Posts Tagged “Security”

• We Need to Save the Internet From the Internet of Things October 11, 2016
• Touch ID Is Only More Convenient October 7, 2016
• Applets and App Transport Security October 6, 2016
• Yahoo Says Hackers Stole Data on 500 Million Users in 2014 September 28, 2016
• OmniFocus 2.7 September 26, 2016
• Dropbox Modifies TCC.db to Give Itself Accessibility Access (5)September 21, 2016
• Tricking Facial Recognition With 3D Rendering August 29, 2016
• Keystroke Recognition Using Wi-Fi Signals (2)August 26, 2016
• YouTube’s Road to HTTPS August 19, 2016
• iTunes Connect Reporter August 16, 2016
• Apple Security August 15, 2016
• Microsoft Leaks Its Golden Key August 15, 2016
• Don’t Trust Sourceforge Downloads (3)July 29, 2016
• EFF DMCA Lawsuit July 27, 2016
• Remote Code Execution With Image Files July 24, 2016
• The Pokémon Go Phenomenon (1)July 11, 2016
• Switching to Apple’s Two-Factor Authentication (1)July 8, 2016
• Slower by Design (2)July 8, 2016
• Android’s Full-disk Encryption Just Got Much Weaker July 3, 2016
• A Year of Windows Kernel Font Fuzzing June 29, 2016
• Gatekeeper Path Randomization June 16, 2016
• Twitter Account Hacked via SIM Reset June 12, 2016
• A2: Analog Malicious Hardware June 3, 2016
• Seven Hundred Million (1)May 31, 2016
• New Touch ID Rules May 19, 2016
• Short URLs Considered Harmful for Cloud Services (2)April 25, 2016
• How iMessage Distributes Security to Block “Phantom Devices” April 22, 2016
• Two-Factor Authentication List April 19, 2016
• “Use iCloud Password” Mac Login Option Removed April 19, 2016
• Git Remote Code Execution Bug (6)April 19, 2016
• Apple Stops Patching QuickTime for Windows Despite 2 Active Vulnerabilities April 15, 2016
• Burr-Feinstein (5)April 11, 2016
• iMessage Attachments Security Flaw March 21, 2016
• Safari Root Exploit March 18, 2016
• iCloud Account Ransom (1)March 17, 2016
• Why Are We Fighting the Crypto Wars Again? (1)March 14, 2016
• KeRanger Transmission Ransomware (4)March 7, 2016
• Federighi and Cryptographers on FBI vs. Apple (6)March 7, 2016
• Where Did All the HTTP Referrers Go? March 3, 2016
• 1Password’s Cleartext IPC March 2, 2016
• Authenticating Support Requests March 2, 2016
• Most Android Phones Are Not Encrypted February 29, 2016
• Apple Blacklists Its Own Ethernet Driver (9)February 28, 2016
• Apple Working on Removing iOS Backdoor (3)February 25, 2016
• Use iTunes, Not iCloud, to Back Up Your iPhone (2)February 25, 2016
• How ZergHelper Evaded App Review (1)February 22, 2016
• What Is the Secure Enclave? February 20, 2016
• FBI Asks Apple for Secure Golden Key (14)February 17, 2016
• Google Deprecated “Security Questions” February 9, 2016
• Error 53 (6)February 7, 2016
• Switching to HTTPS (2)February 3, 2016
• Sparkle Updater Vulnerability (10)February 2, 2016
• Amazon’s Customer Service Backdoor January 25, 2016
• Updated Gatekeeper Exploit January 16, 2016
• Backblaze Mails Unencrypted Hard Drives (2)January 13, 2016
• Intel CPU Bugs of 2015 January 12, 2016
• Unencrypted iTunes Backups Don’t Include Health Data (3)January 12, 2016
• PayPal’s Poor Security January 10, 2016
• Government Encryption Registration and SNAP-R January 5, 2016
• Adobe Animate CC December 2, 2015
• The Depressing Effect of Bug Bounties November 14, 2015
• The Java Deserialization Bug and NSSecureCoding (2)November 8, 2015
• When Businesses Grow to Become Dysfunctional (1)October 21, 2015
• Why the Floppy Disk Is Still Used Today (1)October 11, 2015
• Gatekeeper Exploit (1)October 9, 2015
• XcodeGhost (2)September 22, 2015
• Backdooring JavaScript Using Minifier Bugs September 14, 2015
• Pushing on the Pull Door September 8, 2015
• Why You Should Upgrade (On Your Own Terms) September 8, 2015
• Adware Simulates Mouse Events to Access Keychain (5)September 2, 2015
