Jump to content

Search the Community

Showing results for tags 'ios'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 255 results

  1. iOS 14’s Best Privacy Feature? Catching Data-Grabbing Apps Apple's new operating system hasn't been released to the public yet, but its new permission notifications are already shaming developers into cleaning up their acts. Photographer: Nelson Ching/Bloomberg/Getty Images With every iOS update, users gain more controls over what data that app developers can collect about them. The new iOS 14 is no different, except for one thing—it hasn’t even left beta, and its privacy features are already causing havoc for major app developers. Privacy notifications, which pop up whenever an app accesses the microphone, camera, or clipboard, are responsible for many apps’ dubious data-collecting behaviors being outed in the past few weeks. It’s just one privacy feature in a laundry list of new privacy-preserving features on iOS 14, which include requiring developers to declare what data they collect on their app; giving users the ability to choose whether they share their approximate location with an app instead of their precise location; and requiring developers to get users’ permission if they want to track them for advertising purposes. But of all these additions, it’s the privacy notifications which have been causing chaos for app developers. It has been ratting out apps left and right ever since the beta was released back in June. Last week, Instagram became the latest app to be called out by iOS 14’s privacy notifications feature after users began noticing that the green light indicator—which alerts users that the camera has been activated—kept turning on—even when the camera was not in use. Addressing the behavior, Instagram said that the activation of the camera was just a bug and that it was being triggered by a user swiping into the camera from the Instagram feed. TikTok, LinkedIn, and Reddit have all so far been caught out by the new privacy notification, with users noticing that they were receiving alerts telling them that the apps were copying content from other apps every few keystrokes. All of them resolved to fix the issues. While Reddit blamed the behavior on a bug, TikTok said it was copying clipboard data as an antispam measure. LinkedIn said it copied clipboard data to perform an equality check between what the user was typing and what was in their clipboard. Apple is able to detect this behavior whenever an app accesses the camera, microphone, or clipboard because all apps have to communicate with Apple’s API. “Functions like the clipboard and microphone need to be accessed through the operating system. [Apple] can check whether the access was initiated by the user via a UI selection or were being performed unprompted by the application,” says Arosha Bandara, professor of software engineering at the Open University. Researchers have warned of several major apps storing clipboard data for a number of years, but the iOS 14 beta makes the behavior public for everyone to see for the first time. Security researchers Talal Haj Bakry and Tommy Mysk identified 53 apps that were found to be copying clipboard data without users’ consent back in March. “I believe that these privacy modifications are a huge step forward from a user perspective, because developers and Apple engineers knew about this before, but users didn't know about it,” says security engineer Anastasiia Voitova. “Now users can see, so it's making things transparent. Users can start asking questions.” Voitova says there are a few reasons why app developers may be collecting clipboard data. One of these reasons is for ad tracking purposes. “From an iOS perspective, I imagine there are quite a lot of apps that access the clipboard,” says Aidan Fitzpatrick, founder of app data firm Reincubate. “I imagine there are quite a lot of apps that abuse what’s on the clipboard to boost engagement in their app or learn more about you.” Apps from game developer Popcap and Airbnb’s HotelTonight app, which had both been seen capturing clipboard data, told The Telegraph that it had traced the behavior back to tools from Google and product-testing firm Apptimize, which both have third-party vendor libraries. This hints that the clipboard copying is unintentional on the app developer’s side and could just be a side effect of lazy coding. Many app developers take advantage of third-party app libraries to improve their apps, for example. It’s sometimes why unintentional clipboard-copying can occur. “The libraries inside the app gather the same permissions as the application itself, but developers often don't read the code of third-party libraries,” explains Voitova. “A developer might have really good intentions, but some libraries that they use can misuse permissions to do something bad.” There are, of course, also legitimate user experience reasons for why an app might want to access your clipboard without your permission. A delivery app, for example, might want to automatically paste a tracking number into the text field upon opening the app. But for the apps which are maliciously capturing clipboard data or using the microphone, these privacy notifications and light indicators could get them to change their dodgy behavior. The iOS 14 privacy notifications, for example, have already pushed TikTok, LinkedIn, Reddit, and Instagram to announce that they will code out the bug or stop the behavior altogether. Vice