Tag: security

Categories
Mac Heads News

Your iPhone Data Is Safe With Apple…For Now

On Apple’s website yesterday, CEO Tim Cook posted a letter reassuring its customers that the encrypted iPhone data will not be compromised…even at the request of the government.

“February 16, 2016

A Message to Our Customers

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake…”

Backstory

 
What Tim Cook is responding to is in the Aftermath of the San Bernradino California shooting back in December, the FBI requested Apple’s help in recovering password-protected iPhone data that belonged to the shooters.

The FBI went as far as obtaining a court order from U.S. Magistrate Judge Sheri Pym of California to force Apple to “supply highly specialized software the FBI can load onto the county-owned work iPhone to bypass a self-destruct feature, which erases the phone’s data after too many unsuccessful attempts to unlock it. The FBI wants to be able to try different combinations in rapid sequence until it finds the right one.”

Reading deeper into the letter on Apple’s website, Tim Cook expands on the need for encryption and why weakening said encryption for whatever reason is a slippery slope:

“…The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them…”

This is not a new argument as Silicon Valley and the U.S. government have frequently been on the opposite ends of the privacy versus safety debate. Tech companies have been very vocal about the dangers of allowing the government to access private data trusted to tech companies (via their devices) by its customers. Conversely, the government has argued that there are certain instances like terror attacks where accessing specific data from specific individuals could help the government learn more about past attacks and even prevent future threats.

For now, Apple has decided to take a stand and resist any requests by the government, court ordered or not, to keep our iPhone data password-protected, encrypted data, well…password-protected and encrypted. We will have to see how far this debate goes.

Where Do You Stand?

 
Since it’s OUR data that tech companies want to protect and it’s OUR data that the government wants to access in order to protect us, do you think it was right for Apple to “Just Say No” to the FBI in the name of keeping our data secure from even the government? Or do you feel that the government should have some type of access to specific, court-ordered consumer data in the name of possibly preventing future attacks that could jeopardize our safety?

What say you?

Source: Apple | MSN News

Categories
Mac Heads News

Error 53 Will Brick Your iPhone If Just Anybody Repairs It

“What’s your best price?” Is a question I get all the time as an Apple repair guy…ALL THE TIME. I understand, folks work hard for their money and want to make sure they are getting the best deal. So I always have to pitch my value as a certified repair guy and it goes something like “I understand that there could be cheaper prices out there, but I’m certified and I only use OEM parts and they are backed by a lifetime warranty…(“womp womp womp womp” is what I assume they hear after I give them the price).
 
Not trying to scare the hell out of you, Well…maybe I am, but if you’ve busted up your phone and it needs repair, be careful who you let fix it. There is a new iOS 9 update that affects all iDevices with Touch ID “fingerprint” home buttons that your el cheapo average repair guy on craigslist or Yelp with a super low repair price may not know, or care about and could result in rendering your entire phone useless.
 

Backstory

There is an “Error 53” message making its way around the web that’s reported to brick iPhones. Based on all “the world’s ending” tech articles published on the subject, Error 53 has been traced to devices where the ORIGINAL Touch ID home button has been replaced. Not a common procedure, but if your home button has been damaged beyond repair OR if you customize your device with pretty colors, there are situations where the original home button could have been replaced.
 
If the original Touch ID home button is replaced, that could also threaten the integrity of Apple’s security features. So what I’m assuming was a stop gap measure by Apple, it has released and confirmed a recent iOS 9 update that will cause major issues if your Touch ID-enabled device detects a foreign home button:

“We take customer security very seriously and Error 53 is the result of security checks designed to protect our customers. iOS checks that the Touch ID sensor in your iPhone or iPad correctly matches your device’s other components. If iOS finds a mismatch, the check fails and Touch ID, including for Apple Pay use, is disabled. This security measure is necessary to protect your device and prevent a fraudulent Touch ID sensor from being used. If a customer encounters Error 53, we encourage them to contact Apple Support.”

How can you avoid Error 53

The simple answer is “Don’t replace your home button”. Now here’s where repair guys like me come in. MOST if not all of my repairs are cracked screens. I’ve been in the game for quite sometime and already knew that putting in a foreign home button on a Touch ID-enabled device would render it useless. So when I get a Touch ID-enabled home button repair request I tell my clients “You will have to holla at Apple to get that fixed (paraphrasing)”.
 
Additionally, I test all devices before and after the repair and I’ve been CRAZY CAREFUL to not damage the home button during screen repair. MOST if not all iPhone repairs are of the cracked screen variety. Inside Baseball: During a cracked screen repair, the home button must be transplanted from one screen to another. So even if the home button is working fine there’s still a chance it can get damaged during an otherwise routine screen repair.
 
Not tooting my own horn (Can grown men use the word “toot?”), but my skill, experience and professionalism is why I command a higher price. But there are some folks who don’t care and opt to go with the “lowest bidder”, which boggles my mind – Why pay so much for an Apple device to only go the cheap route when something goes wrong? But I digress.
 
As the old saying goes “You get what you pay for”. There are some repair shops who will buy the cheapest parts, and do shoddy work, INCLUDING damage your Touch ID-enabled home button during repair and try to replace it on the sly. Before now it wasn’t a huge deal. Now Apple is forcing repair shops to step up their game in order to maintain its security features and protect your data.
 
So when (it’s not a matter of if) you crack the screen on your iPhone, you might want to rethink your repair budget and do a little more research before you let just anybody repair it. A cheap or half-ass repair could result in your entire phone getting bricked.
 
