Security April 5
Early this morning, we told you about a new iPhone 6s passcode bypass vulnerability that allowed handlers to access photos and contact details without needing to verify with a passcode or Touch ID. The Lock screen vulnerability was made possible by Siri, and let users bypass the security provided by the Lock screen passcode and/or Touch ID.
If there’s a positive spin to put on such a vulnerability, it’s that fixes can be implemented server side without the need for an iOS update. Apple today has fixed the passcode bypass method by forcing Siri to request your Lock screen passcode whenever a user tries to search Twitter via Siri while at a secured Lock screen expand full story
Security April 4
A new iPhone 6s/6s Plus passcode bypass flaw is making its rounds on the internet today, and it’s similar to flaws we’ve seen in the past on iOS. Don’t be overly alarmed, though, as the odds of this happening to you are slim. Besides, if you are concerned, there are some bonafide ways to go about protecting yourself. expand full story