• AWS Privilege Separation August 28, 2015
• Shipping an App With App Transport Security (2)August 28, 2015
• Common Android Lock Patterns August 26, 2015
• tpwn Privilege Escalation Vulnerability (1)August 26, 2015
• Thunderstrike 2 August 17, 2015
• How Many Old Apple Devices Can’t Get Security Updates? August 16, 2015
• Windows 10’s Wi-Fi Sense August 2, 2015
• App Store Invoice JavaScript Injection (1)July 29, 2015
• Security and Privacy Changes in iOS 9 (4)July 24, 2015
• Don’t Use GUIDs As Passwords (2)July 24, 2015
• DYLD_PRINT_TO_FILE Local Privilege Escalation Vulnerability July 24, 2015
• App Transport Security (5)July 17, 2015
• Font Parsing Vulnerabilities July 15, 2015
• Third Hacking Team Flash Zero-Day Found July 14, 2015
• System Integrity Protection (a.k.a. Rootless) (8)July 12, 2015
• VoodooPad Cryptography Overview July 7, 2015
• XARA: Unauthorized Cross-App Resource Access (2)June 17, 2015
• iCloud Passwords in Mail, Device Passwords, and Safari Passwords (2)June 11, 2015
• Mac Firmware Security Is Completely Broken (6)June 2, 2015
• Applications Constantly Asking Permission to Accept Incoming Connections (6)May 28, 2015
• The Logjam Attack May 23, 2015
• iOS 9 and Mac OS X 10.11 Rumors (2)May 23, 2015
• LaunchBar Action Editor and AppleScript List Syntax (10)May 22, 2015
• Safari URL-spoofing Bug (1)May 21, 2015
• Hacking Airplanes (2)May 18, 2015
• The Rush to “Deprecate” HTTP (1)May 17, 2015
• Debugging launchd May 17, 2015
• Register Your Own IRS Account May 15, 2015
• Mac Firmware Passwords May 13, 2015
• Google Hangouts Don’t Use End-to-End Encryption (3)May 13, 2015
• Customer Service and Security May 7, 2015
• HTTPS Bug in AFNetworking Affects 25,000 iOS Apps April 27, 2015
• iOS 8.3 Blocks File Managers and Transfer Utilities (1)April 24, 2015
• Yosemite-Only Security Fixes (4)April 9, 2015
• Exploiting the DRAM Rowhammer Bug to Gain Kernel Privileges April 1, 2015
• Apple Pay Exposes Insecure Bank Policies March 30, 2015
• IP Box Unlocks iPhone By Brute Force March 20, 2015
• FREAK March 10, 2015
• The CIA’s Xcode (6)March 10, 2015
• Google 2-Step Verification in Mac OS X 10.10.3 February 8, 2015
• Sunlit and Safari (1)February 3, 2015
• 1Password 5.2 for iOS and 5.1 for Mac (2)February 1, 2015
• Mac OS X 10.10.2 (3)January 31, 2015
• FileVault 2 Deferred Enablement in Yosemite January 31, 2015
• Yosemite’s FileVault 2 Pre-boot Recovery Options January 18, 2015
• Apple EFI Firmware Security Vulnerabilities (1)December 23, 2014
• Schwab Password Policies and Two Factor Authentication (1)December 22, 2014
• Git Case-Insensitive File Systems Vulnerability December 18, 2014
• The Dawn of Trustworthy Computing (1)December 15, 2014
• Insecure Keyboard Entry (1)December 10, 2014
• GaragePay’s Encryption Removed (2)December 2, 2014
• Zero Knowledge Proofs: an Illustrated Primer November 29, 2014
• POODLE October 15, 2014
• Shellshock Security Bug in Bash October 11, 2014
• Secure Golden Key (1)October 10, 2014
• In-App Browsers Considered Harmful (3)September 24, 2014
• iCloud Security and Privacy Overview September 24, 2014
• iOS 8 Encrypts More Data With Passcode September 19, 2014
• Thoughts on Privacy September 18, 2014
• iCloud Adds Support for App-Specific Passwords September 17, 2014
• Apple Addresses iOS Surveillance and Forensics Vulnerabilities September 13, 2014
• The Poisoned NUL Byte, 2014 Edition September 2, 2014
• Photo Security Tips (2)September 2, 2014
• Apple Patches “Find My iPhone” Exploit (1)September 1, 2014
• Choosing Secure Passwords August 24, 2014
• What’s the Matter With PGP? August 17, 2014
• Abusing Twitter API July 31, 2014
• iOS Backdoors, Attack Points, and Surveillance Mechanisms (2)July 19, 2014
• iCloud Drops Support for Third-Party AIM Clients July 6, 2014
