Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Apple Inc.. Show all posts

Contact Key Verification: Boosting iMessage Security

Apple has taken another significant step towards improving the security of its messaging platform, iMessage. The introduction of Contact Key Verification adds an extra layer of security to iMessage conversations, protecting user data and privacy. In this article, we will explore what Contact Key Verification is and why it matters.

iMessage is a popular messaging platform known for its end-to-end encryption, which ensures that only the sender and the recipient can read the messages. With the new Contact Key Verification feature, Apple is making iMessage even more secure by allowing users to verify the identity of the person they are messaging with.

Contact Key Verification uses public key cryptography to establish a secure connection between the sender and receiver. Each iMessage user has a unique public key, which is stored on Apple's servers. When a user sends a message, their public key is used to encrypt the message. The recipient's device then uses their private key to decrypt and read the message. This ensures that only the intended recipient can access the content.

But what Contact Key Verification does differently is that it allows users to confirm that the public key used for encryption belongs to the person they intend to communicate with. This extra layer of verification prevents man-in-the-middle attacks, where an attacker intercepts and decrypts messages meant for someone else.

The implementation of Contact Key Verification is simple. Users can access the feature by tapping on the contact's name or picture in the chat. They can then view the contact's key and verify it through various methods like scanning a QR code or comparing a series of numbers with the contact in person.

This additional security feature is essential in today's digital landscape, where data breaches and cyberattacks are increasingly common. It ensures that even if someone gains access to your device, they cannot impersonate you or read your messages without proper verification.

Apple's commitment to user privacy is evident in this move. By giving users control over their message security, they are ensuring that iMessage remains one of the most secure messaging platforms available. Moreover, the public key infrastructure used in Contact Key Verification is a proven method for securing digital communications.



'XcodeGhost' Malware Infected Around 128M iOS Users

 

In a recent malware attack over 128 million iOS customers have been targeted. The malware employed by the attackers goes by the name "XcodeGhost" which first came into the public domain in 2015. This attack is responsible for injecting malware into several Apple devices' app stores including iPhone and iPad apps that were subsequently uploaded to the App Store. 

During the Epic Games vs Apple trial, the internal Apple emails have warned that almost 128 million users downloaded approximately 2,500 apps that were infected by the malware which came into existence from the fake copy of Xcode. 

While Motherboard has also reported on the same issue saying over 2,500 infected apps have been downloaded over 203 million times in the App Store. 

Some employer has disclosed that around 55 percent users are Chinese and also 66 percent of downloads relates to China. According to the report, many developers have downloaded the infected Xcode as Apple’s servers were slow, hence they were looking for alternative download links. 

Notably, some of the widely popular apps have also been infected by this malware, including the game ‘Angry Birds 2′. 

When the malware was identified, Apple suggested developers immediately revise their apps with a legal version of Xcode, the report added. 

In the wake of the security incident, Apple has taken several security measures to fix the attack including malware scanning and the security of the Xcode execution process while submitting apps to the App Store. As the legal battle was going on between Apple and Epic Games in the USA this week, new technical details have surfaced, disclosing that Epic Games CEO Tim Sweeney had suggested Apple CEO Tim Cook open their devices to other app stores as early as 2015. 

Google’s Research App- 'Screenwise Meter' To Encroach Apple’s Policies?



Apparently, a research application was being run by Google, which could potentially violate Apple’s policies, the same way Facebook once did.

“Screenwise Meter” is the name of the infamous application, so being mentioned.

It’s an invitation-only program which works on collecting data and its monitoring onto phones and in return guarantees gift cards.

The application uses an “Enterprise Certificate”, named “Sideload” which was revoked from Facebook.

Due to this revocation, a lot of havoc was wreaked within the ‘employee-only’ apps of Facebook on iPhones.

After what happened with Facebook, there were likewise chances of Google’s certificate being revoked by Apple too.

But before that could happen, Google, shut its ‘Screenwise Meter’ down and apologized for putting the application into Apple’s Enterprise Program in the first place.

The application was always meant to be voluntary, cited one of the spokespersons of Google, and also that it has now been entirely disabled on all the iOS devices.

Apple Inc. Announces Free Screen Replacement For Affected iPhone X Units



Apple Inc. at last, affirms display issues with iPhone X units. The declaration went ahead on Friday after the iPhone X was discontinued in September following the dispatch of the iPhone XS and XR. The iPhone X was launched a year ago and reports of display issues sprung up a couple of months back, yet Apple did not react at the time. Furthermore, Apple has likewise conceded that some 13-inch MacBook Pro models have "an issue that may result in data loss and failure of the drive."

The California based giant affirms that the screen on some iPhone X units does not react to touch or reacts irregularly when contacted additionally, further adding that iPhone X users who have been confronting this issue will be helped to at whatever point they will visit an Apple Store or Apple Authorised Service Providers to get a screen substitution free of expense.

Apple confirmed that a set number of 13-inch non TouchBar MacBook Pros that were sold between June 2017 and June 2018 may experience the ill effects of data loss or failure and has reported a repair program for the influenced gadgets with 128GB and 256GB of solid-state drives. The company will likewise email users who have enrolled their devices with Apple to educate them more about the program.

Apple has set aside its opportunity to respond towards the touchscreen issue on the iPhone X. Starting now, it appears as if the issue is constrained to last year's model and not the new iPhone XS and XR. That being stated, the most recent iPhones have likewise observed a couple of issues since dispatch, such as not charging when the Lightning cable is connected and the selfie camera "Beautygate" issue, the two of which have been discreetly settled by Apple through the software update.

Shares Of The Microsoft Corp. Closed At A Record High; Expanding Its Secure Score Service


Microsoft in its Ignite Conference in Orlando, revealed that it was applying its Authenticator application across Azure to get rid of login passwords and growing the Secure Score benefits and services over its cloud to give users feedback options to prevent any breaches.

As the shares of the Microsoft Corp. closed at a record high the tech giant has now taken into consideration the expansion on its profile as a secure cloud vendor on Monday, utilizing its yearly IT conference to make public a few security activities and initiatives intended to target few enterprises to its Azure public cloud platform and far from rivals such as Amazon.com Inc.  and Alphabet Inc.

As far back as the announcement by Chief Executive Satya Nadella in November 2015 is concerned it was decided that Microsoft would invest $1 billion a year in the security research and development, the stock's price has indeed billowed about 116%, making it the best performing tech stock on the Dow over that period, with Apple Inc. AAPL, - 0.45% up 91% and Cisco Systems Inc. CSCO, +0.33% up 81%.

While Amazon.com Inc. AMZN, +0.41% are as yet the predominant public cloud player by far with the Amazon Web Services, Microsoft's Azure has relentlessly been wearing down AWS as one of the fastest-growing public cloud providers. In its last earnings increase.

Microsoft shares finishes 0.4% at $114.67, a record close for a third session in succession, while the Dow Jones Industrial Average DJIA, - 0.68% declined 0.7%, the S&P 500 index SPX, - 0.35% slipped 0.4%, and the tech-heavy Nasdaq Composite Index COMP, +0.08% completed under 0.1%.

These announcements though come about a week after Microsoft launched a shot targeting the opponents in another region, exhibiting an AI variant of its Dynamics 365 customer relationship management