Showing posts with label Apple. Show all posts
Showing posts with label Apple. Show all posts

Thursday, February 15, 2024

Spybusters Tip #725: How to Find an Apple AirTag Hidden in Your Car

Apple AirTags are useful devices for locating commonly misplaced items like keys and wallets, but they can also be hijacked for more sinister purposes, such as tracking your whereabouts without your knowledge or consent. 

For a rogue AirTag to reveal meaningful surveillance information to its owner, it must be traveling with you: hidden in a pocket, purse, or vehicle you drive regularly. In most cases, Apple should alert you if it detects an unknown AirTag with a notification to your iPhone (or iPad) like "AirTag Found Moving With You." - Turn on AirTag alerts / Find an AirTag in your car... more
Posted by at
Labels: , ,

Sunday, February 11, 2024

Apple Self-Driving Industrial Espionage Case Ends in Sentencing

A former Apple engineer will spend four months in prison, bringing a lengthy and contentious case to a close six years after the U.S. government first charged the engineer, Xiaolang Zhang. 

9 to 5 Mac has been covering the case since shortly after it began, and their report on Zhang’s sentencing has a good overview of the issues to date.

The basics? Zhang worked for Apple in the U.S., where he worked on the company’s self-driving car project, Project Titan. He then left abruptly to work for another company, this one based in China, XMotors. When he did so, he brought several proprietary documents with him. Hence the charges against him, to which he eventually pleaded guilty. The Department of Justice also announced several charges in the case last year. more
Posted by at
Labels: , ,

Thursday, August 18, 2022

Apple AirTag: All Things Technical

Adam Catley has done extensive research into the inner workings of the Apple AirTag. He even has a few things to say about the security of the device...

Privacy Concerns (brief summary below)

While it is possible to use other products similar to AirTag to track people, they cannot benefit from the unmatched global coverage of the FindMy network. This makes the AirTag a more appealing device to people with malicious intent and so privacy features are important.

Let’s look at how reality compares to the claims Apple makes about the AirTag privacy features when the known security issues are considered.
  • Sound alerts are infrequent and unlikely
  • Speaker can be disabled
  • Location can be tracked for the whole day
  • Location can be spoofed
  • “AirTag Found Moving With You” alert can be avoided
  • Location history could be decrypted



Posted by at
Labels: , , ,

Saturday, March 12, 2022

How Apple's FaceTime Glitch Allowed Eavesdropping

It's the bug taking a bite out of Apple. A flaw in the FaceTime app allowed eavesdropping. Here's how the glitch worked:

Users swiped up while calling someone then tapped add person. By adding their own number, it created a group FaceTime call and then...

"Just like magic that other phone number picked up automatically and you're able at that point to hear everything that's acquirable from an audio perspective from that phone without the other person picking up,” said Jonathan S. Weissman, Senior Lecturer in the Department of Computing Security at RIT.

Weissman says the glitch went even further... more


Posted by at
Labels: , , ,

Monday, February 14, 2022

An Update on AirTag and Unwanted Tracking

APPLE - We’ve become aware that individuals can receive unwanted tracking alerts for benign reasons, such as when borrowing someone’s keys with an AirTag attached, or when traveling in a car with a family member’s AirPods left inside. We also have seen reports of bad actors attempting to misuse AirTag for malicious or criminal purposes.

Apple has been working closely with various safety groups and law enforcement agencies. Through our own evaluations and these discussions, we have identified even more ways we can update AirTag safety warnings and help guard against further unwanted tracking...

Advancements Coming to AirTag and the Find My Network
The following updates represent important steps Apple is taking... more

Posted by at
Labels: , , ,

Tuesday, September 14, 2021

Alert: Apple iOS 14.8 Security Update Spikes Spyware Flaw

 Apple on Monday released security updates for its iPhone, iPad, Apple Watch and Mac computers that close a vulnerability reportedly exploited by invasive spyware built by NSO Group, an Israeli security company. 

The tech giant's security note for iOS 14.8 and iPadOS 14.8 says: "Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited." Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6 and a security update for MacOS Catalina to address the vulnerability. 

The fix, earlier reported by The New York Times, stems from research done by The Citizen Lab, a public interest cybersecurity group that found a Saudi activist's phone had been infected with Pegasus, NSO Group's best-known product. According to Citizen Lab, the zero-day zero-click exploit against iMessage, which it nicknamed ForcedEntry, targets Apple's image rendering library and was effective against the company's iPhones, laptops and Apple Watches. more

Posted by at
Labels: , ,

Thursday, May 6, 2021

Apple Airtags - You're It

A new report today says that AirTag stalking is “frighteningly easy” thanks to a number of weaknesses in Apple’s privacy protections...


...three days is a very long time to be tracked without your knowledge if you are an Android user. Additionally, for a stranger stalker, they would be able to track you to your home address or another location you frequently visit, before you are alerted – in other words, after the damage is done...

...An AirTag starts a three-day countdown clock on its alarm as soon as it’s out of the range of the iPhone it’s paired with. Since many victims live with their abusers, the alert countdown could be reset each night when the owner of the AirTag comes back into its range...

...There’s an option in the Find My app to turn off all of these “item safety alerts” — and adjusting it doesn’t require entering your PIN or password. People in abusive situations don’t always have total control over their phones...

...The only protection for Android users is the audible alert after three days, and it’s already been shown that the speaker can be disabled... more

Posted by at
Labels: , , ,

Tuesday, February 23, 2021

New iOS 14.5 Security Feature Will Stop Hackers in Their Tracks

...it looks like Apple is making some pretty big sweeping steps in iOS 14.5 to lock the whole system down even further.


In fact, Apple has already been taking steps to harden iOS 14 against one of the most common exploits — iMessage vulnerabilities — thanks to a very cool new technology dubbed ‘Blastdoor’. However, it looks like Blastdoor was only the beginning, with iOS 14.5 adding some new defences against “zero-click” attacks in general...

As the name implies, a “zero-click attack” is a method by which hackers can take advantage of security vulnerabilities to get into your iPhone or iPad without requiring any interaction on your part. more

 

Posted by at
Labels: , , ,
Subscribe to: Posts (Atom)