May 27th, 2014
Apple devices are extremely popular, which unfortunately makes them a target for theft. To combat this as much as possible, Apple includes features to help users find lost or stolen devices, but these features contain security vulnerabilities of their own. The latest reports, as noted by Loek Essers of TechWorld, center around the “Find My iPhone” feature and a form of ransomware.
When ‘Find My iPhone’ is enabled, users are able to track it to see its current location or lock the device and display a custom message. Users are reporting that their iCloud accounts are being hacked and ‘Find My iPhone’ enabled on their own devices, however. A message informing them that they’ve been hacked by “Oleg Pliss” is displayed and a $100 ransom is demanded.
Users have also reported that while they’re able to log-in to their Apple accounts, they’re unable to disable Lost mode and unlock the device on their own.
At least for some of the victimized users, the problem may stem from the eBay hacking from earlier this month. Some users admit they use the same passwords for their Apple account as they did for eBay.
For now, Apple has been silent on the issue and hasn’t officially suggested a way to unlock hacked devices. The only fix to be found so far is to restore the device to factory settings.
It’s not just iPhones that have been affected either. All Apple device have a similar feature to help find them when they’re lost or stolen and all are vulnerable to this same ransom tactic. So far, users in Australia, Great Britain and Canada have all reported being hacked, but no users from the US have had the same problem.
Before the problem spreads to the US, it’s a good idea to change your passwords, especially if you held an account at eBay that may have been compromised.
If any of your device are hacked, infected with malware, or break, bring them to Geek Rescue or call us at 918-369-4335.
May 20th, 2014
If you’re an iPhone user, you’re likely familiar with iMessage, an alternative to SMS messaging between Apple users only. You’re also probably familiar with iMessage issues, which seem to be numerous. At Lifehacker, Thorin Klosowski has some advice for how to overcome some of the most common problems encountered by iMessage users.
If you have an iPhone, you may also have an iPad and Mac. Apple counted on this loyalty when they built in the ability to sync iMessage to different devices. Unfortunately, it’s not so easy to get syncing to work correctly. If you’re having trouble, the first thing to check is whether the phone number and email on iMessage matches on each device. On your iPhone, go to the Messages Settings menu and select ‘Send and Receive’. On your Mac, with Messages open, check the Preferences menu. Now match up the email address and phone number shown on each device. If they’re not the same, that’s your problem. If they are, try restarting both devices.
Losing service on your smartphone is frustrating but it becomes worse when it completely breaks iMessage, even once service is restored. Some users have experienced this when they’ve attempted to send a message with no service. The message gets caught in a loop and those users are then unable to send or receive with iMessage even when their phone is otherwise back to normal. Many of their sent messages are even marked ‘delivered’ but other users don’t receive them. Fortunately, the fix is fairly simple. Either delete the entire message thread containing the message sent without service by swiping left, or delete just the individual message.
Soemtimes it doesn’t take a loss of service for iMessage to break. There are times when users report being unable to send messages even when there’s been no problems with their network. The first step is to check if Apple has reported any problems on their end. The reality is that iMessage goes down from time to time. If there’s no reported downtime, try turning off iMessage then turning it back on. Then, enable the ‘Send as SMS’ option in the Messages Settings menu. If neither of these allow you to send messages, try resetting your network under the General Settings menu.
If you’re having problems with your Apple device that you can’t fix yourself, call Geek Rescue at 918-369-4335.
April 3rd, 2014
The “Find My iPhone” feature is a valuable security tool and the last hope for users who have had their smartphone stolen or have lost it. Previously, reports surfaced pointing to vulnerabilities in Apple’s “Lost Mode”, which allows users of iPhones, iPods and Macs to lock their device remotely. As Ashley Feinberg reports for Gizmodo, a security flaw has also been found in “Find My iPhone”, which allows strangers to completely unlock a stolen device.
“Find My iPhone” allows users to log in to their iTunes account and find the location of their smartphone as long as the device is still turned on. Not only does this help users recover lost phones, but it also ensures that criminals can’t steal and sell iPhones. As long as the original user’s iCloud account information is still on the device, it can be tracked down.
