Serious iPhone Flaw Can Let Others Access Your Device, Data And More

KEY POINTS

  • Apple’s iPhones are some of the best smartphones around
  • Despite this, researchers still discover some flaws
  • One particular flaw can allow remote access to the iPhone and its content

A security researcher discovered a major security flaw that allows people with the know-how, equipment and malicious intent to gain remote access to a nearby iPhone, view all of the data in the device and even steal it – all without the owner knowing.

Noted Google Project Zero research Ian Beer, a known security researcher who works with companies to fix serious flaws, recently published a lengthy blog entry explaining how it is possible for someone to gain access to an iPhone from a safe distance, such as from the other side of the street.

The blog entry, “Project Zero: An iOS zero-click radio proximity exploit odyssey,” is highly technical in nature and uses jargon that won’t be easy

Read More

New report spotlights ‘inadequate’ access to technology in English schools

Just 1% of primary state schools provide devices that their pupils can take home, compared to 38% of private primary schools according to new survey data from polling organisation Teacher Tapp, published today by Microsoft in association with think tank The Centre for Education and Youth.

As schools continue to flex and adjust to a second national lock down, this new data highlights the challenges faced in providing the connected learning that education increasingly depends upon. The findings, published in a new report, also highlight the benefits and opportunities that teachers believe access to technology can provide.

Microsoft commissioned the survey of more than 5,000 teachers across England, including more than 1,200 senior leaders, to better understand the value and benefits educators perceive from current education technologies and the barriers they foresee to future adoption, the so-called “digital divide” included. The results are eye opening:

  • In the state sector just
Read More

New tech will give cops access to residents’ private security video

Police in Mississippi’s homicide-wracked capital are one step closer to being able to access residents’ livestreaming home security video — in a move opposed by privacy advocates.

The police department in Jackson will soon become one of two dozen places across the country to sign on with Fusus, a company that makes its easier for cops to create a network of real-time video from public and private cameras, NBC News reported.

Residents in the city of 160,000 — which recorded a decade-high 84 murders in 2018 — can opt into the service with their doorbell cameras, like Ring.

The livestream feed would then be funneled directly to the city’s new real-time command center.

“What you see behind us is an opportunity, an opportunity to better observe and fill in the gaps,” said Jackson Mayor Chokwe Lumumba at the center’s ribbon-cutting last month, NBC News said.

Authorities in Jackson are scrambling

Read More

New Tech Gives Cops Ability to Access Live Footage From Home Security Cameras

Illustration for article titled New Technology Could Provide Police Access to Real-Time Footage From Home Security Cameras

Photo: pixinoo (Shutterstock)

I don’t know why anyone thought this was a good idea, but apparently Jackson, Miss. is experimenting with a pilot program that would give police the ability to access real-time video surveillance from your home security camera.

So did none of these people play Watch Dogs? Watch Psycho-Pass? Consume literally any media about the dangers of a surveillance state? No? Go figure.

According to NBC News, police in Jackson, Miss. have partnered with Fusus, a Georgia-based company whose focus is on creating cost-effective surveillance networks for law enforcement, to build a new surveillance network. The proposed network would give law enforcement the ability to access live, real-time footage of private and public security cameras.

Why are they doing this? Well, for the same reason anyone does anything in this country: money.

The pilot program is being explored by cities that are experiencing rising

Read More

Access and Identity Management Firm Okta Names New CFO

Okta Inc.,

which offers products for companies to verify identities and provide access to software applications, named a new finance chief.

The San Francisco-based technology company said Wednesday that Mike Kourey would become its new chief financial officer, effective March 8. Mr. Kourey has served on Okta’s board for the past five years, and most recently led the finances of Vlocity Inc., a cloud software firm that was acquired by

Salesforce.com Inc.

in June. He left that role on Tuesday after about a year.

Mr. Kourey is slated to succeed Okta’s current CFO Bill Losch, who plans to retire after more than seven years in the position, including during the company’s initial public offering in 2017. Mr. Losch will continue in his role until March to finalize the company’s annual report, and then stay on as an adviser through the end of April.

