Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Researchers Demonstrate Vulnerability Allowing Theft of iPhone Passwords
IDG News Service reports that German researchers have demonstrated how a knowledgeable thief could bypass the iPhone's passcode locking to upload a script capable of revealing entries from the device's password keychain system, potentially giving the hacker access to sensitive passwords stored on the device.
In a video that demonstrates the attack, the researchers first jailbreak the phone using existing software tools. They then install an SSH server on the iPhone that allows software to be run on the phone.
The third step is to copy a keychain access script to the phone. The script uses system functions already in the phone to access the keychain entries and, as a final step, outputs the account details it discovers to the attacker.
The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.
The researchers note that gaining access to an email password makes it easy for hackers to then reset passwords for other types of accounts, while compromised passwords for corporate networks can obviously result in security issues for businesses.
The exploit obviously requires a fair amount of technical knowledge, and thus shouldn't be an issue for the vast majority of users whose devices become lost or stolen. But the exploit could be used in targeted attacks by those specifically seeking to gain access to sensitive systems.
[ 152 comments ]
Non-profit organization Girls Who Code today announced plans to begin offering a new Swift coding tutorial option for its upcoming 6th to 12th grade clubs as part of Apple’s ongoing Everyone Can Code...
Netflix today introduced a new "Latest" section to its service, which is designed to highlight newly released titles and movies and TV shows that are coming soon.
According to Variety,...
Struggling movie ticket subscription service MoviePass stored thousands of customer card numbers and personal credit cards in a database that was not protected with a password, reports TechCrunch.
...
While it has yet to be announced, we're likely just three weeks away from Apple's annual September event at Steve Jobs Theater, where the company is expected to unveil new iPhone and Apple...
Apple recently purchased additional real estate in its hometown of Cupertino, reports The Mercury News, expanding its presence in the Bay Area of California.
Apple purchased two office buildings...
Microsoft today announced the launch of a beta version of its upcoming Microsoft Edge browser, which is available today for Windows and macOS users.
Previously, the Microsoft Edge browser was...
In an email to developers today, received by MacRumors, Apple has announced that apps marked as having "Frequent/Intense Simulated Gambling" will be rated 17+ in all countries and regions...
Apple Music today launched an all-new playlist of emerging songs that are receiving the most shazams around the world, called the "Shazam Discovery Top 50." The playlist will be updated every...
