Posted by: David Harley | October 29, 2014

OS X malware, KnockKnock, Elk Cloner and the Universe

Here’s an OS X-related article I just posted on the IT Security site: OS X malware: I hear you KnockKnocking but you can’t come in*

Patrick Wardle’s KnockKnock is useful for the generic detection of OS X programs that maintain ‘persistence’, but it isn’t a replacement for anti-malware. (I suppose I should mention in this case that a lot of my income comes from providing consultancy to the anti-malware industry, but no anti-malware company has anything to do with this site, and of course Kevin Townsend’s IT Security site is vendor-independent.)

David Harley
Small Blue-Green World

Posted by: David Harley | October 26, 2014

Meanwhile, back to some real news…

…albeit just a roundup of some recent issues.

David Harley
Small Blue-Green World

Posted by: David Harley | October 26, 2014

Digital Guardian – flattery will get you – er, not much…

This blog was flattered to find itself in good company on the Digital Guardian site as one of the top 50 sites you ought to be reading, but rather puzzled as to why, since the information it cited was a little off-beam (no-one else is writing for this blog these days, for example) and the ‘three articles we like’ it cited were pretty much pointers to articles by other people on other sites. (I’m afraid this happens more and more frequently nowadays, as my working hours decrease and my workload continues to increase, so I have to prioritize other outlets.) Perhaps Digital Guardian actually got around to reading the articles, since it seems that Mac Virus has been removed from the list. Oh, the humiliation! ;)

I do get a namecheck, however, as a contributor to Kevin Townsend’s IT Security (which seems to have attracted quite a lot of attention in a short time), and there’s even a link to one of my of my more serious articles: The economics of benevolence: mean memes.

NB I know nothing about Digital Guardian’s product range, so mentioning the site doesn’t constitute a recommendation on my part – in fact, that’s why I didn’t mention it while Mac Virus was cited. But some of the blogs mentioned in the article are well worth reading.

David Harley
Small Blue-Green World

Posted by: David Harley | October 2, 2014

iWorm, Xsser, Shellshock catch-up

My apologies if people have been haunting this page in search of information about the many Apple-related issues that have raised their heads in the last week or two. I’ve just been too busy elsewhere to blog on this site. Here are a few articles worth your attention, by way of a catch-up.

David Harley
Small Blue-Green World

Posted by: David Harley | September 24, 2014

More iPhingering

More about the susceptibility of the iPhone 6 to the TouchID fingerprint hack, from The Register’s John Leyden: Apple should LOOK BELOW to beat TouchID fingerprint hack, say securo-bods.

David Harley
Small Blue-Green World

 

Posted by: David Harley | September 23, 2014

iPhone 6, iPhingered

John Leyden reports that Lookout claims that ‘iPhone 6 STILL vulnerable to TouchID fingerprint hack ONE YEAR LATER‘ referring to the hack previously reported with the 5s.

Gaining access to an iPhone using a faked fingerprint isn’t the easiest trick to pull off, and in any case needs access to the owner’s fingerprints and the phone itself. Still, it’s a good argument for using a passphrase or PIN as a second authentication factor.

David Harley
Small Blue-Green World

Posted by: David Harley | September 23, 2014

iOS 8 and the iPhone 4

Graham Cluley for Intego: If You Care About Security, Throw Away Your iPhone 4 Right Now

iOS 8 includes lots of security fixes that won’t be available for iOS 7, which is particularly bad news for iPhone 4 users. Graham tells us why…

David Harley
Small Blue-Green World

Posted by: David Harley | September 23, 2014

Apple, iOS 8, and private data

From John Leyden, for The Register: Apple passcode-protects iOS 8 devices, but cops can still inhale your iCloud

Apple says that for devices running iOS 8, it can no longer bypass your passcode to examine your personal data.  However, it isn’t quite that simple, according to some of the other documents to which Apple’s document links.

(HT to Artem Baranov.)

David Harley
Small Blue-Green World 

Posted by: David Harley | September 18, 2014

iOS 8 security

Hat tip to Artem Baranov for drawing my attention to Apple’s September 14th document on iOS 8 security, and also a KnowledgeBase article About the security content of iOS 8.

In a loosely related vein, Apple explains its privacy policy here, (By way of John Gruber , who also quotes an interesting snippet from Tim Cook in Tim Cook on Apple and Privacy.

David Harley

Posted by: David Harley | September 16, 2014

Appbuyer iOS malware

This is one more item I intended to include in the security roundup I just posted here.

Palo Alto Networks recently posted an article on AppBuyer: New iOS Malware Steals Apple ID and Password to Buy Apps, a malware family discussed by Weiphone back in May 2014 that affects jailbroken devices. Apparently. I don’t read Chinese, so much of that blog means nothing at all to me… Palo Alto’s article mentions its own  quick introduction but that was published in a closed group of which I’m not a member.

Still, the new(-ish) analysis is quite thorough and well worth a look.

David Harley

Older Posts »

Categories

Follow

Get every new post delivered to your Inbox.

Join 38 other followers