admitted that its Vice News app, which was flagged by Haj Bakry and Mysk, that it didn't even know their apps were accessing the clipboard until the iOS 14 beta was released. Still, it’s wise to remember that most permissions abuse happens on Google’s Android operating system. Last year, researchers from the International Computer Science Institute found that up to 1,325 Android apps were gathering data, despite the researchers' apps denying them permission to access that data. But whether Google decides to implement privacy notifications, however, is a different story. The company has not said whether it intends to implement a similar feature in the future, but recent versions of Android have been giving users more information about the data that apps collect. Maximilian Golla, a security researcher at the Max Planck Institute for Security and Privacy says that the business model on Android is different from iOS. “I wonder whether the app developers really want to change this, or Google really wants to implement such a feature, because they depend on this kind of tracking,” he thinks. “Google makes its money from Google AdSense, and I would be surprised if Google implements such a tracking notification.” So while privacy notifications are having the unintended consequence of forcing developers to change their tracking habits, this transparency culture shift might only occur on iOS. Ultimately, Fitzpatrick thinks that these privacy notifications are eventually going to flush tracking behavior out of iOS apps. “Either they're going to stop doing it or they're going to have to explain why,” he says. iOS 14’s Best Privacy Feature? Catching Data-Grabbing Apps
  2. Microsoft's Family Safety app exits preview, now generally available Microsoft announced the Family Safety app back in March when it rebranded Office 365 subscriptions to Microsoft 365. The Redmond firm began taking sign-ups for a preview and the preview became available to those users in May. Now, after a couple of months in testing, the company has announced that the service is being made available to Android and iOS starting this week. The app – as the name suggests – lets users keep a tab on family members and their digital usage. It lets users set screen limits, restrict access to certain websites for children, and even keep a tab on members’ whereabouts through location sharing. In addition to these, parents can also choose to receive weekly activity reports to monitor not just usage stats, but also the content that they are consuming. In addition to the usage reports, as mentioned earlier, parents can set app limits for children, limiting the time that they spend on games and the like. The firm has also added the ability to block certain apps. As for web browsing, parents can also ensure that adult content is blocked, and web search filters are applied for searches using the Edge browser. This works on Windows, Xbox, and Android. Along with content moderation and usage limits, the Family Safety app also lets parents avoid accidental and unwanted purchases since they can enable purchase requests. The feature allows for parents to approve requests that are served via email when family members or children initiate a purchase. Lastly, location sharing in Family Safety lets users “stay connected in the real world” when it is safe to go out. Users can also set favorite locations such as Home and ensure that members are “safe and sound”. The company is also working to bring location alerts to the app, a feature that alerts users when a family member enters or leaves a specific location. Another feature that will also be making it to the tool is ‘drive safety’, a functionality that will “help to build better habits behind the wheel with insights on driving behavior”. Not much else is known about the feature. While most of the features are available for Android, Windows, and Xbox users, the ability to set app limits and search filters will make it to iOS in the future. It must also be noted that SafeSearch and other web controls can be enforced on the Microsoft Edge browser on Android, Windows, and Xbox and will need users to be logged in to their Microsoft account. While you can head to the Play Store on Android to download the app, the iOS version is still not live and should be made available soon. Microsoft's Family Safety app exits preview, now generally available
  3. How to take screenshots on your iPhone Quick and easy snapshots of your screen If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement. Photo by Vjeran Pavic / The Verge Screenshots are handy. You can use them to show your grandparent how to use a new app. You can use them to send a shot of that strange error message to your company’s IT department. You can use them to capture tweets — yours or someone else’s — before they disappear down the deletion black hole. If you’re using an iPhone, you’ll find that taking a screenshot is a very simple operation. Press the side button and the volume-up button simultaneously. (Note: if you have an iPhone that has a Home button, you need to press the side button and the Home button instead.) You’ll get a thumbnail image of your screenshot in the lower-left corner Tap on the image to make it larger. Icons in the upper-right corner let you delete it or share it. There will also be editing tools below that will let you add highlights or mark it up. Click on the plus sign in the lower-right corner and you can add text, a signature, arrows, or various shapes. When you’re finished, tap “Done” in the upper-left corner. You can save the image to Photos, Files, or delete it. After taking a screenshot on your iPhone, you can edit it. You can save your screenshot to Photos or Files. How to take screenshots on your iPhone