….You know my number

Categories
Mac Heads Tips and Tricks

Why You Want Thieves To Login To Your Mac

There are some things we all immediately do after we power up that brand-spankin’ new Mac. Some download and organize new apps, while others customize their desktop/lockscreen images.

Me, myself, personally…I tweak all the settings to get them just right. One of the first settings I mess with is turning off the ‘Guest User’ account – Nobody else is using my baby, so there isn’t any reason to even tempt me to allow a stranger’s germy hands to touch my keyboard.

But after some some studying for my latest Apple certification, I dug up a pretty interesting fact that forced me to immediately turn back on the Guest User account so strangers (particularly a thief) could actually login to my computer and connect to the internet.

If you’re not familiar with ‘Find My Mac’, it’s an iCloud security feature that lets you locate your iOS or Mac devices anywhere. You can login to you iCloud account online and as long as your Mac 1) Is powered on 2) Has the ‘Find My Mac’ feature enabled, and 3) Is connected to the internet, you can locate, track, lock, and even wipe your devices remotely.

Now traditional security procedures for locking down a Mac so nobody can do anything with it would be to use to use a strong password and force it to lock itself after a couple of minutes. The thought process behind that is if your Mac decided to grow legs and walk away, nobody could access your data, or browse the web to do whatever it is folks do on the internet…which is any and everything.

Here’s the hook: If a thief can’t get past the login screen, they are less likely to connect your Mac to a network to establish an internet connection, which would subsequently connect it to Apple’s iCloud servers, which would then let you use the ‘Find My Mac’ feature to locate and possibly retrieve your device (Please call the cops…Don’t try that vigilante crap).

On the flip-side, if the Guest User account on your Mac is enabled (there is no guest user password required to login to your computer), that just might tempt a thief to access the web which will initiate a connection between your Mac and your iCloud account.

I know what you’re thinking and don’t worry, a Guest User account can only do very basic things, and you can restrict a Guest User account even more by turning on and adjusting the Parental Controls, and/or encrypting your computer’s Hard Drive with the built-in (Read: $free.99) FileVault feature.

I know it sounds crazy, but if you want to even try to get your Mac back after it’s been stolen, you actually want the thief to be able to take selfies of themselves or yell at people on Facebook, Twitter, or Reddit using your baby.

…Just wipe off the keys with alcohol and a rag if you do get him/her back.

Categories
Mac Heads

LastPass Password Manager Released for Mac

LastPass has stepped up its game and launched a native app that lets users quickly access and manage their passwords and other security information on their Mac.

Continue reading “LastPass Password Manager Released for Mac”
Categories
Mac Heads Tips and Tricks

Buying An iPhone? Check The IMEI/Serial Number To Make Sure It’s Not Stolen

If you’re looking for a good deal on an late-model iPhone, you’re in luck. Since the arrival of the iPhone 6 and iPhone 6 Plus, folks (like me) are putting up their slightly-used, mint-condition iPhone 4/4S/5/5C/5S up for sale on sites like eBay and Craigslist, or flooding their social media networks. The phones are in ample supply, and you may come across a seemingly “too good to be true” deal.

Before you make, phone calls, putting in bids, or starting message threads, you might want to make sure you won’t have the cops (or some vigilante owner) hunting you down after you’ve purchased a hot iPhone. Apple has released a quick little tool to help make sure you’re not buying an stolen iPhone.

Continue reading “Buying An iPhone? Check The IMEI/Serial Number To Make Sure It’s Not Stolen”
Categories
Mac Heads

Hacker Alert: Your iPhone Could Be Held Hostage

image via picjumbo

Word on the street is that hackers have somehow breached Apple’s iCloud (iOS cloud storage/sync/backup) service in order to “unlock” stolen iPhones to be sold at a huge profit. To make it even more gangster, sources claim that the group has even taken control of users iOS devices via the “Find My iPhone/iPad/Mac” features and remotely locked devices and demanded ransom payments via PayPal  in exchange to have user’s phones unlocked.

The hackers have taken to Social Media  to “show and prove” what they’ve been able to accomplish. A Twitter account linked to the alleged team of Dutch hackers called “Doulci” have posted and image claiming to have processed over 5,700 iOS Devices.

Of course, tight-lipped Apple has refused to comment on the breach, only to deny claims that iClould was hacked BUT say that they “take security very seriously, and suggest users change their Apple ID as soon as possible”, but sources say the hackers hacked iCloud way back in March and have finally decided to go public after Apple refused to admit it was hacked.

Steps You Should Take

A month ago, Heatbleed was on everybody’s lips. Last week, eBay fell to hackers. Now Apple ‘nem have been the latest hacker victim…Say it ain’t so?

It’s a pain in the ass, but to be safe, you probably should change your Apple ID passwords. I’ve stressed this on more than one occasion, but you should either create a complex password/pass phrase and use a Password Manager to ensure you’re keeping track of all the passwords you use online…Don’t say a Brotha didn’t warn you if/when you get got.

I have a gang of iDevices laying around connected to iCloud specifically for finding them just in case they are lost/stolen, so changing passwords and logging back in to all of them is NOT on my “you know what I look forward to doing today?” list.

But, I’ll be damned if some random hackers think they are gonna extort money from me, just so I can use my devices…So guess what’s on my to-do list for today?

Apple, the Apple logo and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries.”

No affiliate links were harmed in the making of this post