Tag Archives: security

iPod

How do I make my child’s iPod touch safe?

Image Leave a comment

How do I make my child’s iPod touch safe?

We have already discussed what is the best iPod for Kids, now let think about making your child’s iPod safe.  Technology has helped us with many options, giving us gadgets that are handy and easy to carry around. I am sure I am not the only one who has asked how do I make my child’s iPod Touch safe.  The problem however is the safety of these devices, especially when they are being used by our children.

Children can often be  careless about the way they carry these gadgets.  With the growing need for a slimmer device and more functionalities, these devices have grown to become more prone to damage caused if dropped by mistake. The question however is how to make your Child’s iPod Touch safe.  We are going to go through some of the key points you need to consider for the safety of the iPod Touch.

Screen Protector for the iPod Touch

The most fragile thing on the iPod Touch is that of the screen. Whether it is safety against scratches or breaking, a screen protector can help you against that. The glass protectors are readily available and they sit right on top of the screen and provide all the protection without looking like there is anything on top of the screen.

Set Up Find my Phone on the iPod Touch

Having an iPod Touch can possibly reduce several things that we would use on a regular basis earlier, such as a phone book, a photo album and a multimedia device. Think of losing a device where you have all your data stored, data that you most certainly want to keep away from the reach of anyone but yourself.

Find my Phone is a built-in application on the iPod Touch that uses the location services and the GPS module on the device in order to track the device in case you lose it. Children tend to forget their things more often and therefore there needs to be a mechanism for recovering it, find my Phone is the most appropriate application for that. If you are unable to track or recover the phone, the application provides you with the ability of deleting all the data on the phone remotely.

Get a Protective Case for your child’s iPod Touch

Kids have a habit of treating things rough, with a device as expensive as that of the iPod touch you need to ensure that there is sufficient protection against any kind of damage.

A Protective case is just the right place to start. The case is not going to save the iPod touch from falling but it will most certainly keep the body of the device from taken up any significant damage or scratches. The cases range from $20 up till $100, there are a bunch of options to choose from that can actually revamp the entire look of the iPod. Pick the most suitable one which is a combination of looks and safety.

Apple’s Extended Warranty

Apple offer a pretty decent warranty if you purchase the iPod Touch from the Apple Store. If you are thinking of purchasing the device for your child, you most certainly need to consider the probability of the device being damaged or broken.

Apple offers something known as Apple Care which is an extended warranty that costs around $100 and extends a full technical support and repair coverage for two years. The basic warranty coverage is just for 90 days.

Purchasing the iPod Touch with extended support is not a requirement, but if your child breaks things very often then you should definitely consider investing in the warranty. It keeps you covered for a longer period of time without worrying about the authenticity of parts purchased from outside of an apple store.

News

New Xcode vulnerability found in iOS apps

Image Leave a comment

It has been reported that many of China’s favorite, most popular applications for the Apple iOS platform are infected with malware. A study conducted by Apple revealed that roughly 36 applications on Apple’s store were found to be compromised during an uncharacteristic breach of the tech giant’s security. An Xcode vulnerability in the core development packages used by app creators was found to be the root cause.

Xcode Exploitation

The infected applications took advantage of an Xcode vulnerability, which allowed users of unauthorized versions of Apple’s developer toolkit to hijack popular applications.

In a statement on Sunday, Apple declared “To protect our customers, we’ve removed the apps from the App Store that we know have been created with this counterfeit software and we are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps”.

Compromised Development Packages

A further statement was made by Palo Alto Network Inc., a cyber-security firm in the U.S., explaining “In China, and in other places around the world, sometimes network speeds are very slow when downloading large files from Apple’s servers.

As the standard Xcode installer is nearly three gigabytes, some Chinese developers choose to download the package from other sources.” Xcode is an integral part of iOS app design, and has most likely been used by almost all iOS apps, although only the thirty six apps before mentioned were found to be hiding malicious software.

wechat-app-ios

WeChat Infected

Whilst the exact details of all the infected applications is not known, it has been declared that WeChat, a transit app by Didi Kuaidi and a music application from NetEase Inc. were compromised.

An application such as WeChat has over 500 million users, one can only but wonder at the implications of such an app leaving such a vast amount of users vulnerable.

Apple have been quick to address the issue and manufacturers of infected applications are taking steps to ensure that their software is free from exploits and vulnerabilities.

News

Apple reportedly agrees to security inspections by the Chinese Government

Image Leave a comment

A rumor was sparked recently with an article published in The Beijing News and later covered by IT World where an anonymous source claims that Tim Cook has agreed to have Apple products be subjected to spontaneous inspections. Those inspections would have the goal of verifying that there are no backdoors and that the data stored on Macs and iOS devices is indeed secure.

Apple’s CEO Tim Cook met with the head of China’s State Information Office Lu Wei last November to discuss Apple’s products and the Apple Watch in particular as well as China’s security concerns when it comes to Apple and its software and hardware. The anonymous source cited in The Beijing News article has revealed that Tim Cook had openly stated: “We do not, and will not provide a back door”, while Lu Wei has insisted that “We need to draw conclusions, so that consumers must be assured”. In the end, the Cupertino CEO is said to have agreed to spot checks that should:

Ensure information security and privacy of users, while maintaining national security.