  4. Apple releases iOS 13.6 with a bunch of Apple News improvements Today, Apple is introducing iOS 13.6, iPadOS 13.6, macOS 10.15.6, watchOS 6.2.8, and tvOS 13.4.8 to everyone. They've been in testing since the beginning of June. For a minor update that's arriving while a major update is in beta, iOS 13.6 actually packs some new features. For one thing, it includes Apple's new CarKey feature that lets you unlock a car with your phone, but more importantly, there are a bunch of Apple News improvements, which the firm announced today. iOS 13.6, iPadOS 13.6, and macOS 10.15.6 will include audio stories for Apple News+. Starting today, Apple says that it's going to release roughly 20 audio stories every week from outlets like Esquire, Essence, Fast Company, GQ, New York magazine, Sports Illustrated, TIME, Vanity Fair, Vogue, Wired, the Los Angeles Times, and The Wall Street Journal. Note that this is exclusive to the paid Apple News+ subscription service. What's not exclusive to Apple News+ is Apple News Today, which is more or less a news show. It's an audio briefing that includes Shumita Basu and Duerte Geraldino that covers "fascinating stories in the news". Apple News Today is free for everyone, and it's available in the News app. The Cupertino firm also noted that it's lighting up the News app for CarPlay, so you can listen to all of this content while you're driving. There's also a big focus on local news, even if it's not available in a wide array of locales. For now, this is supported in the Bay Area, Houston, Los Angeles, New York, and San Francisco. The new curated local news will include local publishers, major newspapers, sports, dining, weather, and so on. If you're not in one of the above areas, you can still get local newspapers like The Charlotte Observer, the Idaho Statesman, The Kansas City Star, the Miami Herald, The News & Observer, and The State. These updates are available now to everyone. Note that if your iPhone doesn't support iOS 13, Apple did release iOS 12.4.8 today, although it doesn't include the new features. Apple releases iOS 13.6 with a bunch of Apple News improvements
  5. 8 iOS 14 features Google should bring to Android Apple and Google have both announced the next major version of their mobile operating system that's due to release later in the year. Google was the first to announce Android 11 with a focus on conversations, people, and privacy, and Apple followed suit last month with iOS 14 at WWDC 2020. While both iOS and Android are very mature operating systems at this point, there's still a feature disparity between them in some aspects. It is also quite common for both companies to take inspiration from each other for new features in their OS. For example, Apple added widgets support to the home screen in iOS 14, a feature that has been available in Android since its first public release. Similarly, the new screenshot preview interface in Android 11 is very similar to that of iOS. So, on similar lines, below is a list of features that I hope Google ends up adding to the next release of Android after taking inspiration from iOS 14. 1. Widgets Stack Apple might have taken its own time to add widgets support to the iPhone's home screen but in some ways, its implementation is superior to what Google has done in Android. Widgets Stack in iOS 14 will basically allow users to stack one widget on top of another. This way, they can have multiple widgets on their home screen but only have to make space for one. The stacked widgets in iOS 14 will automatically cycle depending on the location and time of the day to show you the most relevant widget. You can also cycle through them by swiping up or down. Widgets in Android are more powerful compared to Apple's implementation in iOS 14 since they are interactive, but Google needs to add the ability to stack them on top of each other to help boost their adoption. 2. Universal Search Ok, technically this is a feature that's a part of iPadOS 14 and not exactly new, but one that's still worth mentioning because of how useful it is. With Universal Search in iPadOS 14, you can search through your contacts, apps, app data, music library, web, and more. The Google app in Android had a universal search feature before Google got around to removing it for some reason. While at it, Google should also make it easier to trigger the search with a simple gesture as it works on the iPhone and iPad with a simple swipe down gesture on the home screen. 