Connect with us

Tech

A 'digital spy in your pocket': Zero-click hack blocked by Apple, but what is it? – National | Globalnews.ca – Global News

Published

 on


Apple users are being asked to install a security update after researchers found a flaw that hackers could use to access devices without any user action.

The researchers from Citizen Lab at the University of Toronto said in a report on Monday that a “zero-click exploit” was found in iMessage on a Saudi activist’s iPhone. Apple released a software patch on Monday in response to the exploit.

The researchers said the previously unknown vulnerability affected all major Apple devices: iPhones, Macs and Apple Watches.

Read more:
Apple releases critical software patch to fix security vulnerability

So who is at risk, and how does it work?


What is zero-click?

John Scott-Railton, a senior researcher with Citizen Lab, told Global News that “zero-click” is a hacking method designed to infiltrate a user’s device without them knowing.

“We’re all familiar with the idea that we’re going to get suspicious messages, malware, and phishing, but that’s something we’re educated to be able to spot and not fall for,” he said.

“Zero-click means that somebody you probably don’t know … can remotely target and infect your device with no interaction … you see nothing, you hear nothing and suddenly your device becomes a digital spy in your pocket.”

In other words, unlike the phony texts from delivery services and tax agencies that ask to click a link to resolve some unclear issue, zero-click is invisible.


How was it found?

Scott-Railton said researchers discovered the hack last week while examining the Saudi activist’s iPhone, which was infected with Pegasus spyware, a surveillance program run by Israeli tech company NSO Group.

As they were looking at the phone, they found malicious image files were sent through iMessage before it was hacked with Pegasus spyware. Infected phones would then crash.

It was discovered during a second examination, which showed the phone had been infected in March.

“Those files, as it turned out, were the actual code that would result in what’s called a zero-click, zero-day exploitation. This is the actual code that would remotely infect and take over the phone,” Scott-Railton said.

He described it as “a big find.”

“What’s interesting about this is that literally until the patch went up, everyone who had an Apple device could be potentially hacked using this vulnerability.”


Click to play video: 'Hackers use WhatsApp to install spyware on phones'



2:15
Hackers use WhatsApp to install spyware on phones


Hackers use WhatsApp to install spyware on phones – May 14, 2019

After being alerted by Citizen Lab, Apple announced on Monday it fixed the flaw in a software update.

“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users,” said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement.

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”


Who is at risk?

At this point, it’s unclear if anyone else has been targeted, but Citizen Lab researchers said in their report they believe the hacking method has been in use since February. They attribute the attack to NSO Group.

NSO wouldn’t confirm to Reuters if it was behind the hack, but said in a statement it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”

Reuters further reported that the FBI has been investigating NSO, and Israel has set up a senior inter-ministerial team to assess allegations that its spyware has been abused on a global scale.

Read more:
Biden says next ‘real shooting’ war could be result of major cyber attack

Even though NSO said it vets the governments it sells to, its Pegasus spyware has been discovered on the phones of activists, journalists and opposition politicians in countries with poor human rights records.

Scott-Railton said hacks similar to this will happen again, and people should care about what this discovery shows.

“There is an industry of companies that is busy finding and stockpiling ways to silently hack their phones, and then selling them to people who can pay for them rather than helping manufacturers make their phones more secure,” he said.

“The second reason why people need to care is because the long-term business model of a lot of the companies like NSO Group … is to sell to local authorities, local police departments.”

Scott-Railton added most governments in the world, including Canada, “don’t have robust rules about what police can and can’t do with this kind of invasive technology, and yet technology may arrive even before the rules are put in place.”


What happens now?

With Apple pushing out a security update, Scott-Railton encourages all users to install it as soon as possible.

In a tweet Monday, he wrote that companies need to bolster the security around instant messaging apps.

“Popular chat apps are the soft underbelly of device security,” he said. “They are on every device, and some have a needlessly large attack surface.”

Scott-Railton added that governments, including Canada’s, need to target businesses that sell “bad things to bad people.”

“But more than that, they need to take seriously the targeting of Canadians, permanent residents and people on Canadian soil,” he said.

“It’s really important that the focus be on the technology and the companies that are pushing the stuff — it can’t just be the responsibility of individuals to protect themselves.”

