Tech Letter

Technology Joe Public can rely on

Category: Apple  (page 1 of 6)

Mac malware outpaced Windows PCs threats for first time

That’s a distinction Apple most probably doesn’t want.

Mikey Campbell, Apple Insider »

In its annual State of Malware Report (PDF link), antivirus software maker Malwarebytes tracked a more than 400% increase in detected Mac malware on a year-over-year basis.

Tallying up threat detections on a per endpoint basis, calculus applied to account for growth in the number of Macs running Malwarebytes software, the firm found 11 threats per Mac endpoint in 2019, up from 4.8 in 2018. By comparison, results show an average of 5.8 threats detected per Windows endpoint over the same period.

The report speculates Macs are quickly becoming a sweet target for cybercriminals due to increased marketshare, though recent industry estimates show Apple’s slice of market shrank over the past two quarters.

Malwarebytes

Mac threats increased exponentially in comparison to those against Windows PCs. While overall volume of Mac threats increased year-over-year by more than 400 percent, that number is somewhat impacted by a larger Malwarebytes for Mac userbase in 2019. However, when calculated in threats per endpoint, Macs still outpaced Windows by nearly 2:1.

More » The Register

Apple has been fined €25 million by a French consumer fraud group for intentionally slowing down older iPhones

Tim Hardwick, MacRumors »

The Directorate General for Competition, Consumption and the Suppression of Fraud (DGCCRF), which is part of the country’s economy ministry, concluded that Apple had failed to inform users that iOS updates to older iPhones could slow down their devices.

The investigation followed Apple’s admission in 2017 that it slows down some older iPhones with degraded batteries during times of peak power usage in order to prevent unexpected shutdowns.

Apple has accepted an agreement with France’s public prosecutor to pay the fine of 25 million euros and to publish a press release on its website for one month.

More » DGCCRF press release, BBC

 

Gaia-X » Europe’s plan to avoid an over-reliance on US-based cloud providers Google, Amazon, and others

The EU is putting together a consortium to build a new, non-US, based cloud platform. It’s called Gaia-X.

Will Bedingfield, Wired »

The project is a collaboration between the European Commission, Germany, France, and according to an email from a spokesperson for Germany’s Federal Ministry for Economic Affairs and Energy “some 100 companies and organisations”. (Firms confirmed include SAP SE, Deutsche Telekom AG, Deutsche Bank AG, Siemens and Bosch.) The first proofs of concept for the European cloud are set to be ready towards the end of this year.

The driving motivation behind the project is “data sovereignty”, or, more accurately “data governance” – an ambition to bring the flow and storage and data under greater European control. “Data sovereignty is the key to GAIA-X,” says Harald Summa, the CEO of DE-CIX Group AG, a group involved in the project. “Especially given that our society is relying more and more heavily on digital services, it is in the interest of a state or a region to enable a certain level of independence from external service providers.”

The project is a direct response to the dominance of American and Chinese service providers. The European Commission has already locked horns with Google, fining the company €4.34 billion for antitrust violations back in 2018. The US Cloud Act requires American firms to provide law enforcement with customers’ personal data on request, even when the servers containing the information are abroad.

Continue reading

Apple dropped plan for encrypting iCloud after FBI complained about the initiative

Joseph Menn, Reuters »

Apple Inc. dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters.

The long-running tug of war between investigators’ concerns about security and tech companies’ desire for user privacy moved back into the public spotlight last week, as U.S. Attorney General William Barr took the rare step of publicly calling on Apple to unlock two iPhones used by a Saudi Air Force officer who shot dead three Americans at a Pensacola, Florida naval base last month.

James Vincent, The Verge » Apple can’t read your on-device data, but it can read your iCloud backups

This information is encrypted to stop attackers, but Apple holds the keys to decrypt it and shares it with police and governments when legally required.

