Mastodon

Apple

A 6-post collection

Face ID Stinks

I've been gradually coming to this conclusion of my own free will, but Phil Schiller's comments last week [https://www.cultofmac.com/518009/phil-schiller-says-face-ids-competitors-stink/] finally cemented it for me: Face ID stinks. I wrote about the security implementations of Face ID [https://www.troyhunt.com/face-id-touch-id-pins-no-id-and-pragmatic-security/] just after it was announced and that piece is still entirely relevant today. To date, we haven't seen practical attacks against it th...

Face ID, Touch ID, No ID, PINs and Pragmatic Security

I was wondering recently after poring through yet another data breach how many people actually use multi-step verification. I mean here we have a construct where even if the attacker has the victim's credentials, they're rendered useless once challenged for the authenticator code or SMS which is subsequently set. I went out looking for figures and found the following on Dropbox: > "less than 1% of the Dropbox user base is taking advantage of the company’s two-factor authentication feature": htt...

Apple's desensitisation of the human race to fundamental security practices

My son turned 7 earlier this month. I've been getting him into coding [https://www.troyhunt.com/kids-and-code-simple-programming-on/] and teaching him the fundamentals of using a PC which I reckon is a pretty essential life skill these days. Part of that is helping him to understand the principle of secrets, namely that he should protect the PIN he's using to sign in to his Windows 10 machine. He's good at it too, being sure to shield the little laptop from view whenever he uses it with others a...

Everything you need to know about the Apple versus FBI case

Some days, the news is dominated by a single security story and not just in the tech news either, but today the consumer news is all about Apple’s message to their customers [http://www.apple.com/customer-letter/]. I’ve been getting a heap of media requests and seeing some really interesting things said about the story so let me distill all the noise into the genuinely interesting things that are worth knowing. There are way more angles to this than initially meet the eye, and it’s a truly signi...

The mechanics of the iCloud “hack” and how iOS devices are being held to ransom

If you’re an Aussie with an iPhone, there’s a chance you’ve been woken up in the middle of the night by this: Oh boy. What we’re looking at is an iPhone that has been remotely locked by “Oleg Pliss”. What we’re looking at is a modern incarnation of ransomware [http://en.wikipedia.org/wiki/Ransomware] executed via Apple’s iCloud and impacting devices using the “Find my iPhone” feature. Perplexingly, this is predominantly impacting Aussie iCloud users and to date, there’s no clear reason why, r...

10 graphic examples of the abomination that is iTunes on Windows

This is a rant; an unapologetic, no holds barred rant on why something that I hold in such high esteem – my iOS devices – could have come from the evildoers who created this spawn of Satan: iTunes. I love my Apple TV, my iPad, my iPhone, my wife loves her iPhone, heck, even our two year old loves his hand-me-down iPhone. They all rock – big time. They’re the best damn devices I’ve ever owned, without exception. But the otherwise joyous experience of ownership is continually crippled by the sear...