News  Apple
News  Apple
Siri PIN bypass discovered

Video shows simple to bypass PIN lock

A trivial way to get into a PIN-protected iPhone, running iOS9, without knowing the PIN at all has emerged which is available to anyone with physical access to the handset. Apples iOS9 had only been out for a week before a video appeared showing how it's done, making use of Siri and the onboard clock.

The way it works is to enter an incorrect passcode a few times, then tap Siri right at the same time as the final attempt, which gives access to other applications such as the clock. However, the clock gives the user the ability to share via SMS, which in turn means access to the users contacts, view photos etc.

News  Apple
Apple: Now malware is in the App Store

Hits hundreds of apps in Chinese App Store

Apples famous walled garden came tumbling down in China as news emerged of hundreds of apps it serves to trusting users being riddled with malware. This is particularly embarrassing for Apple, who take the opposite approach to Google when it comes to its App store by claiming every app allowed in is scrutinized by humans and various other procedures to ensure this never happens.

iPhones and iPads are equally affected in what Reuters are claiming is "Apples iOS App Stores first major attack".

Apple claim to have removed all apps known to be affected from the Chinese app store. They have not given advice to users regarding how they could determine if any of the apps they have installed are affected.

News  Apple
iOS AirDrop - video shows live iPhone hack

Installs signed apps without warning the user

Security researcher Mark Dowd has disclosed a vulnerability in Apples iOS and OS X which allows attackers to overwrite any file on a targeted device. With a little manipulation, it can even install a signed app which is fully trusted by the onboard system without even warning the user.

It turns out AirDrop is the culprit - the feature in Apples' operating systems which allow files to be sent directly to other devices. When set to allow connections from anyone, an attacker can hack the device even when it's locked. 

Dowd used his own Apple Enterprise Certificate to make a profile for a test app which enabled it to run on any device.

News  Apple
Crash iOS with a single text

Apple with egg on its face

A vulnerability in iOS has emerged which causes affected devices to crash when a malformed SMS is sent to it. The message, which has to be specially crafted containing Arabic symbols, causes the phone to switch itself off and the Messages app unable to start once it is turned back on.

Present since iOS6, the problem was found by Reddit users.

The fix, until Apple provide one, is to go into Settings | Notifications | Messages and set "alert style when unlocked" to "none".

Apple's Senior Engineers have admitted they know there is a problem and are working on a fix, according to the Twitter account Apple News.