The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

TAG | apple

Feb/14

23

Apple SSL vulnerability

Everybody has been talking about the Apple SSL vulnerability, but just in case you have missed it…. It turns out that for several years Safari has failed to properly check the cryptographic signatures on Server Key Exchanges allowing attackers to mount man in the middle attacks against your browser sessions. Anyone with the ability to […]

· ·

The Chaos Computer Club (CCC) in Germany recently announced its successful bypassing of the new iPhone 5S fingerprint scanner. Despite many media claims that the new scanner worked on deep layers in the skin, and was not vulnerable to simple fingerprint duplication, that is exactly what succeeded.  The CCC used a high resolution photo of […]

· · ·

Welcome to the June edition of the Privacy Blog Podcast, brought to you by Anonymizer. In June’s episode, I’ll discuss the true nature of the recently leaked surveillance programs that has dominated the news this month. We’ll go through a quick tutorial about decoding government “speak” regarding these programs and how you can protect yourself […]

· · · · ·

Cnet reports that an internal DEA document reveals that the DEA are unable to intercept text messages sent over Apple’s iMessage protocol. The protocol provides end to end encryption for messages between iOS and Mac OS X devices. This is not to suggest that the encryption in iMessages is particularly good, but to contrast with […]

· · · ·

NBC News is reporting that the iOS UDIDs leaked last week were actually stolen from Blue Toad publishing company. Comparing the leaked data with Blue Toad’s data showed 98% correlation which makes them almost certainly the source. They checked the leaked data against their own after receiving a tip from an outside researcher who had […]

· ·

Forbs is reporting that Anonymous and Antisec have dropped a file with a million Unique Device ID (UDID) numbers for Apple iOS devices. They claim to have acquired an additional 11 million records which they may release later. In addition to the identifiers, the file is said to also contain usernames, device names, cell numbers, […]

· · · · ·

<< Latest posts