3. Digital Car Key How cool would it be if you could use your Android smartphone as your car keys? With iOS 14, Apple is basically making that possible by working closely with BMW. Starting next year, you can simply walk to your BMW car with the iPhone in your pocket and unlock it. Then, you can put the device on the wireless charger in the dashboard of the cabin and then proceed to start the car, all without needing the physical key. You can even share the car keys digitally over Messages with your friend or family and give them temporary access to your vehicle. The digital Car Key feature is going to be available for a number of BMW vehicles manufactured on or after July 1, 2020. Google will need to work closely with some car OEMs for this, but it would definitely be cool if the next version of Android is able to turn your smartphone into a digital car key. 4. Picture-in-Picture window resizing Picture-in-Picture is a feature that is already available on Android, long before Apple got around to adding it to the iPhone with iOS 14. However, Apple's implementation is better as it allows one to resize the PiP window to their liking. One can also dock the PiP window to the side and then bring it back on the display as per their requirement. In comparison, on Android, there's no option to change the PiP window size or dock it. 5. Ability to send voice messages Siri on iOS 14 can be used to send voice messages in the Messages app as well as in third-party apps like WhatsApp and Telegram. This might seem like a small feature but it can have a great usability impact for a lot of people as this essentially allows users to send a message without having to worry about Siri fumbling with the voice recognition part. Google Assistant might have better voice recognition than Siri but it lacks the ability to send a voice message to any contact. Since Google can update Assistant without having to update the entire OS itself, this feature might just make it to Android devices sooner than later. 6. Privacy-focused Chrome Apple has always focused heavily on privacy with its services and products. The company has added a new Privacy Report feature to Safari in iOS 14 thereby allowing users to easily see the cross-site trackers that have been blocked by the browser. Considering how widely cross-site tracking is prevalent in the advertising industry, this is a big move from Apple and shows just how much it cares about user privacy. The feature is also going to be available in Safari on macOS Big Sur. Since Google still generates a bulk of its revenue through advertisement, one can only hope that the company also gets around to adding a similar feature in Chrome for Android. 7. Mentions and Inline replies Messaging is one area where Android heavily lags behind iOS. Despite multiple messaging apps and services from Google, Android still does not have a true iMessage replacement. The RCS-backed Messages app is gaining traction but it still feels a bit too late to the game and its adoption outside of the United States has been slow. In iOS 14, Apple is further improving iMessage by adding support for @mentions and inline replies. Despite launching later than iMessage, the Messages app/RCS still lacks these features despite them being present in almost every other third-party messaging app. 8. Approximate location access Google has introduced a number of privacy-focused features in Android 11 but in many ways, the company is still playing catch up to what iOS offers. In iOS 14, Apple has again taken things to the next level by allowing users to provide apps with their approximate location instead of their exact location. This way, when an app requests your location in iOS 14, you have the option of only providing it with an approximate location instead of your exact location. Similarly, iPhone users in iOS 14 can provide an app with access to only selected photos in their media library or contacts instead of providing them with access to all their data. Google has made great improvements to the privacy model in Android with the last two releases of the OS, so here's hoping the company follows Apple in adding similar features to the next version of the OS. There are actually quite a few other features in iOS 14 like App Clips and compact Call UI that Google should get around to adding or improving in the next version of Android, but the ones mentioned above are the ones I feel will have the biggest impact. One thing I must note here is that the beauty of openness of Android is that at least some of the features above can be replicated using third-party apps found on the Play Store. 8 iOS 14 features Google should bring to Android
  6. Microsoft Teams consumer features now rolling out in preview on iOS and Android Microsoft announced Teams for consumers back in March along with Microsoft 365 Personal and Family. The new version for consumers lets users link their personal accounts to Teams and use the app to collaborate with and manage personal contacts through features such as shared files, task lists, and more. Today, the company announced new features to the app that brings more consumer-facing features. The features are rolling out in preview for Android and iOS users. The company says that it aims to make Teams a “central hub for individuals, groups, and families to collaborate and stay connected and organized”, negating the need to use multiple apps to collaborate and manage work and personal lives. The features coming to the app include text, chat, and video calling with personal contacts, a unified dashboard for groups and one-to-one chats that summarizes a list of shared items such as task lists, calendars, media, and more, file and location sharing, and a Safe to store and share important information with the family. First up is the text, chat, and video calling features. As the name suggests, these features let users chat with and call friends and family members through one-to-one or group calls. These chats can be used to share files, media such as photos, videos, GIFs, and even location. These options make it a more informal experience, which the firm calls “fun features”. In addition to the calling and chatting