The MacValley blog


Welcome to the MacValley blog, your first stop for all the latest MacValley news and views.


Tom Briant

The MacValley blog

Editor: Tom Briant


Click here to email Tom

Click here for Tom's profile



To search the blog posts please use the box below

Sunday, February 21, 2016

Senior Correspondent Arnold Woodworth's Weekly Web Wrap-up for February 21, 2016

This software lets you access Windows and Mac OS at the same time

Parallels Desktop 11 is one example of that right software.

Apple Releases Updated Version of iOS 9.2.1 to Fix Devices Bricked by 'Error 53’

The update will restore iPhones and iPads that have been disabled due to "error 53" to full working condition and will ensure that future iOS devices that have had similar repairs will not be fully disabled. Touch ID will not, however, be accessible until Apple-authorized repairs are made to a device affected by the issue.

Apple originally explained that error 53 was intentional, implemented as a way to prevent the use of a malicious Touch ID sensor that could be used to gain access to the Secure Enclave, but customers with bricked devices were not happy with the explanation and Apple found itself facing a class-action lawsuit.

Apple re-issues iOS 9.2.1 to fix iPhones bricked by Error 53

Apple re-issued iOS 9.2.1 to fix the "Error 53" that had crippled iPhones whose owners had replaced some parts themselves or had a third-party shop do repairs.

The new iOS 9.2.1 will only be served to users who update their iPhones through iTunes on a Mac or Windows PC. Most iPhone owners retrieve updates over the air using their cellular connection, and so will not receive the replacement.

Even so, the operating system will continue to check for mismatched components, Apple said today. If iOS does detect changed parts, it will still disable Touch ID. The difference: The iPhone as a whole should not be bricked.

Mother uses 'Find my iPhone' to Find her Kidnapped Daughter

How do I transfer music from my old iPad to my new one?

27 things you didn't know your iPhone could do

How to control your iPhone by just talking to it

This article reviews four privacy add-ons for web browsers, but only two of them (Ghostery and Disconnect) work on Mac OS or iOS.

Publishers of the other two say that Mac OS and iOS versions are coming “real soon now”.

Apple's 'Rigid and Exacting' Recycling Processes Focus on the 'After-Life of an iPhone’

While global brands including HP, Huawei, Amazon and Microsoft also have detailed protocols for recycling their products, Apple’s are the most rigid and exacting.

"There’s an e-waste problem in the world,” said Linda Li, chief strategy officer for Li Tong. "If we really want to leave the world better than we found it, we have to invest in ways to go further than what happens now."

Entire March issue of Bon App├ętit magazine shot exclusively on iPhones

How Apple makes their Geniuses always seem so happy and helpful

How to play music from YouTube on your iPhone while using other apps

Clever trick.

This tiny glass chip can store all of human history and last forever

A 19-year-old made a free robot lawyer that has appealed $3 million in parking tickets

Joshua Browder's bot handles questions about parking-ticket appeals in the UK. Since launching in late 2015, it has successfully appealed $3 million worth of tickets.

In the future, people won't likely need to hire lawyers for simple legal appeals — they'll just use a bot.

Bots can't provide full and genuine legal counsel, and it will likely take them several decades to become as sophisticated as humans, says Samuel Woolley, who tracks and studies political bots.

Should the Authorities Be Able to Access Your iPhone?

As a legal matter, the showdown between the Obama administration and Apple touched off Tuesday by the ruling of a federal magistrate judge in California turns on an 18th century law. More practically, though, it boils down to this question: Should you be able to lock your phone so securely that even the F.B.I. cannot open it?

The Obama administration and police officers around the country say no, and their precedent is the past. Homes and cars do not have unbreakable locks. You cannot buy an uncrackable safe. And terrorists and child molesters should not be able to buy a hand-held computer that keeps its secrets forever.

Apple, backed by technologists and civil libertarians, says yes.

A very good description of the issues surrounding the Justice Department vs. Apple on accessing a terrorist’s iPhone

Tim Cook: Apple won’t comply with court order to ‘hack its own users’

In a strongly worded letter to customers posted on Apple’s AAPL, +1.11%  website early Wednesday, Cook called the order an “unprecedented step which threatens the security of our customers” with “implications far beyond the legal case at hand.”

The order, Cook wrote, asks the company “for something we simply do not have, and something we consider too dangerous to create.”

“The government is asking Apple to hack our own users and undermine decades of security advancements which protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals,” said Cook. “We can find no precedent for an American company being forced to expose its customers to a greater risk of attack.”