Read More

iOS Wi-Fi Exploit Could Have Let Hackers Remotely Access Nearby iPhones

Earlier this year, Apple patched an iOS vulnerability that potentially could have allowed hackers to remotely access nearby iPhones and gain control of their entire device.

awdl ios hack beer


Devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research team, the exploit used a vulnerability in Apple Wireless Direct Link (AWDL), Apple’s proprietary mesh networking protocol that enables things like AirDrop and Sidecar to work.

Beer revealed the stunning exploit on Tuesday in a 30,000-word blog post, which shows in detail how a memory corruption bug in AWDL could give attackers remote access to a user’s personal data, including emails, photos, messages, and passwords and crypto keys stored in the keychain.

The vulnerability was discovered by Beer in a 2018 iOS beta that Apple accidentally shipped without stripping function name symbols from the kernelcache, offering a wealth of missing context about how bits of code fit together.

After lengthy investigative work,

Read More

Singapore gives non-banks access to e-payment platforms

Eligible non-bank financial institutions in Singapore soon will have direct access to the country’s retail payment platforms, PayNow and FAST, which will enable e-wallet users to make funds transfers between bank accounts and across different e-wallets. Most e-wallets currently can be topped up only via credit or debit cards and funds cannot be transferred between e-wallets. 

To plug this gap, a new API (application programming interface) payment gateway has been developed under guidelines from the Singapore Clearing House Association (SCHA) and Association of Banks in Singapore (ABS), both of which govern FAST and PayNow, respectively. The API is designed to better fit the technology architecture of banks and non-bank financial institutions, according to industry regulator Monetary Authority of Singapore (MAS). 

FAST, or Fast and Secure Transfers, is an electronic funds transfer service that allows real-time funds transfers, in Singapore dollars, between entities, while PayNow — running on top the FAST

Read More

Workova is making it easier to access technology professionals from developing countries.

Workova allows businesses to scale up their technology teams on-demand and build technology products faster and more efficiently. It connects highly skilled talents with companies to enable them to get high paying jobs and earn a steady income.

There is a global shortage of technology talents. This shortage has made it challenging for startups, SMBs, and Corporates to find verified technology talents with the right skills to work on their projects.

We see businesses that are traditionally non-technology businesses, relying on technology more than ever for growth and the gap in hiring talents to build these technologies.  

Recruiters go through the pain of sorting thousands of applications from candidates when hiring. In non-technology enterprises, their recruiters are typically not savvy. Therefore technology recruitment is done through agencies or projects are outrightly outsourced. These options are time-consuming and often result in the wrong hiring and cost to the business. 

We have

Read More

Tesla Motors, Inc. (NASDAQ:TSLA), (VWAGY) – Tesla Owners Will Be Able To Remotely Access Autopilot Camera At Will With New Upgrade: Report

Tesla Inc (NASDAQ: TSLA) is planning a software upgrade to its in-vehicle sentry mode security system that would allow users access to a live stream from their vehicle’s autopilot cameras at any moment, Electrek reported Saturday.
What Happened: The update — said to be version 11 — is likely to arrive near the holidays, according to Electrek.

Twitter user Green, who reports on developments surrounding code, said that it appears as if “there’s going to be a livestreaming of car videos to the phone app.”

The code sleuth said that a single camera on the vehicle streams at up to 30 megabytes per minute, which according to the expert, would not take too much bandwidth for periodic checks of the camera’s feed.

In response to when the new feature might be released, Green said it seems to be in the “wings.”

Read More

Xbox Live Bug Let Hackers Access Gamertag Email Addresses

A bug in Xbox Live allowed hackers to find any email associated with a registered gamertag. The site used to report bad behavior in the Xbox online community was hiding a vulnerability that allowed hackers to snag user email addresses.

that last week an anonymous hacker reached out to them claiming to be able to find the email attached to any Xbox gamertag. Motherboard verified the hacker’s claims by sending them two gamertags, one of which was created specifically for this testing. Within seconds the hacker sent back the email addresses these tags were registered with. Normally, these email addresses are supposed to be private. Another anonymous hacker told Motherboard that the bug could be found in the . This page is where players can contact the Microsoft team that monitors Xbox’s online communities.

Despite the apparent threat to customer security, Microsoft’s original response to this security breach was not

Read More