Apple Software

Cyber arms dealer exploits new iPhone software vulnerability, affecting most versions, say researchers

iOS VPN App

Protect Your Access to the Internet


By Joseph Menn and Christopher Bing

(Reuters) -A cyber surveillance company based in Israel developed a tool to break into Apple iPhones with a never-before-seen technique that has been in use since at least February, internet security watchdog group Citizen Lab said on Monday.

The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all versions of Apple’s iOS, OSX, and watchOS, except for those updated on Monday.

The tool developed by the Israeli firm, named NSO Group, defeats security systems designed by Apple in recent years.

Apple said it fixed the vulnerability in Monday’s software update, confirming Citizen Lab’s finding. https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users,” said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”

“While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” he added.

An Apple spokesperson declined to comment on whether the hacking technique came from NSO Group.

In a statement to Reuters, NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”

‘SOFT UNDERBELLY OF DEVICE SECURITY’

Citizen Lab said it found the malware on the phone of an unnamed Saudi activist and that the phone had been infected with spyware in February. It is unknown how many other users may have been infected.

The intended targets would not have to click on anything for the attack to work. Researchers said they did not believe there would be any visible indication that a hack had…

Source…

Apple’s bug bounty program prompts frustration in security community

iOS VPN App

Protect Your Access to the Internet


Apple’s bug bounty program offers $100,000 for attacks that gain “unauthorized access to sensitive data.” Apple defines sensitive data as access to contacts, mail, messages, notes, photos or location data. While Owens’s hack didn’t allow access to those specific areas, Owens and others in the industry argued that the data hackers were getting was, indeed, sensitive. Owens created a hypothetical attack that gave hackers access to the victim’s files. He said in an interview that it could have hypothetically allowed hackers to access corporate servers, if the target computer were used by a corporation. That would be valuable in use for ransomware attacks, for instance.

Source…

Is It Too Late to Buy Apple Stock?

iOS VPN App

Protect Your Access to the Internet


Apple‘s (NASDAQ: AAPL) stock rallied roughly 48,660% over the past 20 years and recently hit a new all-time high. Once dismissed as an also-ran of the tech sector, Apple’s introductions of the iPod, iPhone, and iPad under Steve Jobs turned it into one of the world’s most valuable tech companies.



a tall glass building: Is It Too Late to Buy Apple Stock?


© Provided by The Motley Fool
Is It Too Late to Buy Apple Stock?

After Jobs passed away in 2011, Apple continued to evolve under Tim Cook with new iPhones, fresh hardware devices like the Apple Watch, and the expansion of its software and services ecosystem. Apple also reinstated its dividend, initiated aggressive buybacks, and invested in next-gen technologies like augmented reality and connected vehicles.

Apple became a trillion-dollar company in 2018 and a $2 trillion company last year. But after those massive long-term gains, investors who don’t already own Apple might be wondering if it’s too late to buy the stock. Let’s examine the bearish and bullish cases for Apple to decide.



a tall glass building: The Apple Store on 5th Avenue in New York.


© Apple
The Apple Store on 5th Avenue in New York.

Why it might be too late to buy Apple

The bears often cite Apple’s dependence on the iPhone, which generated 54% of its revenue in the first nine months of fiscal 2021, as its main weakness. Apple’s iPhone sales rose this year as more users bought its first lineup of 5G iPhones, but that growth will likely decelerate next year as fewer consumers consider the iPhone 13 to be a crucial upgrade. Intense competition and the commoditization of the smartphone market also remain major long-term threats to Apple’s biggest business.

Loading...

Load Error

It’s unclear if Apple will ever deliver another revolutionary product like the iPhone, and the lack of clarity regarding its future plans is worrisome.

Another soft spot is Apple’s dependence on China, which accounted for 19% of its revenue in the first nine months of the year. China is Apple’s fastest-growing market, but it’s also a minefield of unpredictable regulations, tariffs, and nationalism-driven boycotts. If the ongoing trade and tech tensions between the U.S. and China escalate, Apple could be an easy target for retaliatory regulations, taxes, or bans.