features, the app includes a dashboard for both, one-to-one and group chats. The dashboard serves as a unified location to share and view lists, user locations, events in the calendar, and more. Members of a group can also assign tasks to other users in the lists in the dashboard. The company says that it is a “great way to pick up conversations or projects where they left off”. The dashboard is more useful for groups, but the addition of media history will also benefit one-to-one chats. Since Teams ties in with Microsoft 365 apps, users can also share Office documents such as Word and Excel files directly to groups or contacts. These files can also be accessed across devices as they are stored in OneDrive. The app lets users share their current location with the groups. Lastly, the app is also getting a Safe feature which is a secure location to store and share sensitive information such as Wi-Fi passwords, login information, or more. Content in the safe can be shared with groups and is end-to-end encrypted. These consumer features are gradually rolling out in preview to Teams users on Android and iOS. Those that use Teams can add their personal Microsoft accounts via the settings in the app. Others can download the app and try signing up with their personal account. However, since the consumer features are still in preview, not everyone will be able to sign up without a work account already set up. The Redmond giant says that it plans to make these features generally available later this year, including for the web and desktop clients. Microsoft Teams consumer features now rolling out in preview on iOS and Android
  7. Twitter starts rolling out audio tweets on iOS No word on when the feature will come to Android Twitter is rolling out the ability to record audio snippets and attach them to your tweets. The new feature is available first on iOS and launching today for “a limited group of people,” according to the company. “Sometimes 280 characters aren’t enough and some conversational nuances are lost in translation. So starting today, we’re testing a new feature that will add a more human touch to the way we use Twitter — your very own voice,” Twitter’s Maya Patterson and Rémy Bourgoin wrote in a blog post. If you’ve got access to it, you’ll see a new waveform icon beside the camera icon when composing a tweet. Tap that, and a red record button appears at the bottom of the screen, which you can tap to start recording your message. “Each voice tweet captures up to 140 seconds of audio. Have more to say? Keep talking. Once you reach the time limit for a tweet, a new voice tweet starts automatically to create a thread,” Twitter said. Audio can only be added to original tweets, according to this help page, so you can’t include them in replies or retweets with a comment. Another minor thing to note is that whatever your profile picture is when you record an audio clip will always be attached to that audio tweet. “Your current profile photo will be added as a static image on your audio attachment and will not refresh if you update your profile photo,” Twitter says. You can listen to audio tweets by hitting the play button. On iOS, Twitter says a dock will appear near the bottom of the app so you can listen to audio tweets and continue scrolling through your timeline. They’ll also keep playing in the background if you switch to another app. Audio tweets could pose new moderation challenges for Twitter, and it’s also important to remember the accessibility factor here. The Verge asked Twitter for more details on how it will make it easier for people who are deaf or hard-of-hearing to access these audio tweets. In an emailed response, a spokesperson said “this is an early test of audio for us and we’re still exploring the best ways to meet the needs of people with different abilities.” Update June 17th 2:25PM ET: The original article has been updated to include a comment regarding accessibility from Twitter. Twitter starts rolling out audio tweets on iOS
  8. Google Meet arrives in Gmail for iOS and Android as a giant new tab Google latest Meet push heads to mobile Illustration by Alex Castro / The Verge Google is taking another step toward its Meet integration with Gmail today, bringing the videoconferencing service directly into Gmail for iOS and Android. Gmail mobile users won’t need the dedicated Google Meet app to join meetings, and Google has decided to include Meet as a separate, and rather large, tab at the bottom of the main Gmail interface. If you don’t want Meet to appear as a tab, then you’ll have to turn off the Meet integration in the settings menu. Google made Google Meet free for anyone at the end of April, and it has wasted no time integrating the service into Gmail ever since. In the coming weeks, iOS and Android users of Gmail will find the new Meet tab to quickly join meetings. Google has really been pushing Meet as part of Gmail, with giant blue buttons appearing inside new Google Calendar entries. This new mobile integration is the latest attempt to go head-to-head with Zoom, the videoconferencing app that has soared in popularity during the stay at home era. Both Google and Microsoft have been chasing Zoom’s success, with new features and free services aimed at winning over Zoom users. Google Meet arrives in Gmail for iOS and Android as a giant new tab