Erasing the iCloud account requires an Apple ID password. While breaking that password is possible, it would usually require a minimum of a few hours to do so, which would provide the rightful owner plenty of time to find their missing device.
A video recently posted to YouTube, however, demonstrates how criminals can by-pass the need for a user’s Apple ID password and delete their iCloud account. Doing so doesn’t even require a great deal of technical expertise. All that’s needed is for the “Delete Account” button to be pressed at the same time as the “Find My iPhone” switch from the iCloud settings menu. That brings up the password prompt and the delete window at the same time, which freezes the device.
From there, after restarting the device, you’ll find that you’re able to delete the iCloud account without a password and have free reign.
While no fix for this issue exists yet, Apple has likely been working on one since this exploit was made public. Users who have a PIN in place to lock their iPhone are already partially protected from this bug. Even if their device is stolen, the PIN has to be broken before anyone would even have access to this exploit.
While Geek Rescue can’t find your missing smartphone, we do fix it when it breaks. For any issues with your device, call us at 918-369-4335.
March 12th, 2014
In September, Apple released iOS 7. Since then, users have been waiting for the next update that would fix bugs and introduce new features. There have been plenty of stories predicting what the update would contain, but no one could know for certain. This week, iOS 7.1 was officially released and in just a couple of days, adoption is already close to 10-percent for eligible devices. Eric Zeman of Information Week reports on the iOS update and what’s new for iPhone, iPad and iPod Touch users.
Many users complained that their device reset unexpectedly after updating to iOS 7. This soft reset wouldn’t delete any apps or saved data, but would interrupt whatever activity the user was currently engaged in. One of the primary goals of the update to 7.1 was to fix this annoying bug. So far, users are reporting that the reset problem has been solved.
Apple’s virtual personal assistant received an upgrade in iOS 7.1. While Siri will still actively listen for voice commands, there’s an added option of manually control when Siri needs to pay attention. Users can hold the Home button down while they give a command and release it when they finish directing Siri. There are also a number of new voice options for Siri in a variety of languages.
Apple is still excited about the possibilities of iTunes Radio and continues to roll out new features for it. In iOS 7.1, users are able to make purchases easier from their mobile devices. Previously, users can now purchase music directly from the “Now Playing” screen in iTunes Radio and even buy entire albums. Users are also able to subscribe to iTunes Match directly from their iPhone or iPad. The search function for iTunes Radio was also tweaked to make it easier for users to access it quickly.
Perhaps the most anticipated addition included in iOS 7.1 allows iPhone and iPad users to integrate their devices with their cars. Before you get too excited, know that cars that support CarPlay aren’t even on the market yet. Some upcoming 2015 models are expected to include that feature. In the meantime, Apple’s devices are already ready to go. Users with CarPlay will be able to use Siri, navigation, messaging and access their music.
As always, it’s recommended that you back-up your device before installing a significant update like this one. Downloading and installing iOS 7.1 reportedly takes about 10-minutes over a WiFi connection.
If your device has issues that an update won’t fix, bring it to Geek Rescue or call us at 918-369-4335.
February 24th, 2014
Over the weekend, Apple released an update to its mobile operating system, iOS. Version 7.0.6 for iOS 7 devices and 6.1.6 for iOS 6 devices were seemingly rushed out to fix a bug that put users’ data at a significant risk. At Gizmodo, Brian Barrett explains why iOS users should update their devices as soon as possible.
The bug, or security vulnerability, that Apple is now attempting to fix involves a flaw in the operation of SSL, which stands for Secure Sockets Layer. Using SSL allows for private and secure communications between your web browser and the servers it need to communicate with to access different websites. When you see the small lock icon appear in your browser’s address bar, that means that SSL is functioning and securing your connection to the site you’re currently on.