Read more:
Ransomware attack suspected from REvil gang hits at least 200 U.S. companies

— with files from Reuters and The Associated Press.

© 2021 Global News, a division of Corus Entertainment Inc.

Adblock test (Why?)



Source link

Continue Reading

Tech

Costco slashes iPhone 12 series price, other retailers might follow – MobileSyrup

Published

 on


Now that Apple’s iPhone 13 lineup has released, the price of the last-gen iPhone 12 series — which is almost identical to the current-gen models in some ways — is experiencing a price drop.

First shared by RedFlagDeals users ‘DJ Trance AZ,‘ Costco is one of the first Canadian retailers to slash a few dollars of the iPhone 12 series.

Check Costco’s pricing below:

It’s worth noting that the deals are exclusive to Costco members only. Still, if you are a member, the savings are pretty great and considering that the iPhone 13 includes very incremental upgrades, last year’s Apple flagship is still an excellent device.

If you want to read about the major differences between the iPhone 12 and 13 series, check out our comparison story.

Source: Costco Via: RedFlagDeals

Adblock test (Why?)



Source link

Continue Reading

Tech

iOS 15 Removes Do Not Disturb Option That Silenced Notifications Only When iPhone Was Locked – MacRumors

Published

 on


With iOS 15, Apple expanded the Do Not Disturb feature from iOS 14 into a full Focus Mode option that’s designed to allow users to set up different scenarios to manage their incoming notifications.


Focus Mode is handy because it lets you decide exactly what alerts and apps you want to see at home, while at work, when sleeping, when exercising, and in other situations, but as Reddit users have pointed out, Apple has dropped a key Do Not Disturb feature.

Do Not Disturb in ‌iOS 14‌ had a setting that allowed incoming calls and notifications to be silenced at all times, or only when the iPhone was locked. With this setting, you could turn on Do Not Disturb but still get all of your calls and notifications if you unlocked your phone and were actively using it.

Some people used this setting to have Do Not Disturb active at all times during the day so the ‌iPhone‌ was silenced when it was locked, but they weren’t missing alerts when the ‌iPhone‌ was in use. From Reddit:

Really surprised they’ve done this, but it appears there is no longer an option in iOS 15 to still show notifications when in Do Not Disturb but unlocked.

My phone basically lived on Do Not Disturb mode up until now but I’ll have to stop using it now which is really annoying.

Like, I don’t want notifications when my phone is locked, but while I’m actively using it I still need them to pop up.

There is no equivalent setting in Focus Mode, so there’s no longer an option to receive notifications when the ‌iPhone‌ is unlocked and silence them when it’s not in use. With Focus Mode, it’s an all or nothing experience – notifications are being received, or they’re silenced in all situations.

Many Reddit users are unhappy with the change and are hoping that Apple will reintroduce a similar feature in a future ‌iOS 15‌ update.

Top Stories

Apple today, with iOS 15, announced a slew of new changes coming to notifications on iPhone, including a completely redesigned interface and a new way to summarize notifications based on activities. Notifications now have a completely new design on the lock screen, featuring richer images for messages, and a cleaner more compact look. With the redesign, iOS 15 also introduces a Notification …

Apple Teases iOS 15 Features Ahead of Sept 14 Apple Event

Ahead of next week’s Apple event, Apple has begun teasing iPhone users about upcoming iOS 15 features using a notification from the Tips app.
“See what’s coming in iOS 15,” reads the notification. “Learn about new features that will help you stay connected and find focus.”
Tapping the notification takes users on a brief tour of upcoming features, including Voice Isolation, the new Shared…

Apple Releases watchOS 8 With Mindfulness App, Focus Mode, Messages Updates, Find My and Contacts

Apple today released watchOS 8, the newest version of the watchOS operating system designed to run on modern Apple Watch models. watchOS 8 is compatible with the Apple Watch Series 3 and later.
‌‌watchOS ‌8 can be downloaded for free through the dedicated Apple Watch app on the iPhone by going to General > Software Update. To install the new software, the Apple Watch needs to have at least…

