It’s gotten to the point now where it’s almost easier to talk about the mobile apps and services that don’t ship your personal data off to some remote server for purposes unknown rather than discussing the ones that do. The latest discussion of privacy invading apps flowed from the discovery that Twitter and some other iPhone apps were uploading users’ contact lists without their knowledge. Now, a researcher at Veracode has written a small app that allows users to figure out exactly which iOS apps are doing what with their personal data.
Browsing Tag: apple
Members of an online hacking group that calls itself SwaggSec say they hacked systems belonging to Chinese electronics manufacturing giant Foxconn and made off with login credentials belonging to some of the company’s biggest clients. Foxconn has declined to comment.
After a researcher discovered that any person who decides to download the Path app onto their mobile device is unknowingly sending their address book to a server belonging to the social network and photo-sharing service without prior notification, the company has released a new version of the app that asks people to opt in to that behavior.
Researchers in China published a trove of information on previously unknown (zero day) vulnerabilities in popular applications for Google’s Android mobile operating system on Wednesday, including mobile browsers and at least one mobile wallet application.
Apple has issued a new patch for Mac OS X Snow Leopard to fix a problem that users were reporting with application-compaitibility with the original fix issued last week. The new patch is designed to alleviate problems with the Rosetta technology in Snow Leopard.
Apple has released a massive set of patches for a wide range of security vulnerabilities in a number of its products and components, including OSX Lion and QuickTime. The patches, which are rolled up in OS X 10.7.3, fix a slew of serious bugs, many of which can be used to execute remote code on vulnerable machines.
A fake version of the popular Camera+ iPhone application was offered on Apple’s App Store over the weekend, according to a post by Glyn Evans on the iPhoneography blog on Saturday, just the latest example of suspicious and malicious applications to slip through Apple’s shadowy application vetting project.
Less than three weeks after releasing a new jailbreak for iPhones running iOS 5.01, a team of researchers has now published a similar tool for jailbreaking the iPhone 4S and iPad2. The Absinthe jailbreak tool will allow users to run unsigned code on their devices and load apps from places other than the iTunes App Store.
It appears that hackers in China – not India as previously suspected – were behind the apparent leak of e-mails last week from the U.S.-China Economic and Security Review Commission.
MIAMI BEACH–It’s the accepted wisdom these days that many of the traditional security defenses organizations depend on just aren’t effective at deterring attackers. But this glosses over the fact that the last few years have included some major advances in defensive technologies, including the widespread adoption of exploit mitigations such as ASLR and DEP and the use of sandboxes in many applications. However, as these advances have made their way into the mainstream, the folks on the offensive side of the game have not been sitting idly by, either, as was made abundantly clear during the talks at the Infiltrate conference here.