Apple

I've been gradually coming to this conclusion of my own free will, but Phil Schiller's comments last week [https://www.cultofmac.com/518009/phil-schiller-says-face-ids-competitors-stink/] finally cemented it for me: Face ID stinks. I wrote about the security implementations of Face ID [https://www.troyhunt.com/face-id-touch-id-pins-no-id-and-pragmatic-security/] just after it was announced and that piece is still entirely relevant today. To date, we haven't seen practical attacks against it th...

I was wondering recently after poring through yet another data breach how many people actually use multi-step verification. I mean here we have a construct where even if the attacker has the victim's credentials, they're rendered useless once challenged for the authenticator code or SMS which is subsequently set. I went out looking for figures and found the following on Dropbox: > "less than 1% of the Dropbox user base is taking advantage of the company’s two-factor authentication feature": htt...

My son turned 7 earlier this month. I've been getting him into coding [https://www.troyhunt.com/kids-and-code-simple-programming-on/] and teaching him the fundamentals of using a PC which I reckon is a pretty essential life skill these days. Part of that is helping him to understand the principle of secrets, namely that he should protect the PIN he's using to sign in to his Windows 10 machine. He's good at it too, being sure to shield the little laptop from view whenever he uses it with others a...

Some days, the news is dominated by a single security story and not just in the tech news either, but today the consumer news is all about Apple’s message to their customers [http://www.apple.com/customer-letter/]. I’ve been getting a heap of media requests and seeing some really interesting things said about the story so let me distill all the noise into the genuinely interesting things that are worth knowing. There are way more angles to this than initially meet the eye, and it’s a truly signi...

If you’re an Aussie with an iPhone, there’s a chance you’ve been woken up in the middle of the night by this: Oh boy. What we’re looking at is an iPhone that has been remotely locked by “Oleg Pliss”. What we’re looking at is a modern incarnation of ransomware [http://en.wikipedia.org/wiki/Ransomware] executed via Apple’s iCloud and impacting devices using the “Find my iPhone” feature. Perplexingly, this is predominantly impacting Aussie iCloud users and to date, there’s no clear reason why, r...

This is a rant; an unapologetic, no holds barred rant on why something that I hold in such high esteem – my iOS devices – could have come from the evildoers who created this spawn of Satan: iTunes. I love my Apple TV, my iPad, my iPhone, my wife loves her iPhone, heck, even our two year old loves his hand-me-down iPhone. They all rock – big time. They’re the best damn devices I’ve ever owned, without exception. But the otherwise joyous experience of ownership is continually crippled by the sear...