Despite research published last year that demonstrated that Apple has the ability to decrypt users iMessages if it so chooses, Apple CEO Tim Cook said that the company does not hold the encryption key for those messages and couldn’t even produce the plaintext in response to a government order.
Browsing Category: Mobile Security
There’s a serious vulnerability in pre-4.4 versions of Android that allows an attacker to read the contents of other tabs in a browser when a user visits a page the attacker controls. The flaw is present in a huge percentage of the Android devices in use right now, and there’s now a Metasploit module available[…]
A report from the UK’s ICO says that permissions given to mobile apps often far exceed what’s necessary, and that privacy policies are hardly apparent to users downloading apps.
Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid.
Dennis Fisher and Mike Mimoso discuss the Apple iCloud mess, extending its 2FA system to the cloud, and the fallout from the possible Home Depot data breach.
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.
Mozilla is set to add a feature to its mobile Firefox OS that will give users the ability to revoke any application’s permissions on a granular basis. Firefox OS is the open source operating system that Mozilla built for smartphones. The software runs on a variety of devices from manufacturers such as Alcatel, ZTE and[…]
There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware.
Vulnerabilities in the secure Blackphone reported during DEF CON require unusual circumstances to exploit.
Absolute Software’s anti-theft Computrace software is mysteriously installed on brand new machines, nearly impossible to remove, and exploitable.