While we have no solid evidence that Tim Cook has agreed to such inspections, it is not as outlandish as it may sound. Even though letting Chinese government officials in on Apple’s secrets is a big risk due to China’s lax copyright law enforcement, the Chinese market is a crucial one for the Cupertino company’s long-term success since it provides a lot of potential consumers and is projected to grow in the next several years. So in that sense the rumor falls into the realm of possibility, if not probability.

apple-security-in-china

For the last few years Apple has been pushing to increase its appeal to the Chinese market in every way they can – from just recently opening their largest Apple Store on the Asian continent in Hangzhou, China, to releasing new products in China on the same day as Apple does in the US, to introducing new Siri languages and features aimed directly at the Chinese consumers such as the addition of Baidu as a search provider, an improved Chinese input method, a new dictionary, sharing capabilities to the Sina Weibo microblog as well as the Youku and Tudou video sites.

So what are the implications if the alleged agreement turns out to be true? The bad news for Apple is that it will be sharing private code and internal hardware designs with multiple Chinese officials assigned to investigate its products until they are satisfied that there are no backdoors or other unwanted software that endangers the consumers’ privacy. The silver lining, at least for us consumers, is that such an investigation will add a layer of transparency to Apple’s internal procedures and possibly reassure us that our data is secure.

News

New Mac OS X vulnerabilities publicly disclosed by Google’s Project Zero Team

Image Leave a comment

Ars Technica reports that Google’s Project Zero team has made public three security vulnerabilities found in Mac OS X. Fortunately, Apple has been made aware of the issues prior to their public release and has already fixed one of the vulnerabilities while the other two will be fixed in the upcoming release of Mac OS X Yosemite 10.10.2 which is currently in beta.

Project Zero is a white hat hacking group formed and funded by Google that attempts to breach the security of all major systems that everyday users depend on. Once the group finds a system vulnerability, they get in touch with the company that maintains the software, informs them of the problem and even gives them proof-of-concept source code that demonstrates the issue. The developers of the software product then have three months to implement patches and release them to their customers. As soon as the three months expire, Project Zero publishes the “0day” vulnerability on their website along with the proof-of-concept source code.

Apple is not the only company that has had their vulnerabilities publicly released. Microsoft has also recently experienced the uncomfortable situation of having unpatched Windows bugs in the wild. Fortunately for Apple customers, the issues discovered by the Project Zero team are rather isolated since they require the attacker to have local access to the Mac. In other words, either someone needs to have physical access to your machine in order to hack it, or they need to combine the 0day exploits with other vulnerabilities that will grant them local access.

apple-security-code

The three exploits found by the Project Zero team are the following:

– The first issue has to do with a sandbox bug.

– The second vulnerability exposes an exploitable NULL pointer in the kernel.

– The third 0day bug has do to with a security loophole in Apple’s Bluetooth stack.

Leaving aside whether it’s good of the Project Zero team to publicly release information about vulnerabilities that will soon be patched, these recent events have once again raised the question: Is Apple doing too many things at once and not devoting enough time to solidify the performance and security of its platforms?

A growing number of users support the opinion that Apple has too many balls in the air and the amount of time it can spend on each one is very limited. Between the annual software release cycles of iOS and OS X (and possibly Watch OS going forward), Apple engineers have less and less time to iron out bugs and streamline the operation of the operating systems. The solution brought forward is that Apple needs to take a year during which to focus not on new features, but on making sure that all the features and functionality “just work”. We’ve already seen the Cupertino company do this with the move from Mac OS X Leopard to Mac OS X Snow Leopard.

News

Shellshock concerns reduced as Apple releases patch for Bash bug

Image Leave a comment

Normally Mac users don’t worry about viruses infiltrating our computers because Mac is such a reliable computer and Apple technology is so reliable that the threat of a virus is very far off. However, there is one “security vulnerability” out there that seems to be a threat to Mac computers. This technology insect is known as the Bash or Shellshock.

Up until just a few weeks ago, the threat of this bug could have wreaked havoc on Mac computers. Now, however, the threat has been contained and Mac users need not to worry. The threat of these bugs came from a security flaw in Mac operating systems. This breach in security would have allowed any hacker to get into the operating system and completely take it over! According to CNET, the way this bug works “involves the execution of malicious code within a bash shell — a command-line shell used in many Linux and Unix operating systems, and by Apple’s Mac OS X operating system.”

shellshock-code
Source: Robert Graham

The Bash bug is apparently not new, dating back almost 25 years. It is known to be aggressive in its mission of hacking into PCs or Mac computers through either the terminal application or the Command Prompt, and then controlling the operating system in order to get access to the any personal or confidential information.

Apparently in the OS X, there was a glitch that made it vulnerable to the Bash bug where the entire operating system would be able to be attacked and controlled from an outside force.

The system has now been fixed and the operating system OS X Lion, Mountain Lion software, is not in danger of being taken over by hackers. According to Apple, “With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services.”

There was once another security flaw just like the Bash bug named Heartbleed. It did the same the that Bash does, which is take control of the entire operating system and leave the user vulnerable to their confidential information being hacked and/or stolen. Heartbleed was first heard of in April, and it affected close to 300,000 users, some of whom still have to deal with security issues two months after they were first hacked. The experts have stated that when comparing Heartbleed and Bash bugs, the Bash bug is even bigger because of the surprising ways it communicates with the operating system without being detected.

With this breach now fixed, Mac users can rest easy. Nonetheless, Apple has taken extra precautions. Mac users are now able to visit a website set up by Apple where they can get update to their computer for the Bash bug.