Donald Trump rips Apple for opposing order to unlock San Bernardino suspect’s phone

Donald Trump wants to know: Who does Apple think it is for refusing to help the Justice Department unlock a phone used by a suspect in the San Bernardino attack?

Reader comment:
Isn't it quite interesting that even the FBI can't hack Apple ... in a world where hackers are getting into every system imaginable, including the FBI's databases and virtually all of the governments files ... who would you trust with your information?

Mom whose son died in San Bernardino attack sides with Apple

Her son was killed in the San Bernardino, Calif., massacre — but Carol Adams agrees with Apple that personal privacy trumps the feds’ demands for new software to break into iPhones, including the phone of her son’s killer.

The mom of Robert Adams — a 40-year-old environmental health specialist who was shot dead by Syed Rizwan Farook and his wife — told The Post on Thursday that the constitutional right to privacy “is what makes America great to begin with.”

Adams said she understands the FBI’s need to search Farook’s phone, but it has to be done without putting others at risk.

White House says FBI wants access to one iPhone, not blanket backdoor from Apple

Apple Chief Executive Tim Cook himself predicted this argument in his open letter to the public on Wednesday, saying that the government "may argue that its use would be limited to this case." But in Cook's view, "there is no way to guarantee such control."

From Apple's perspective, creating a tool to access a single iPhone could open the flood gates for future issues rippling well beyond the investigation into the San Bernardino shooting.

"In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession," Cook said.

Here are three very good editorials about FBI access to Apple iPhones:

JOHN MCAFEE: I'll decrypt the San Bernardino iPhone

John McAfee is running for president as a member of the Libertarian Party.

Using an obscure law, written in 1789 — the All Writs Act — the US government has ordered Apple to place a back door into its iOS software so the FBI can decrypt information on an iPhone used by one of the San Bernardino shooters.

No matter how you slice this pie, if the government succeeds in getting this back door, it will eventually get a back door into all encryption, and our world, as we know it, is over. In spite of the FBI's claim that it would protect the back door, we all know that's impossible. There are bad apples everywhere, and there only needs to be one in the US government. Then a few million dollars, some beautiful women (or men), and a yacht trip to the Caribbean might be all it takes for our enemies to have full access to all our secrets.

The fundamental question is this: Why can't the FBI crack the encryption on its own? It has the full resources of the best the US government can provide.

With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension. About 75% are social engineers. The remainder are hardcore coders. I would eat my shoe on the Neil Cavuto show if we could not break the encryption on the San Bernardino phone.

And why do the best hackers on the planet not work for the FBI? Because the FBI will not hire anyone with a 24-inch purple mohawk, 10-gauge ear piercings, and a tattooed face who demands to smoke weed while working and won't work for less than a half-million dollars a year. But you bet your ass that the Chinese and Russians are hiring similar people with similar demands and have been for many years.

Interesting reader comments to this story.

Security firm shows how Apple could bypass iPhone security to comply with FBI request — or so it claims

All this supposes that iPhone is only protected by a 4-digit passcode, however. If a complex password was used, no-one in the FBI would live long enough to gain access.

Apple has positioned itself as a model global citizen whose devices command a premium because of the lengths it goes to safeguard customers' personal data.

"Apple is legitimately concerned about its ability to retain the trust of users globally,” David Kirkpatrick said. "The last thing (Apple CEO) Tim Cook wants to do is shoot himself in the foot by making customers in Peru, China, India, Indonesia, Nigeria and Saudi Arabia think that his company would cooperate with their governments in infringing on their privacy.”

Legendary iPhone hacker weighs in on Apple’s war with the FBI

Mozilla chief: FBI snooping at Apple 'back door' makes you less safe

Encryption is what keeps communications between parties safe from prying eyes. Encryption shields sensitive data, like medical records and banking information. It makes it possible to send confidential documents. And it enables greater good: human rights workers, journalists and whistle-blowers can defend what's right without placing themselves in danger. Most of us use encryption every day without even knowing it.

But it is under threat: In the United States, federal agencies like the FBI are calling on tech companies to facilitate access to encrypted communications.

Apple Unlocked iPhones for the Feds 70 Times Before

Apple’s stance in the San Bernardino case may not be quite the principled defense that Cook claims it is. In fact, it may have as much to do with public relations as it does with warding off what Cook called “an unprecedented step which threatens the security of our customers.”