Jon Brodkin, Ars Technica »

Apple has not implemented end-to-end encryption for iCloud Backup, the service that lets customers back up their iPhones and iPads to Apple servers, or for iCloud Drive. The iCloud Backup and iCloud Drive data sets are encrypted at rest and in transit, but Apple has the key to unlock them and can thus give decrypted versions to law enforcement.

More » AppleInsider, Tom’s Guide

NY Times journalists answer » What’s the worst that could happen to your smartphone data?

NY Times »

None of us really has a choice to participate in tracking or not — the system just serves up location data, usually without us noticing. So for people who do want a bit of privacy — worshipers, young people visiting Planned Parenthood, those visiting a queer space, survivors hiding from an abuser — they no longer have a real choice about their privacy. Because the tracking touches everyone, can we really give up after concluding it’s fine for us? When we participate in this system, we’re tacitly endorsing it.

[…]

Your imagination can run wild with possibilities. It runs from tracking kids to tracking the nation’s top security officials and using the intelligence for some kind of blackmail.

For us, it was talking to one group that was so concerned they didn’t want to be named. We expected them to be worried, but in conversations with them, they were downright scared. When we showed them all the device pings collected in the center of their building during a gathering, they were horrified that people could know exactly who and how many people were in the building and when. The idea that their community members were followed in the data and we could figure out where they all lived — it wasn’t an abstract threat anymore. It was real and personal for them, especially since they felt like a target already.

New York medical doctor sues to stop Apple from selling it’s Apple Watch with atrial fibrillation detection technology that saves lives

If Dr. Wiesel gets his Christmas wish, he gets richer. Otherwise, he wants to stop this life saving technology from reaching people who might need it, and therefore, he is willing to let people die if Apple doesn’t deposit a truck load of money into his back account on a regular basis.

Atrial fibrillation (AFib) is one of today’s silent killers. It often goes undetected, as it can be intermittent, resulting in late diagnosis, stroke, or even death.

Dr. Wiesel is not the kind of cardiologist I would want on my team.

Susan Decker, Bloomberg »

Dr. Joseph Wiesel, who teaches at NYU School of Medicine, filed a suit Friday against the tech giant, in federal court in Brooklyn. Wiesel claims the Apple Watch infringes his patent for a method to detect an irregular heartbeat.

[…]

Wiesel said his invention covered “pioneering steps” in atrial fibrillation detection by monitoring “irregular pulse rhythms from a succession of time intervals.” He said he first contacted Apple in September 2017, giving the Cupertino, California-based company detailed information about the patent.

[…]

He wants the court to order Apple to pay him royalties and, barring that, to block the company from using his invention without permission.

More » Engadget, SlashGear

ToTok is a United Arab Emirates (UAE) spy tool [Updated]

If you have messaging app ToTok on your smartphone, you will probably want to delete it. It is actually a repressive government’s spying tool.

Apple and Google have removed the app from their app stores.

Mark Mazzetti, Nicole Perlroth, and Ronen Bergman, writing in the NY Times (paywall) »

But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.

ToTok, introduced only months ago, was downloaded millions of times from the Apple and Google app stores by users throughout the Middle East, Europe, Asia, Africa and North America. While the majority of its users are in the Emirates, ToTok surged to become one of the most downloaded social apps in the United States last week, according to app rankings and App Annie, a research firm.

More » Associated Press, Security Boulevard, The Mac Observer, The Register, Wired

There are similar concerns with other apps »

» U.S. Navy bans TikTok from government-issued mobile devices – Reuters

Updated Saturday December 28

» Not surprisingly, UAE denies developing the app as spy tool – SecurityWeek

iPhone XR remains the best-selling smartphone of 2019 worldwide

Not Apple’s latest flagship, the iPhone 11.

According to Counterpoint Research, Apple’s iPhone XR was again the best-selling smartphone in the third quarter of 2019. Last year’s model, the iPhone XR has been the best-selling model every quarter so far this year.

The research also found that the iPhone 11 only took 5th spot in its own launch quarter.

