WASHINGTON/SAN FRANCISCO (Reuters) – Apple Inc (AAPL.O) is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers.
FILE PHOTO: Apple iPhone 11’s are pictured inside of the Apple Store on Fifth Ave in the Manhattan borough of New York, New York, U.S., September 20, 2019. REUTERS/Carlo Allegri
The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps’ chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins.
An Apple spokesman acknowledged that a vulnerability exists in Apple’s software for email on iPhones and iPads, known as the Mail app, and that the company had developed a fix, which will be rolled out in a forthcoming update on millions of devices it has sold globally.
Apple declined to comment on Avraham’s research, which was published on Wednesday, that suggests the flaw could be triggered from afar and that it had already been exploited by hackers against high-profile users.
Avraham said he found evidence that a malicious program was taking advantage of the vulnerability in Apple’s iOS mobile operating system as far back as January 2018. He could not determine who the hackers were and Reuters was unable to independently verify his claim.
To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details.
ZecOps claims the vulnerability allowed hackers to remotely steal data off iPhones even if they were running recent versions of iOS. By itself, the flaw could have given access to whatever the Mail app had access to, including confidential messages.
Avraham, a former Israeli Defense Force security researcher, said he suspected that the hacking technique was part of a chain of malicious programs, the rest undiscovered, which could have given an attacker full remote access. Apple declined to comment on that prospect.
ZecOps found the Mail app hacking technique was used against a client last year. Avraham described the targeted client as a “Fortune 500 North American technology company,” but declined to name it. They also found evidence of related attacks against employees of five other companies in Japan, Germany, Saudi Arabia, and Israel.
Avraham based most of his conclusions on data from “crash reports,” which are generated when programs fail in mid-task on a device. He was then able to recreate a technique that caused the controlled crashes.
Two independent security researchers who reviewed ZecOps’ discovery found the evidence credible, but said they had not yet fully recreated its findings.
Patrick Wardle, an Apple security expert and former researcher for the U.S. National Security Agency, said the discovery “confirms what has always been somewhat of a rather badly kept secret: that well-resourced adversaries can remotely and silently infect fully patched iOS devices.”
Because Apple was not aware of the software bug until recently, it could have been very valuable to governments and contractors offering hacking services. Exploit programs that work without warning against an up-to-date phone can be worth more than $1 million.
While Apple is largely viewed within the cybersecurity industry as having a high standard for digital security, any successful hacking technique against the iPhone could affect millions due to the device’s global popularity. In 2019, Apple said there were about 900 million iPhones in active use.
Bill Marczak, a security researcher with Citizen Lab, a Canada-based academic security research group, called the vulnerability discovery “scary.”
“A lot of times, you can take comfort from the fact that hacking is preventable,” said Marczak. “With this bug, it doesn’t matter if you’ve got a PhD in cybersecurity, this will eat your lunch.”
Reporting by Christopher Bing in Washingtong and Joseph Menn in San Francisco. Contributions from Jack Stubbs in London and Stephen Nellis in San Francisco; editing by Chris Sanders, Edward Tobin and Sonya Hepinstall
Ford is bringing back the Mustang Mach 1 for 2021 – Driving
Seventeen years after the last Mustang Mach 1 rode off into the sunset, Ford is bringing back that storied nameplate for 2021.
There’s no EcoBoost four-cylinder here, of course. It’s 5.0L V8 all the way, and Ford said the new Mach 1 will be the “most track-ready 5.0L Mustang ever.”
The automaker has only unveiled teaser images for now, but we’re seeing huge quad pipes, Brembo brakes behind 19-inch wheels wrapped with Pilot Sport Cup 2 performance tires, and honeycomb grilles, but with round inlets that are mindful of the lights on the first Mach 1 of 1969.
That first Mach 1 came stock with a 351-cubic-inch (5.7-L) V8 that made 250 horsepower, with two optional V8s. That was matched to a GT handling suspension for improved performance.
Exactly what 5.0L V8 the 2021 Mach 1 will get is still up in the air. For 2020, Ford offers 460 horses in the GT; 480 hp in the Bullitt; and moving up to the Shelby models, you get 526 hp in the GT350, and 760 hp in the supercharged GT500.
