Dennis Fisher and Mike Mimoso talk abut the crazy news of the last couple of weeks, the Apple privacy and Apple Pay announcements, the details of the Home Depot breach and the end of the Microsoft Trustworthy Computing unit.
Browsing Category: Mobile Security
Dennis Fisher talks with Rich Mogull about the new iPhone 6, the security and privacy of Apple Pay and whether there’s another company that could put together a similar payment system.
Apple finally has enabled two-factor authentication for its iCloud storage service, more than a year and a half after the company first turned the protective measure on for iTunes purchases and Apple ID.
The researcher who originally discovered the same-origin policy bypass in the Android browser said he reported the vulnerability to Google some time ago, but that the company’s Android security team said it was unable to reproduce the issue.
Despite research published last year that demonstrated that Apple has the ability to decrypt users iMessages if it so chooses, Apple CEO Tim Cook said that the company does not hold the encryption key for those messages and couldn’t even produce the plaintext in response to a government order.
There’s a serious vulnerability in pre-4.4 versions of Android that allows an attacker to read the contents of other tabs in a browser when a user visits a page the attacker controls. The flaw is present in a huge percentage of the Android devices in use right now, and there’s now a Metasploit module available[…]
A report from the UK’s ICO says that permissions given to mobile apps often far exceed what’s necessary, and that privacy policies are hardly apparent to users downloading apps.
Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid.
Dennis Fisher and Mike Mimoso discuss the Apple iCloud mess, extending its 2FA system to the cloud, and the fallout from the possible Home Depot data breach.
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.