• SSL/TLS MITM Vulnerability June 5, 2014
• eBay Security Breach May 21, 2014
• Dropbox Vulnerability Affecting Shared Links May 7, 2014
• 1Password Watchtower April 30, 2014
• Internet Explorer Security Flaw (5)April 29, 2014
• Buggy Security Guidance from Apple April 20, 2014
• Revocation Checking and Chrome’s CRL April 14, 2014
• The OpenSSL Heartbleed Bug (1)April 10, 2014
• When Two-Factor Authentication Is Not Enough April 10, 2014
• Microsoft Word RTF Security Flaw (1)March 26, 2014
• Attacking the Random Number Generator, Not the Algorithm March 20, 2014
• GnuTLS Bug March 6, 2014
• Apple OpenSSL Verification Surprises March 4, 2014
• iSights Spying on Their Users Without Warning March 2, 2014
• iOS Security White Paper (4)February 28, 2014
• Software Update Backdoor? (6)February 25, 2014
• iOS Keylogging Vulnerability February 25, 2014
• Apple’s SSL/TLS Bug (4)February 23, 2014
• Apple’s Secure Coding Guide February 14, 2014
• On Hacking MicroSD Cards February 12, 2014
• Twitter Username Stolen Thanks to PayPal and GoDaddy January 29, 2014
• Calendar App Asks for Apple ID and Password (8)January 21, 2014
• Inception FireWire/Thunderbolt Hack (2)January 21, 2014
• Starbucks App Stores Passwords in Clear Text (3)January 16, 2014
• Mac OS X Updates Bypass FileVault 2 (1)January 3, 2014
• Build and Reverse MD5 Hashes Programatically November 6, 2013
• iMessage End-to-End Encryption (6)October 22, 2013
• Reverse Engineering a D-Link Backdoor (1)October 16, 2013
• 1Password 4 (8)October 3, 2013
• The Many Flaws of Dual_EC_DRBG September 23, 2013
• iOS 7 Lock Screen Bug (1)September 20, 2013
• Using “sudo” Without a Password (4)September 12, 2013
• Certifying Certificates September 12, 2013
• Q&A About Fingerprint Scanning September 12, 2013
• Subverting the IPSec Standards Process (1)September 9, 2013
• 1Password and the Crypto Wars (1)September 8, 2013
• Bullrun (4)September 5, 2013
• Google Authenticator 2.0 (2)September 4, 2013
• Researchers Reverse-Engineer the Dropbox Client August 27, 2013
• Jekyll on iOS: When Benign Apps Become Evil August 17, 2013
• Lavabit Architecture August 15, 2013
• Restoring Trust in Government and the Internet August 14, 2013
• Don’t Plug Your Phone Into a Charger You Don’t Own August 14, 2013
• Improving the Security of Your SSH Private Key Files July 24, 2013
• Developer Center Downtime (3)July 24, 2013
• Signed Mac Malware Using Right-to-Left Override Trick (1)July 16, 2013
• Finding Undefined Behavior Bugs by Finding Dead Code July 13, 2013
• Can Apple Read Your iMessages? (6)June 26, 2013
• NSA-proof Your E-mail in 2 Hours (2)June 25, 2013
• Recycled Yahoo! IDs June 19, 2013
• CSSMERR_TP_NOT_TRUSTED (3)June 7, 2013
• How Apple Decrypts iPhones May 15, 2013
• Authorization April 18, 2013
• Yummy Cookies Across Domains April 11, 2013
• Two-Step Verification for Apple ID March 21, 2013
• iOS 6.1.3 (1)March 19, 2013
• Bypassing PHP strcmp() March 5, 2013
• PDF.js (3)February 21, 2013
• Changing Your Password Doesn’t Revoke OAuth Access February 21, 2013
• Is Everything We Know About Password-Stealing Wrong? February 13, 2013
• Apple ID Security (1)February 12, 2013
• Properly Encrypting With AES With CommonCrypto February 4, 2013
• War Is Peace February 2, 2013
• Geofencing in Flickr (2)January 7, 2013
• Dual Apple ID Passwords December 11, 2012
• Kill the Password (1)November 15, 2012
• Campaigns Leaking Web Site Visitor Data November 2, 2012
• Rentzsch’s OpenSSL Tech Note (1)October 16, 2012
• Stripe’s Pop-up Window October 10, 2012
• Dropbox Supports Two-Step Verification August 28, 2012
• FileVault 2’s Apple ID Backdoor (32)August 7, 2012
• Find My Mac and Remote Wipe (10)August 4, 2012

Note: Most posts from before September 2012 are not yet tagged.