The Mach 1 was traditionally Mustang’s step between the base cars and the top-of-the-powerband models. The Bullitt has come and gone before, and both it and the GT350 are slated for the chopping block at the end of this model year. That would logically slide the Mach 1 between the GT and GT500, and give it bragging rights as the most powerful naturally-aspirated eight-cylinder.
The original Mach 1 debuted for 1969, and continued through when the Mustang grew larger and longer for 1971. It also made the transition to the smaller, all-new Mustang II in 1974, but was discontinued in 1978. It returned for the 2003 and 2004 model years as a retro-style edition with 4.6L V8 making 302 horsepower, and with a stick shift or automatic transmission.
Here are 430 apps and games available on Google Play Pass right now – Android Police
Spaced desks, one-way halls, voice technology — your post-COVID-19 office will look much different – National Post
We may never go back (and what that means) is a collection of Post stories looking at the how the pandemic has changed the view of the office.
As Canadians gear up to return to work, employers are putting into place a wide range of safety protocols to protect their workplaces from the threat of COVID-19.
As a result, offices in a post-pandemic world could look very different from before, experts say. And they might stay that way.
“There’s going to be a forced evolution at the office,” said Evan Hardie, who researches the future of work at Canadian workplaces.
Returning employees could see a host of changes, including spaced desks, personal lockers, voice-automated technology, staged areas for elevators and one-way hallways, Hardie said. They may also have to follow new protocols such as varying shifts, cleaning surfaces after usage, and wearing PPE to the office.
Some employees may never return to the office again, Hardie said, as companies who have been forced to develop technology for remote work during the pandemic may not be able to afford the new cost of renovating their spaces.
Yet all this doesn’t necessarily mean the end of the traditional office tower, according to Lisa Fulford-Roy, vice president with Toronto commercial real estate giant CBRE. “I think this is going to shine a lens on how can we be smarter about the spaces we’re creating for people to occupy safely and healthily and productively,” she said.
According to experts, the biggest challenge for firms will be having to redesign spaces that have been in place for decades, to allow for physical and social distancing rules.
Since the last economic downturn, companies have been following an open office trend, where “essentially everybody’s sitting really close to each other,” Hardie said, to allow for more communication. “I think we’re going to see a change there, where you’re going to have employees spaced out, they won’t maybe be facing each other in the office too.”
To maintain physical distancing rules, companies are considering spaced desks, one-way hallways, and the reconfiguration of common areas like kitchens, utility rooms and staging areas for elevators. Gensler, an American architecture firm, has released ‘ReRun,’ a tool which reconfigures your office’s existing floor plan to optimize physical distancing conditions, using computer algorithms.
Under new set-ups, workers may also be asked to come into the office at different times and bring their own equipment.
“Keyboards, mice, headsets, those things are going to be personal accessories now,” said Hardie. “So you’ll have either a locker at the office that you can lock yourself or you’re hauling it back and forth every day.”
Many workplaces could follow in the path of major tech companies and restructure their work environments from headquarters to hubs. “Rather than having a head office where the majority of their workforce is in one central location, firms may opt for regional hubs,” Hardie said.
Christian Paquette, a labour employment lawyer, said he’s gotten many questions from companies. These range from how to implement policies on shared rooms, to the nitty gritty details around personal garbage bins, ventilation systems, eating utensils, and desired cubicle heights.
“I think, ironically, one challenge for employers might be that some may not have sufficient space anymore because of social distancing,” he said. “They may need to find more space in some cases, or put an emphasis on some parts of their workspaces and less on others.”
At the beginning of May, Paquette and a colleague released a list of key guidelines for employers looking to incorporate COVID-19 requirements into their work policies.
“There needs to be clear lines of communication,” said Paquette. The article recommended that employers form a “dedicated, multi-disciplinary team” to monitor the workplace reopening and conduct risk assessments; create a contingency plan in case of a shutdown; and open a communication channel keeping employees informed of the measures being put in place and any changes thereafter.
Employers also need to develop a procedure to address attendance issues and work refusals, such as those for “employees who are afraid to return or may face special circumstances” such as compromised immunity or child or elder care obligations.
Mohammad Abdoli-Eramaki, who teaches occupation health and safety at Ryerson University, emphasized the need for a system that monitors individuals, to identify those at risk of spreading the virus.
