Security

I think it’s a safe assumption that Rudy Giuliani, named as Trump’s cybersecurity advisor, probably doesn’t know anything about cybersecurity. My evidence? He forgot the passcode to his own iPhone.

Giuliani showed up at the San Francisco store after being locked out of his iPhone, just 26 days after Trump named him cybersecurity adviser, NBC News reported Thursday, citing interviews with two sources and an internal Apple Store memo.

The former New York mayor had entered his passcode incorrectly 10 times and went to the store for help — a troubling move that suggests a sloppy approach to cybersecurity for someone so close to the president, experts said.

Apple filed a lawsuit against a company called Corellium. This company runs virtualization software that lets it emulate iOS. It responded to Apple’s lawsuit on Monday and said it makes iPhones safer. Oh, and it claims Apple owes it US$300,000.

Corellium’s key argument lies on the assumption that Corellium’s customers are looking for bugs with the intention of alerting Apple of their existence…For now, however, that is only an assumption…When Motherboard asked today whether they ever reported a bug in iOS found using Corellium, Mark Dowd, the founder of Azimuth, said: “no.”

That “no” is a pretty damning answer. If you claim that your software helps fix iOS bugs, you should probably also report those iOS bugs to Apple. At least if you also claim to make iPhones safer, because selling those bugs on the black market doesn’t do that.

Several Trend Micro apps were removed from the Mac App Store after they were found collecting user browser history.

Dr Cleaner, Dr Antivirus, and App Uninstall – utilities owned by the Japan-headquartered security house and distributed on the Mac App Store – are no longer available for download…Mac security guru Patrick Wardle noted last week that in addition to the advertised functions of removing adware and malware from Macs, the software also collected people’s personal data including their browsing history, then transmitted that data as a password-protected archive to a server on the internet.

As of this writing Dr. Antivirus is still in the MAS.

Documents reveal that New York City law enforcement has a partnership with Cellebrite to hack iPhones.

Previously, if law enforcement wanted to get into newer devices, they had to send the phones to one of Cellebrite’s digital forensics labs, located in New Jersey and Virginia. But Cellebrite’s new UFED Premium program gave law enforcement the ability to “unlock and extract data from all iOS and high-end Android devices” on their own, using software installed on computers in their offices.

I’ve always wondered if eventually Apple will remove the Lightning port from the iPhone once wireless charging becomes the norm. Side effects may include better waterproofing and worsened hacking.