Without SSL, everything you send to a server and receive back is up for grabs. SSL verifies that your browser is contacting the correct server for the website it’s displaying, but the Apple bug prevents that from happening. This opens the door for what’s called “man in the middle attacks”, which refers to a third party intercepting data intended for someone else. So, your log-in credentials for any online account you have, payment information for an online purchase, emails and a number of other potentially costly possibilities can all be stolen and monitored by criminals.
The vulnerability affects not only browser Safari, but also Calendar, Facetime, Keynote, Twitter, Mail, iBooks and more. Any time you’ve used one of these apps on an unsecured network, which could be anything from free WiFi in a coffee shop to the network at your job that doesn’t require a password, all the data you’ve accessed and submitted could have been intercepted.
This flaw has an update for devices dating back to the iPhone 3GS and fourth generation iPod Touch. Any devices older than that likely won’t have an update available to fix the problem. This is also an issue for Mac users with the OS X operating system. While there’s a known vulnerability for Macs, there isn’t currently a patch or update to fix it.
While exploits of this vulnerability only recently began being spotted, the SSL flaw has been in both iOS and OS X since September of 2012. For the past year and a half, data has been available through a fairly simple exploit on one of the most popular mobile devices. If you haven’t already updated, do so now. If there isn’t an update available for your device yet, avoid using the affected apps on any unsecured networks.
Security vulnerabilities are a serious concern for any device. If you’ve experienced an attack and have a device infected with malware, or want to explore additional security options, contact Geek Rescue at 918-369-4335.
February 13th, 2014
In Cisco’s Annual Security Report, they claim that 99-percent of mobile malware targeted Android in 2013. Whether or not that’s completely accurate, it’s safe to say that more threats exist for Android users than their iOS counterparts. That doesn’t mean, however, that security shouldn’t be a concern for iPhone users. As Tom Brewster of The Guardian reports, there were 387 documented security flaws in iOS in 2012 compared to only 13 for Android. When iOS debuted, another 70 flaws needed to be patched. The existence of flaws doesn’t mean attacks on them are inevitable, but it does illustrate how vulnerable iOS users are. Here are a few ways attackers could attack Apple devices.
Even if the base of iOS itself isn’t vulnerable to attacks, the apps that users add often are. One prominent flaw is the allowance of developers to switch the internet address that apps use to acquire data. Hackers are able to exploit this flaw and associate an otherwise legitimate app with their own malicious site. This allows the attackers to execute a variety of malicious actions on a user’s device.
Legitimate apps often contains security vulnerabilities, but there’s only been one documented case of a malicious app being allowed into the official App Store. That likely won’t be the case for long, however. Researchers have already demonstrated ways for a harmful app to be approved by Apple and earn a spot in the app store. One demonstrated app works legitimately when tested by Apple, but is able to rearrange its code when it’s downloaded by users to steal data and remotely control certain functions of the the device.
Insecure WiFi opens up a number of possible attacks, regardless of what device you’re using to access it. Not only does data being sent to and from your device become vulnerable, but data stored insecurely on your device could also be vulnerable to an attack. While these dangers aren’t limited to iOS users, the perceived security of Apple devices often leads to iPhone users being more cavalier in the use of their device, which can lead to valuable data being stolen with little effort.
This is another threat that isn’t limited to iOS, but certainly is a threat worth understanding. The use of fake, or stolen, security certificates is a growing trend in cyber attacks and allows for malicious programs to be accepted and executed. For example, an email that appears to be from a legitimate source asks users to download an application, update or even just a document. Without a trusted certificate, users would be warned about the download. With a false certificate, or one stolen from a legitimate source, an application is accepted as trusted by the operating system and malware is allowed to infect your device.
Protecting against these vulnerabilities often requires users to be more careful about how they use their devices. Understanding that your iPhone isn’t completely immune from common threats is important.
If you find that one of your devices has been infected by malware, call Geek Rescue at 918-369-4335.
February 10th, 2014
Apple’s mobile operating system, iOS 7, was released in September and since then, more than 80-percent of users with supported devices have adopted it. After a few rounds of beta updates, Apple seems poised to release the first significant update to iOS 7. As JC Torres of Slash Gear reports, iOS 7.1 is rumored to be released in March.
