Night mode is an automatic setting which takes advantage of the new wide-angle camera that's in the iPhone 11 and 11 Pro models. It's equipped with a larger sensor that is able to let in more light, allowing for brighter photos when the light is low.
macOS Catalina Now Available
Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack
An Israeli security firm claims it has developed a smartphone surveillance tool that can harvest not only a user's local data but also all their device's communications with cloud-based services provided by the likes of Apple, Google, Amazon, and Microsoft.
According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device.
When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents.
In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings.
The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device.
Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations.
However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device.
The new technique is said to copy the authentication keys of services such as Google Drive, Facebook Messenger and iCloud, among others, from an infected phone, allowing a separate server to then impersonate the phone, including its location.Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target's location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.
This grants open-ended access to the cloud data of those apps without "prompting 2-step verification or warning email on target device", according to one sales document.
When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents.
In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings.
The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device.
Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations.
However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Tags: security, Apple security
[ 127 comments ]
Top Rated Comments
(View all)
13 weeks ago
As they are a company in a fairly western democracy, that will be regularly audited by both government and private regulators and accounting firms, the liklihood of what you're claiming is probably low.
Oh, please.
13 weeks ago
their claims about selling it to only legitimate authorities are as filmsy as it gets.
i wonder who audits their claims
i wonder who audits their claims
13 weeks ago
Not surprised, encryption of iCloud communication and storage has been a frequently mentioned topic. If Apple gets on full encryption, we would all be better off.
Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
13 weeks ago
"Responsible governments."
Snowden revelations say they are all uniformly irresponsible when it comes to disrespect of privacy. So it’s all one big kabuki theatre then...
13 weeks ago
If you use 'Documents in the cloud' then your Mac is effectively backed up already.
I'd have to disagree with that statement - while a synced copy of your documents on iCloud is better than nothing, it is definitely not a backup.
Firstly, Anything that isn't in the synced folders doesn't get copied over to iCloud
Secondly, I believe versions only exist for iWork documents so if you mess up any other kind of document or it gets encrypted by ransomware for example, that messed up copy will immediately sync to iCloud and any other device connected to it and if there are no versions stored then you have lost it
In my view, backups should be immutable and no sync service can replace a backup
13 weeks ago
The cat-and-mouse game continues. There will be a market for this as long as governments don’t trust their citizens and citizens don’t trust their government.
13 weeks ago
Not surprised, encryption of iCloud communication and storage has been a frequently mentioned topic. If Apple gets on full encryption, we would all be better off.
Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
13 weeks ago
It's always Israel, Russia, North Korea, or China. Why do we let them have access to our communications infrastructure?
Lol. You think the USA and Uk equivalents just sit and twiddle thumbs all day?they’re also doing it
13 weeks ago
their claims about selling it to only legitimate authorities are as filmsy as it gets.
i wonder who audits their claims
[ Read All Comments ]
Apple today sent out emails for a new Apple Pay promotion, offering a $5 discount on groceries when you spend $35 or more through Instacart. To get the discount, you'll need to use Apple...
Luna Display today introduced a new Mac-to-Mac mode that allows any Mac released within the last decade to be used as a second display for another Mac. This includes any combination of Macs, ranging...
Apple has released a third trailer for the upcoming comedy series "Dickinson" ahead of its November 1 premiere on Apple TV+.
Dickinson is a half-hour comedy series starring...
Adobe remains committed to releasing Photoshop CC for the iPad by the end of 2019, and plans to provide an update on the app at its Adobe MAX creative conference in early November, according to...
Smart camera brand Arlo has launched a new internet connected Video Doorbell that's "designed to capture what traditional video doorbells can't."
Arlo says the Video Doorbell...
While not yet reflected on Apple's system status page, a number of Apple services are currently experiencing downtime or slow performance, including the App Store, Apple Music, iCloud, and the...
Apple today seeded the fourth beta of an upcoming watchOS 6.1 beta to developers, just under a week after seeding the third watchOS 6.1 beta and a month after releasing the watchOS 6 update with full...
Apple today seeded the third beta of an upcoming tvOS 13.2 update to developers for testing purposes, just under a week after seeding the second tvOS 13.2 beta and three weeks after releasing the...
