Update: Mexico, Germany Netherlands, Russia, Austria, Brazil, Belgium, Portugal, Italy & Poland too. Let us know in the comments if the feature is now available in your country.
Apple appears to have recently started rolling out its new two-step verification feature for Apple IDs to users in additional countries. When Apple first launched the service in late March, it was initially only available to users in U.S., UK, Australia, Ireland, and New Zealand. Today we’ve confirmed that Canadian users now have access to the feature, while we’ve also received tips from users in Argentina & Pakistan signalling that the feature is beginning to roll out in other countries as well. Read more
Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they’re directed to an unknown website or address over SMS.
Interesting statement from Apple that seems to throw the blame for the SMS vulnerability over to the SMS protocol. That actually might be the case, but Pod2G’s assessment is that Apple could fix it in an upcoming release.
According to Winrumors, you can take out a Windows Phone 7 device (they say various Windows Phone 7s on any carrier) with a single, solitary SMS message with a [redacted at request of Winrumors]. Worse (or better?) yet, it doesn’t have to be a text, it can be a Facebook message or Windows Live chat.
The flaw works simply by sending an SMS to a Windows Phone user. If the SMS contains a particular string of text then Windows Phone 7.5 devices will reboot and the messaging hub will not open despite repeat attempts. We have tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles particular characters. The bug is also triggered if a user sends a Facebook chat message or Windows Live Messenger message to a recipient.
And you don’t just get a reboot. When your phone comes hobbling back to life, the Messaging hub no longer works. And other parts of the OS are wonky.
If a user has pinned a friend as a live tile on their device and the friend posts a particular string of text on Facebook then the live tile will update and causes the device to lock up.
Yesterday we posted a story about the possibility of new features being implemented in a future update to Siri. However, if you don’t feel like waiting, today the guys over at Techland have put together some tips and tricks for getting the most out of Siri and accomplishing tasks that aren’t currently built-in.
While text message charges will of course apply, here are a few tips for updating Facebook, Twitter, and Google+ by redirecting them through SMS. You can head over to Techland for many more Siri related tips and tricks including searching with Bing and Yahoo!, dictation tips, and how to “teach Siri hard-to-pronounce names”.