“The issue with COVID-19 is that it’s not identifiable,” he said, which in turn makes it difficult to determine certain hot spots in a workplace where exposure to the virus is increased. Ergo, “there should be a system in place where (the individual) monitors (themselves) … and if (they) don’t follow the policy, someone else does (monitor them).”
Paquette said it ultimately comes down to the level of risk each employer faces.
“For instance, (if) you have a proven outbreak in a work environment, that may justify different measures than an office space where people are not in close quarters (and) where other types of measures can really be put in place that are much less intrusive, like social distancing and self-reporting,” he said.
The pandemic has forced several workplaces to hastily upgrade and/or invest in technology to allow for people working remotely. On one hand, for those coming back to the office, employers might continue to make investments to keep the office accessible and safe, such as voice and automation technology.
“The ability to not have to touch everything in the office, to have technology that steps in, either through automation or through your voice, allows you to take your hands off a lot of things that you would have been touching in the past,” said Hardie. Companies looking to track employee movements could do so via keycard access, or by using technology that produces heat maps and monitors social distancing.
On the other hand, companies who have already invested in technology that supports remote work may find the additional investments too costly. “They may well say, okay we’ve made this major investment on ramping everybody up for home office, so maybe we’ll wait until we figure out a good plan of attack for the actual office itself’,” explained Hardie.
ALTERNATIVES TO THE OFFICE
For employers who have successfully adapted to working from home during the pandemic, there may no longer be a need for an office anymore, said Allison Cowan, director of capital of the Conference Board of Canada.
“They are seeing advantages in the long term, such as real estate savings, benefits from commuting, benefits for employee heath,” she said. Several large companies such as Twitter and Open Text have already asked staff to continue working remotely indefinitely, while others like BMO have confirmed they are looking into hybrid schemes that would combine the office with remote work opportunities.
For some companies, that might mean rethinking their current spaces, for others it might mean letting go of their leases entirely and opting for flexible alternatives, i.e., rentable co-working spaces.
Kevin Penstock is the CEO of The Profile, a Vancouver company that offers rental co-working spaces. He said he’s been receiving a lot of calls. “There’s no question (that demand for these spaces will go up),” he said. “People are going to try and figure out how to get all their staff in their offices downtown, half the people will be stuck at home, these companies are going to need this type of select space.”
Penstock has rolled out a multi-phased plan for the reopening of his spaces, which includes modified shared spaces (two-person tables instead of five), the phased return of members, physical distancing signage, health screenings and a new cleaning regimen.
The challenge, he said, will be catering to demand despite the limits on the number of people per shared space, as well as monitoring those who flout the rules. “We can ask people to start doing some shift work,” he said. “Then we’re going to have to start sharing the space in a way that’s a bit different than we’re used to.”
However, while the demand for traditional offices may go down, it won’t entirely disappear, according to Fulford-Roy of CBRE. That’s because people miss the social element that comes with working at an office.
“There may be subsets of employees or departments where (working remotely) might be suitable”, she said. “But I think, for the most part, we’re missing our colleagues, we’re missing the interaction.”
“It’s going to be less about changing the landscape of engagement and productivity. (Instead) it’s going to be a lens of how do we do that safely?”
Trump escalates war on Twitter, social media protections – Yahoo Canada Finance
Duhatschek Notebook: Expanded Hart field, dark horse Cup picks and more – The Athletic
Ford is bringing back the Mustang Mach 1 for 2021 – Driving
- Media16 hours ago
Trump threatens to remove 'shield' protecting social-media giants from liability for online content – The Globe and Mail
- Media13 hours ago
Creators of 6ixBuzz possibly doxed via social media – insauga.com
- Science20 hours ago
Tesla’s Musk earns $770M in stock options, company confirms
- News22 hours ago
Canada, allies condemn China on Hong Kong law after contentious Meng ruling – CBC.ca
- Tech19 hours ago
Toronto-based duo create custom puzzles
- Health20 hours ago
Three New COVID-19 Cases In Campbellton Region
- Media20 hours ago
Donald Trump justify his social media crackdown
- Economy24 hours ago
Doug Ford rejects regional approach to reopening Ontario's economy – Toronto Star