Apple acknowledged that the phone in the meth case was running version 7 of the iPhone operating system, which means the company can access it. “For these devices, Apple has the technical ability to extract certain categories of unencrypted data from a passcode locked iOS device,” the company said in a court brief.

Apple’s argument in New York struck one former NSA lawyer as a telling admission: that its business reputation is now an essential factor in deciding whether to hand over customer information.

The San Bernardino County government said the FBI told its staff to tamper with the Apple account of Syed Farook (who with his wife, Tashfeen Malik, carried out the December shooting in which 14 people were killed).

The development matters because the change made to the account – a reset of Farook’s iCloud password – made it impossible to see if there was another way to get access to data on the shooter’s iPhone without taking Apple to court.

“The county was working cooperatively with the FBI when it reset the iCloud password at the FBI’s request,” read a post on San Bernardino County’s official Twitter account.

Apple, which has the technical ability to get inside an iCloud account but not always an individual phone, has already provided the FBI with any iCloud data it has for Farook. Those backups only go back to 19 October, six weeks before the shooting. 

That feature is disabled as a security precaution if someone changes the iCloud password for an account.

According to Apple, this also made the information on the iPhone permanently inaccessible.

North Carolina Senator Richard Burr, chairman of the Senate Intelligence Committee, is working on legislation that would penalize companies that don't comply with court orders to unlock encrypted devices

Apple has refused, arguing that to do so would set a legal precedent that could force it to hack a suspect’s phone each time authorities face a warrant. It argues that would violate user trust, privacy norms and weaken the core security of the company’s flagship smartphone.

Early Friday, the Justice Department released a lengthy legal filing that accused Apple of misinterpreting the law and placing marketing goals over national security.

The FBI conceded this week it can’t force Apple to give it the passcode, but it concocted a clever workaround. It persuaded a judge to order Apple to make it easier to guess the passcode by weakening other countermeasures.

N.S.A. Gets Less Web Data Than Believed, Report Suggests

The report indicates that when the N.S.A. conducts Internet surveillance under the FISA Amendments Act, companies that operate the Internet are probably turning over just emails to, from or about the N.S.A.’s foreign targets — not all the data crossing their switches, as the critics had presumed.

The theory that the government is rooting through vast amounts of data for its targets’ messages has been at the heart of several lawsuits challenging such surveillance as violating the Fourth Amendment.

How to Create a More Secure Passcode on Your iPhone or iPad

Apple doesn't advertise it, but the iOS operating system offers an option to make your passcode even more secure through the use of an alphanumeric passcodes or custom length numeric passcodes. Alphanumeric passcodes contain letters and numbers. Both alphanumeric and custom numeric passcodes can be much longer than four or six digits.

Apple’s $450 million e-book settlement Is affirmed by court

A federal appeals court Wednesday affirmed a $450 million e-books settlement between Apple Inc. and a group of plaintiffs, the latest development in long-running antitrust allegations against the company.

There's finally an explanation for the giant dirt pyramid on Apple's new campus

It will become part of the building's landscaping, which will eventually resemble a natural forest.

History:  Some Stories of “Perfect” Security

Nathan Cooprider is senior software engineer at Threat Stack, and Sam Bisbee is CTO, and they brought up the Tor as a great example of a technology long believed to be impregnable that's now been compromised in various ways, all of which reveal the ways a single vulnerability can negate many layers of strength.

The danger with mathematically perfect encryption or theoretically invulnerable software is that the user tends to extrapolate to the entire system and gain a false sense of security. As Bisbee put it, "detection is the new prevention." If the goal previously was to build an unhackable system, the new goal is a system that can tell us when it's been breached, and tell us quickly. No system can be 100% safe, but a system protected by a defense-in-depth philosophy can recover more quickly in the real world of real threats.

Your New Television is Spying on You

"Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition," Samsung posted in its SmartTV privacy policy.

Hollywood hospital pays hackers $17,000 ransom to restore computers

Fighting Fraud on Multiple Fronts

Q. Do credit card companies send customers text messages about their accounts, or is this yet another hacking scheme?

A. If you have not specifically signed up for text alerts, any messages sent to your phone concerning “deactivated,” “blocked” or “locked” accounts and asking you to call a supplied telephone number are most certainly frauds. (Poor spelling and messages claiming to be from banks you do not use are further indicators of fraudulent intentions.) Do not call the number or attempt to block future messages by replying “STOP” — which just confirms you got the message. As the Federal Communications Commission advises, most wireless providers allow you to forward the unwanted message to 7726 (SPAM) to block the sender.

No comments:

Post a Comment



Blog Archive