Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label New Security Features. Show all posts

Apple Came With Lockdown Mode, a New Security Feature

On Wednesday, Apple shared details of a new, advanced version of the security option named Lockdown Mode for Apple device users who may face sophisticated cybersecurity threats. 

According to the technical details of the new security update, users can avail this Lockdown Mode this fall with iOS 16, iPadOS 16, and macOS Ventura. This extreme version of security feature is designed for a few users such as government officials, journalists, and activists, who are easy prey of NSO Group or other private state-sponsored mercenary spyware. 

Ivan Krstić, Apple's head of security engineering and architecture, called Lockdown Mode "a groundbreaking capability". "While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are. That includes continuing to design defenses specifically for these users, as well as supporting researchers and organizations around the world doing critically important work in exposing mercenary companies that create these digital attacks." 

Lockdown Mode includes the following protection features:

• Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode. 

• Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled. 

• Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request. 

• Wired connections with a computer or accessory are blocked when iPhone is locked. 

• Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on. 

Following the updates, Lori McGlinchey, the Ford Foundation’s director of its Technology and Society program, said, “The global spyware trade targets human rights defenders, journalists, and dissidents; it facilitates violence, reinforces authoritarianism, and supports political repression...” 

“…The Ford Foundation is proud to support this great initiative to bolster civil society research and advocacy to resist mercenary spyware. We must build on Apple’s commitment, and we invite companies and donors to join the Dignity and Justice Fund and bring additional resources to this collective fight.”

Google: Android Apps Must Provide Privacy Information By April 2022

 


Some days back Google has announced that the company is about to launch its Google Play ‘Safety Section’ feature that will provide information regarding the data collected and used by an Android app. Now Google has announced more details about the upcoming feature. 

Under the new policy app developers have to share the details — what information apps collect, how collected data is used, and what privacy/security features the apps utilize. The upcoming feature can be used in the first quarter of 2022, this feature will display on the app itself. 

With the feature, customers will be able to see all security-privacy relating information including what data is shared with third parties, whether an app uses data encryption, follows Google's Families policies, or whether it has been independently audited against global security standards. Following the announcement, Google will also provide the timeline to App developers — when they will be able to submit information, and when customers can see the Safety section, and it has also given the deadline for App developers to provide the info data. 

What is the timeline for App Developers? 

According to Google, the policy will take place in the first week of October 2021, the "App privacy & security" will display on an app's content page on Play Console. Then Developers will be able to attempt a questionnaire on data collection, security features, and the app's privacy policy. However, the whole procedure will complete in April 2022. 

What must be disclosed under this feature? 

• Encryption in transit 
• Deletion mechanism 
• Families policy 
• Independent security review and How data collected 

Some of the data types that app developers must disclose include personal information like user name, phone number, and email address, location data like users' approximate or precise location, financial info like user credit card number and bank account number, Health and fitness information, Storage like files and docs, emails or texts, audio files like sound recordings and music files, calendar information, App performance like crash logs and performance diagnostics, and Identifiers like device id.