Don’t expect 7.1 to break any new ground, however. For the most part, the update is being released to fix common bugs and functionality issues users have reported, not to improve existing features or introduce many new features.
You can expect a few visual tweaks. The slide to unlock, dialer, keyboard and music functions are all expected to look a little different in iOS 7.1. When sliding to turn off your iPhone, you’ll rounded slider at the top of your screen and a white cancel button at the bottom. Slight adjustments to the slide to unlock screen and animation are also being made.
When answering calls, you’ll have the option to accept or decline in green and red circles, instead of rectangles. You’ll also have actual icons above those options for ‘Remind Me’ or ‘Message’.
The dialer has become visually more attractive with color gradients and accents. The large green ‘Call’ rectangle has also been replaced with a smaller, circular phone icon.
In the music app, users may notice more prominent buttons for repeat and shuffle options. Those are now ‘Repeat Song’ and ‘Shuffle All’ and have a pink background behind them.
Another minor change comes in the keyboard, where the shift and delete buttons are now more prominent and easier to discern.
There are also new options in Calendar and animation tweaks to the Control Center and Messages.
Perhaps the most exciting change coming wrapped in iOS 7.1 is iOS in the Car. This new features allows you to connect your iPhone to compatible cars and display iOS content like maps, directions and messages on the navigation screen.
The other exciting news surrounding the coming iOS update is a promised fix for the infamous ‘white screen of death’. This glitch has been causing many users to suffer unexpected reboots and crashes. Users of the iPhone 5S, iPad mini with Retina and iPad Air have all reported this problem.
If your Apple device’s problems can’t be fixed by an iOS update, call Geek Rescue at 918-369-4335 or come see us. We fix hardware and software problems, as well as malware infections and more.
January 27th, 2014
There are still some users who don’t enjoy interacting with Apple’s iOS on their iPhone or iPad. For many of these users, their frustrations stem from not knowing the full capabilities and functionality of the operating system. At LifeHacker, Whitson Gordon has a list of shortcuts that make interacting with iOS more efficient. While some more advanced users will know many of these, there’s something for everyone to learn.
For most users, this has become intuitive. But, some don’t realize that this gesture refreshes in nearly every situation. Pulling your email’s inbox down to check for new messages may be common knowledge, but you can also pull down a webpage to re-load it or pull down an app to refresh the content. Just make sure you pull down until you see an icon, then release to refresh.
- Swipe for timestamps or more options
One common complaint about messaging in iOS is that timestamps aren’t included. Actually, they are but they’re not visible. To see when a message was sent or received, swipe left on the message. Use the same swipe over an email in Mail inbox to see more options, like a quick way to delete.
This is another gesture that works in nearly any situation in iOS. To go back one screen, or even back to the previous webpage, swipe from left to right. If you swipe slowly, you’ll be able to preview the previous screen before you decide to go back. If you swipe the opposite direction in Mail or Safari, you can go forward a screen.
It feels a little cumbersome typing on an iPad’s digital keyboard. There’s a second option that not everyone knows about, however. Hold down the keyboard key, or just simply pull the keyboard apart to get a more comfortable split keyboard. Now, you can type with your thumbs like you do with a smartphone and you can move the keyboard to anywhere on the screen.
- Quick event changes in Calendar
If an event you’ve stored in Calendar needs to be changed, you could edit it and type in the new details. An easier way, however, is to hold down on the event in Day mode, then move the event to a new day or time, or even change the duration.
- Quickly view drafts in Mail
Any saved drafts of messages are available in Mail’s main menu with the rest of the folders, but to reach them quicker, just hold down on ‘Compose’. A list of your drafts will pop up as a menu you can choose from.
These tips allow you to access functions of your Apple device faster and use it more efficiently. If you have other problems with your device, like slow performance, malware infections or broken hardware, come by Geek Rescue or give us a call at 918-369-4335.
January 24th, 2014
Previously, we outlined three security vulnerabilities that exist on your iPhone. With malware and hackers targeting iPhones more than ever, you not only need to know where you are vulnerable, but also how to protect your device. Steve Bell of Bullguard has a list of tactics and apps that will improve the security of your iPhone.