Where Canada is concerned, could price be the bigger decider? iPhone 8 starts at C$600. iPhone XR starts at C$800. iPhone 11 starts at C$980.

Ben Lovejoy, 9to5Mac »

The company said that the iPhone 11 managed fifth place in its own launch quarter.

According to Counterpoint Research’s Market Pulse, the iPhone XR was the top-selling model globally in Q3 2019, capturing 3% market share. In fact, except for the launch quarter in September 2018, iPhone XR has been the top-selling model globally in every quarter since Q4 2018. The XR alone contributed to over one-quarter of the total Apple sales during the quarter, making it the best-selling model for Apple across all regions. Apple also adjusted the price of the iPhone XR in China and several other markets, which helped keep demand strong during the quarter. The iPhone 11 also made its debut in the top 10 within the launch quarter.

The top 10 best-selling smartphones in Q3 comprised two iPhones, three low-end Samsung models, and a mix of Chinese brands:

  • iPhone XR
  • Samsung Galaxy A10
  • Samsung Galaxy A50
  • Oppo A9
  • iPhone 11
  • Oppo A5s
  • Samsung Galaxy A20
  • Oppo A5
  • Xiaomi Redmi A7
  • Huawei P30

While Samsung appeared to have pushed buyers up through its range, the reality was that it simply dropped the prices of its former “mid-range” A-series models to become the new low-end phones.

More » PhoneArena

Apple’s Platform Security guide details how customer data is used and protected

Malcolm Owen, Apple Insider »

The Apple Platform Security guide is a 157-page document that gives an overview of how Apple treats security across its entire ecosystem.

[…]

“Every Apple device combines hardware, software, and services designed to work together for maximum security and a transparent user experience in service of the ultimate goal of keeping personal information safe,” Apple writes. “Apple devices protect not only the device and its data, but the entire ecosystem, including everything users do locally, on networks, and with key Internet services.”

Apple (.pdf) »

This documentation provides details about how security technology and features are implemented within Apple platforms. It also helps organizations combine Apple platform security technology and features with their own policies and procedures to meet their specific security needs.

[…]

Apple continues to push the boundaries of what is possible in security and privacy. For example, Find My uses existing cryptographic primitives to enable the groundbreaking capability of distributed finding of an offline Mac — without exposing to anyone, including Apple, the identity or location data of any of the users involved. To enhance Mac firmware security, Apple has leveraged an analog to page tables to block inappropriate access from peripherals, but at a point so early in the boot process that RAM hasn’t yet been loaded. And as attackers continue to increase the sophistication of their exploit techniques, Apple is dynamically controlling memory execution privileges for iPhone and iPad by leveraging custom CPU instructions — unavailable on any other mobile devices — to thwart compromise. Just as important as the innovation of new security capabilities, new features are built with privacy and security at their center of their design.

More » The Mac Observer, iDownloadBlog

iPhone 11 Pro shares location data even when the option has been turned off in iOS 13

Apple, a company that prides itself on customer privacy, seems to have been caught with it’s privacy pants down around it’s ankles. It’s collecting user location data when it’s preaching to it’s customers that it’s better than everyone else.

Security researcher Brian Krebs has discovered Apple’s current flagship, the iPhone 11 Pro, continues to share a location data even after the functionality was turned off in iOS 13.

Kerbs on Security »

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company’s own privacy policy.

Apple’s response to Kerbs »

“We do not see any actual security implications,” an Apple engineer wrote in a response to KrebsOnSecurity. “It is expected behavior that the Location Services icon appears in the status bar when Location Services is enabled. The icon appears for system services that do not have a switch in Settings” [emphasis added].

Read Brian Krebs’ whole post »

More » The Mac Observer, SiliconAngle, The Next Web, Fast Company, CNET, TechSpot, The Inquirer

« Older posts

© 2020 Tech Letter

Theme by Anders NorenUp ↑