
Apple's anti-porn overreach — good intent, bad execution
Apple has unveiled plans to use its extensive powers to fight child pornography. Even though it has good intentions, the company's actual plan has given people dozens of reasons to oppose the move.

This Vultur app takes malicious to the next level
As if IT needs more reminders that apps in app stores may not be secure, a Netherlands security firm has found a new Android dropper app dubbed Vultur. It offers, and delivers, legitimate functionality, then shifts into malicious mode...

It's time, IT — set the rules of the road for mobile
When it comes to keeping everyone in the company on the same page, IT could be doing more. That's especially true when making sure mobile devices are secured.

About the Pegasus spyware, Apple's telling the full truth
When spyware from an Israeli firm was discovered on a number of iPhones used by journalists, critics hit Apple over security and privacy concerns. But in this case, it doesn't look like the company did anything wrong.

Note to IT: Google really wants its privacy settings left alone
It's deeply unsurprising that newly-released information from the Attorney General's office for Arizona — released when a judge agreed to unseal some of the data — shows Google trying to hide privacy settings and tracking users after...

When is a cybersecurity hole not a hole? Never
In cybersecurity, one of the challenging issues is figuring out when a security hole is a big deal or is trivial. Apple now has a hole that pushes the definition.

Google makes a big security change, but other companies must follow
Google is moving — slowly — to make multi-factor authentication default, pushing FIDO-compliant software embedded within the phone, and even has an iOS version. Nice touch.

Google and Apple claim their devices deliver a better sleep; not true, university says
A university study found that a frequently-heralded smartphone claim by both companies is non-existent. This raises a serious question: Don’t they have to prove something works before shouting it from the highest virtual rooftop?...

Rethinking mobile security in a post-COVID workplace
Remember all of the security corner-cutting forced on us in March 2020 as companies scrambled to deal with the pandemic? It's time now to go back and fix things.

Details of how the feds broke into iPhones should shake up enterprise IT
Given that law enforcement can leverage a hole in Mozilla open-source code that Apple used to permit accessories to be plugged into an iPhone’s lightning port, IT and enterprise security pros need to view mobile device security...

The case of the missing laptop RAM
One of the best tech support programs in the industry has been Dell's ProSupport program, which routinely answers within 10 seconds and offers excellent techs who truly try to help. It also offers a next-day onsite repair program...

Text authentication is even worse than almost anyone thought
For years, security experts have been sounding the alarm about texting numbers for authentication. Now, due to some excellent work from Vice, it's clear the text situation is far worse than we thought.

WhatsApp's new 'privacy' policy is a gift to other messaging apps
WhatsApp does not treat all interaction data the same. For now, user-to-user/customer-to-customer/consumer-to-consumer messaging is encrypted and considered private. But when a user communicates with a business, Facebook can do...

Apple tramples on security in the name of convenience
Apple's upcoming iOS 14.5 and WatchOS 7.4 OSes will allow masked enterprise employees to access their iPhone if they happen to be wearing an Apple Watch that is unlocked. If companies don't stop workers from using this convenience, it...

Have a pacemaker and an iPhone? Could be a deadly combination
Apple itself has issued a warning that its newest iPhone could attack your heart — literally.

When cryptographers looked at iOS and Android security, they weren’t happy
In recent years, the feds have stopped asking for a workaround to get past Apple security. Why? It turns out that iOS, along with Android, is simply not as secure as those companies suggested.

SMS: Texting numeric strings is the best holiday gift to cyberthieves
Multi-Factor Authentication has become so common a security tool that many users assume it must work well to protect data and communications. What it really does is provide false comfort.

Apple's iPhone slowdown ploy was ridiculous, even by Apple standards
Now that Apple has agreed to pay $113 million to settle with iPhone users whose smartphone clockspeed was artificially slowed to boost hardware sales, it's worth examining why the move was so colossally stupid.

Should IT buy the new iPhone 12 Pro? Almost certainly not
When it comes to whether enterprise IT should seriously consider this purchase — for those operations where BYOD hasn't yet alleviated the need to buy phones ever again — it doesn't make sense for most.

Zoom's new encryption approach is incremental, but better
Max Krohn, Zoom's head of security engineering, detailed what users need to give up to get the better encryption protection that's coming.
Top Blog Posts