The Zen of IT
By Evan Schuman
Latest Android security hole shows why IT should consider a mobile app allow list
The mobile app security headaches continue. This time it's spyware found by mobile security firm Zimperium that not only steals data, but can silently control mic and camera — and secretly delete security apps. Fun times.
Store your corporate card on an iPhone? Uh-oh
Apple, Google, and especially Visa this month have given us yet another example of how security and convenience are at odds in the mobile world. Convenience seems to have won out.
Google now tells criminals when Chrome users are 'idle.' What could go wrong?
Another day, another revelation that mobile vendors might not always have users’ needs in mind, but they sure are helpful to cyberthieves.
How one coding error turned AirTags into perfect malware distributors
A security researcher found that an open area for typing in a phone number has unintentionally turned AirTags into God’s gift to malware criminals.
Apple’s latest right-to-repair trick is delightfully evil
I’ve always been impressed by how clever Apple can get when trying to protect its repair revenue. A new report from MacRumors doesn’t disappoint.
On app tracking, both Android and iOS have to do better
While Google has announced plans to reset permissions for older, rarely used Android apps, Apple’s app-tracking-transparency efforts in iOS have fallen short of the company’s grand vision.
Apple's anti-porn overreach — good intent, bad execution
Apple has unveiled plans to use its extensive powers to fight child pornography. Even though it has good intentions, the company's actual plan has given people dozens of reasons to oppose the move.
This Vultur app takes malicious to the next level
As if IT needs more reminders that apps in app stores may not be secure, a Netherlands security firm has found a new Android dropper app dubbed Vultur. It offers, and delivers, legitimate functionality, then shifts into malicious mode...
It's time, IT — set the rules of the road for mobile
When it comes to keeping everyone in the company on the same page, IT could be doing more. That's especially true when making sure mobile devices are secured.
About the Pegasus spyware, Apple's telling the full truth
When spyware from an Israeli firm was discovered on a number of iPhones used by journalists, critics hit Apple over security and privacy concerns. But in this case, it doesn't look like the company did anything wrong.
Note to IT: Google really wants its privacy settings left alone
It's deeply unsurprising that newly-released information from the Attorney General's office for Arizona — released when a judge agreed to unseal some of the data — shows Google trying to hide privacy settings and tracking users after...
When is a cybersecurity hole not a hole? Never
In cybersecurity, one of the challenging issues is figuring out when a security hole is a big deal or is trivial. Apple now has a hole that pushes the definition.
Google makes a big security change, but other companies must follow
Google is moving — slowly — to make multi-factor authentication default, pushing FIDO-compliant software embedded within the phone, and even has an iOS version. Nice touch.
Google and Apple claim their devices deliver a better sleep; not true, university says
A university study found that a frequently-heralded smartphone claim by both companies is non-existent. This raises a serious question: Don’t they have to prove something works before shouting it from the highest virtual rooftop?...
Rethinking mobile security in a post-COVID workplace
Remember all of the security corner-cutting forced on us in March 2020 as companies scrambled to deal with the pandemic? It's time now to go back and fix things.
Details of how the feds broke into iPhones should shake up enterprise IT
Given that law enforcement can leverage a hole in Mozilla open-source code that Apple used to permit accessories to be plugged into an iPhone’s lightning port, IT and enterprise security pros need to view mobile device security...
The case of the missing laptop RAM
One of the best tech support programs in the industry has been Dell's ProSupport program, which routinely answers within 10 seconds and offers excellent techs who truly try to help. It also offers a next-day onsite repair program...
Text authentication is even worse than almost anyone thought
For years, security experts have been sounding the alarm about texting numbers for authentication. Now, due to some excellent work from Vice, it's clear the text situation is far worse than we thought.
WhatsApp's new 'privacy' policy is a gift to other messaging apps
WhatsApp does not treat all interaction data the same. For now, user-to-user/customer-to-customer/consumer-to-consumer messaging is encrypted and considered private. But when a user communicates with a business, Facebook can do...
Apple tramples on security in the name of convenience
Apple's upcoming iOS 14.5 and WatchOS 7.4 OSes will allow masked enterprise employees to access their iPhone if they happen to be wearing an Apple Watch that is unlocked. If companies don't stop workers from using this convenience, it...