This isn’t technically an app, although there is one available. Find My iPhone is well-known, but it’s an indispensable tool. To activate it, go to your iPhone’s settings, then select ‘iCloud’ and check the ‘Find My iPhone’ option. Then, if your phone is lost, you’ll be able to log-in to iTunes and see its current location, display a message on its screen, play a sound, lock it or wipe it clean. The Find My iPhone app lets allows you to find other iOS devices from your iPhone. Also, consider using GadgetTrak, which offers similar features to Find My iPhone but will also use your phone’s camera to take a picture of its surroundings or its thief.
There are a large number of iPhone users that don’t lock their phones with any type of passcode. While locking your phone doesn’t provide robust security, an unlocked phone is a much more attractive target for criminals. Set a passcode by going to the general settings menu and selecting ‘Passcode Lock’. It’s also important to make sure that no one can use Siri unless your iPhone is unlocked. This is a slight security vulnerability that can be fixed by turning your phone on to the passcode screen and sliding the Siri slider to off.
Using your computer to back-up data is a great idea in case your phone is lost or stolen or data is corrupted. But, storing it unencrypted makes it easy for hackers to steal it if they gain access to your computer. Make sure when you sync your iPhone or iPod to your computer with iTunes, you encrypt the data you back-up.
If you regularly connect to public WiFi and want to be able to log-in to online accounts or shop online with your phone, you need this app. A VPN encrypts the data you transmit while connected to a wireless network so it can’t be intercepted and stolen. Hotspot Shield also protects you from spam, phishing and malware. Using a unsecured network is a common way your identity is stolen or device infected. Using a VPN is a great way to protect yourself.
Sometimes, the best defense against cyber crime is to be smart about how you use your iPhone. Don’t download apps outside the official app store, don’t download email attachments and don’t enter personal information over an unsecured network. Avoiding the cause of issues helps you stay safe.
If any of your devices are having issues, like slow performance or malware infection, come by Geek Rescue or call us at 918-369-4335.
January 24th, 2014
Recently, we’ve concentrated on the various threats associated with Android devices and their users. But there are security threats for Apple device users to concern themselves with also. With more than 300-million active iPhones in use today, Apple products make an attractive target for cyber criminals. At the Bullguard blog, Steve Bell revealed three of the most troubling security vulnerabilities associated with iPhones. These vulnerabilities come from studies focusing on banking apps specifically, but also suggest other potential security flaws in other downloaded apps.
In order to secure connections between a web server and a browser, SSL certificates are used. These are small data files that contain a cryptographic key protecting the information being transmitted. This presents man in the middle attacks because if the data is intercepted without the proper key, it will remain encrypted. About 40-percent of the banking apps examined failed to validate the authenticity of SSL certificates used during transactions. That means any criminal who is able to intercept the data being transferred would be able to steal it and read it. Considering what type of valuable information you would commonly transmit using a banking app, that’s extremely troubling.
Half of the apps studied were found to be vulnerable to JavaScript injections, which are able to inject JavaScript code into websites. This particular vulnerability exists in a Safari component that allows for web content to be embedded into apps. Through this vulnerability, attackers would be able to send text messages and make phone calls from your iPhone.
Many apps contain links that take users out of the app and onto the open web. These links can cause problems of their own if not properly implemented. In this study, nine out of ten of the banking apps contained non-SSL links to otherwise legitimate and trusted websites. Without the protection of encryption, however, these links are incredibly vulnerable to attacks. Data transmitted after following those links could be intercepted and criminals could even reroute users to a spoofed site in order to steal log-in credentials.
Apple’s iOS is considered a well-crafted, essentially secure environment, but vulnerabilities still exist with the introduction of apps. Though these apps may be found in the official App Store, they can still contain flaws that compromise your entire iPhone’s security.
If your having issues with your iPhone, or any of your devices, bring them to Geek Rescue or call us at 918-369-4335.