The bears will also point out…

Source…

Explained: Why Apple is delaying its software that scans for child abuse photos

iOS VPN App

Protect Your Access to the Internet


Following criticism from privacy advocates and industry peers, Apple has delayed the launch of its software that would detect photographs depicting child abuse on iPhones. The programme was announced last month and was slated for launch in the US later this year.

What is Apple’s software and how would it have worked?

Apple last month said it would roll out a two-pronged mechanism that scans photographs on its devices to check for content that could be classified as Child Sexual Abuse Material (CSAM). As part of the mechanism, Apple’s tool neuralMatch would check for photos before they are uploaded to iCloud — its cloud storage service — and examine the content of messages sent on its end-to-end encrypted iMessage app. “The Messages app will use on-device machine learning to warn about sensitive content while keeping private communications unreadable by Apple,” the company had said.

neuralMatch compares the pictures with a database of child abuse imagery, and when there is a flag, Apple’s staff will manually review the images. Once confirmed for child abuse, the National Center for Missing and Exploited Children (NCMEC) in the US will be notified.

What were the concerns?

While the move is being welcomed by child protection agencies, advocates of digital privacy, and industry peers, are raising red flags suggesting that the technology could have broad-based ramifications on user privacy. It is believed that it’s nearly impossible to build a client-side scanning system that is only used for sexually explicit images sent or received by children, without such a software being tweaked for other uses. The announcement had put the spotlight once again on governments and law enforcement authorities seeking a backdoor into encrypted services. Will Cathcart, Head of end-to-end encrypted messaging service WhatsApp, had said: “This is an Apple-built and operated surveillance system that could very easily be used to scan private content for anything they or a government decides it wants to control. Countries, where iPhones are sold, will have different definitions on what is acceptable”.

Why has Apple…

Source…

Humane, a stealthy hardware and software startup co-founded by an ex-Apple designer and engineer, raises $100M


A stealthy startup co-founded by a former senior designer from Apple and one of its ex-senior software engineers has picked up a significant round of funding to build out its business. Humane, which has ambitions to build a new class of consumer devices and technologies that stem from “a genuine collaboration of design and engineering” that will represent “the next shift between humans and computing”, has raised $100 million.

This is a Series B, and it’s coming from some very high-profile backers. Tiger Global Management is leading the round, with SoftBank Group, BOND, Forerunner Ventures and Qualcomm Ventures also participating. Other investors in this Series B include Sam Altman, Lachy Groom, Kindred Ventures, Marc Benioff’s TIME Ventures, Valia Ventures, NEXT VENTŪRES, Plexo Capital and the legal firm Wilson Sonsini Goodrich & Rosati.

Humane has been around since 2017, but it closed/filed its Series A only last year: $30 million in September 2020 at a $150 million valuation, according to PitchBook. Previous to that, it had raised just under $12 million, with many of the investors in this current round backing Humane in those earlier fundraises, too.

Valuation with this Series B is not being disclosed, the company confirmed to me.

Given that Humane has not yet released any products, nor has said much at all about what it has up its sleeve, and given that hardware in general presents a lot of unique challenges and therefore is often seen as a risky bet (that old “hardware is hard” chestnut), you might be wondering how Humane, still in stealth, has attracted these backers.

Some of that attention possibly stems from the fact that the two co-founders, husband-and-wife team Imran Chaudhri and Bethany Bongiorno, are something of icons in their own right. Bongiorno, who is Humane’s CEO, had been the software engineering director at Apple. Chaudhri, who is Humane’s chairman and president, is Apple’s former director of design, where he worked for 20 years on some of its most seminal products — the iPhone, the iPad and the Mac. Both have dozens of patents credited to them from their time there, and they have picked up a few since then, too.

Those latest patents — plus the…

Source…