Apple Seeds iOS and iPadOS 15 Release Candidates to Developers

Apple today seeded the release candidate versions of iOS and iPadOS 15 to developers for testing purposes, with the updates coming two weeks after Apple released the eighth betas.
Registered developers can download the profile for the iOS and iPadOS betas from the Apple Developer Center, and once the profile is installed, beta updates will be available over the air.
iOS 15 is a major…

Apple Seeds Eighth Betas of iOS and iPadOS 15 to Developers [Public Beta Available]

Apple today seeded the eighth betas of iOS and iPadOS 15 to developers for testing purposes, with the updates coming one week after Apple released the seventh betas.
Registered developers can download the profile for the iOS and iPadOS betas from the Apple Developer Center, and once the profile is installed, beta updates will be available over the air.
iOS 15 is a major update that…

Apple Seeds Seventh Betas of iOS and iPadOS 15 to Developers [Update: Public Beta Available]

Apple today seeded the seventh betas of iOS and iPadOS 15 to developers for testing purposes, with the updates coming one week after Apple released the sixth betas.
Registered developers can download the profile for the iOS and iPadOS betas from the Apple Developer Center, and once the profile is installed, beta updates will be available over the air.
iOS 15 is a major update that…

Apple Seeds Sixth Betas of iOS and iPadOS 15 to Developers

Apple today seeded the sixth betas of iOS and iPadOS 15 to developers for testing purposes, with the updates coming one week after Apple released the fifth betas.
Registered developers can download the profile for the iOS and iPadOS betas from the Apple Developer Center, and once the profile is installed, beta updates will be available over the air.
iOS 15 is a major update that…

Apple Announces iOS 15: First Look at New Features

Apple today previewed iOS 15, the company’s next major update for the iPhone, featuring new video calling capabilities, improvements to Messages, user statuses, a smart notification summary, and more.
FaceTime
In iOS 15, FaceTime features a new grid view and portrait mode support for video. For audio, FaceTime calls now offer Spatial Audio so that voices sound as if they are coming from…

Adblock test (Why?)



Source link

Continue Reading

Tech

Amazon Unveils First Kindle Paperwhite For Kids – Forbes

Published

 on


Amazon has released a version of its Kindle Paperwhite e-book reader designed especially for children.

Amazon has previously released versions of the entry-level Kindle reader for Kids, but this is the first time the more advanced Paperwhite hardware has been tailored for children.

Hardware wise, the Paperwhite Kids is not any different from the regular Paperwhite that Amazon has just released. It has a 6.8in display and – perhaps crucially for younger readers – has an IPx8 rating, which means it can “withstand accidental drops in the bath, hot tub, pool, and sea”, according to Amazon. The standard Kindle Kids doesn’t have any waterproofing.

Unlike the regular Paperwhite, the Paperwhite Kids comes with a year’s subscription to Amazon Kids+, which means young readers get access to a library of more than 1,000 e-books, including the Harry Potter series. Parents beware, however, that the Kids+ subscription automatically renews at the end of the first year, which is an extra $2.99 per month for Prime members or $4.99 for non-members.

Amazon is also offering two years of its “worry-free guarantee” with the Paperwhite Kids which means that Amazon “warrant the device against defects in materials and workmanship under ordinary consumer use for two years from the date of original retail purchase”. The implication on Amazon’s website is that this covers accidental damage (“if it breaks, return it and we’ll replace it for free”) although that’s not explicitly stated in the legal wording.

Unlike the regular Paperwhite, Amazon also provides a cover for the Paperwhite Kids, which should at least prevent the screen being scratched or damaged when it’s not in use.

Reading benefits

Amazon is emphasizing the benefits of using a dedicated e-book reader instead of a device such as a smartphone or tablet for reading, arguing that it doesn’t have the distractions of games, social media or internet access that those other devices offer.

The Paperwhite Kids also supports Audible, so children can easily switch between reading and listening to audiobooks with Bluetooth headphones. The Kindle software allows readers to resume where they left off, whether reading the e-book or listening to the audiobook.

The Paperwhite Kids also offers the OpenDyslexic font, which is described as “a font preferred by some readers with dyslexia”.

The Paperwhite Kids cost $159.99, which is $20 more expensive than the standard Paperwhite, but that doesn’t come with a cover or the Amazon Kids+ subscription. It’s available for pre-order now.

Adblock test (Why?)



Source link

Continue Reading

Trending