  9. Etsy’s iOS app now lets you preview art on your wall through augmented reality A long time coming Etsy Etsy is giving iOS users the ability to see what art will look like on their wall before they buy it. People can pull up any painting, photograph, or print that’s available on Etsy and project it wherever they want through augmented reality. If an item is available in different sizes, those can be selected and previewed, too. This works on both iPhone and iPad, and the company says it hopes to make the feature available to Android users “as soon as possible.” Virtual decor or furniture has been a promising area for AR, and other companies have already launched features that take advantage of the technology. Ikea first debuted its AR functionality in 2017 with its app Ikea Place. Target also launched its own feature on its mobile website, as did home decor provider Houzz with its mobile app. These applications all came out around the same time thanks to iOS 11’s ARKit feature. While many of these apps have existed for iOS for years, some of the first AR furniture apps popped up for Google Tango devices with Wayfair and Lowe’s Home Improvement creating apps for Tango phones in 2017. Google has since focused on its ARCore feature that’s available on all recent Android phones. The technology, which was updated last year, allows for virtual furniture placement as well as other AR experiences. All of this is to say that Etsy’s AR feature has been a long time coming, and it’s disappointing the company can’t make it immediately available to Android users. It’ll likely be a useful feature for anyone who has access and will make use of one of the most practical applications for AR. Etsy’s iOS app now lets you preview art on your wall through augmented reality
  10. Microsoft's Office app on iOS updated with HEIC support for file transfers and more Microsoft announced a unified Office app for mobile devices back during its Ignite conference in 2019. The app was then made generally available for Android and iOS in February 2020. It serves as a unified solution for not only working on Word, Excel, and PowerPoint files, but also for PDF files, and provides other functions such as the ability to transfer files between the PC and mobile devices. The iOS version of the app is receiving an update today that brings with it a few new features. These include the addition of support for HEIC (High Efficiency Image File Format) files in the file transfer feature, a Dictate feature for typing using users’ voice in Word files, and a multi-select option for images in the ‘Media’ tab in the app. The addition of support for HEIC files was made available to Insiders earlier this month. Here is the full changelog: Media Tab Multi-Select: The images in the media tab can be multi-selected to do interesting actions. HEIC File Transfer: Adds support for HEIC files in the file transfer action of the Office app. Type with Your Voice: Select Dictate and watch Word type while you talk. The features being added are minor and improve the usability of the app for iOS users. The Dictate feature is a welcome addition for those that use accessibility options on Word. It would also be a handy tool for when users want to quickly transcribe content into text for a document. The HEIC file support is also a nifty addition since iOS devices use this format for images. iOS users can head to the App Store to download the Office app or to check for updates. It is possible that the update will not be offered to all users right away, but it should make it to all devices in the next few days. Microsoft's Office app on iOS updated with HEIC support for file transfers and more
  11. iOS 14 could get native call recording for phone and FaceTime calls Apple will hold its virtual WWDC event starting June 22, and during the event, it is expected to unveil the next major iOS update, iOS 14. Some features and changes that might make it to the update have leaked in the past, which include a new all apps screen, a new multitasking UI for iPhone, and the ability to experience parts of an app without installing it. Image: ITHome Another feature that might also make it to this release is a call recording feature that will let users record both, phone calls and FaceTime calls. A leaked engineering image accessed by the jailbreak community (via ITHome) provides a look at the settings page for the said feature. The page lets users simply turn on or off the ‘Audio Call Recording’ feature. Once turned on, it will record both incoming as well as outgoing calls automatically. Additionally, the screenshot suggests that the Cupertino giant will include verbiage that asks users to notify recipients when calls are being recorded and also cautions users from letting others use their phone when the feature is enabled. It is not clear if the firm will go one step further and add a form of audible indicator to notify the recipients of the call. iOS 14 will reportedly be supported on all current iOS 13 devices. It will be interesting to see what other features make it to the release, considering that the company is said to be pushing back some features for iOS 14 owing to the buggy release of iOS 13 and its efforts to make the update more stable. iOS 14 could get native call recording for phone and FaceTime calls
  12. Apple releases iOS 13.6 beta with more automatic software update controls Today, Apple is releasing what it's calling the second developer beta of iOS 13.6 and iPadOS 13.6, even though the first one was called version 13.5.5. It also comes alongside macOS Catalina 10.15.6 beta 2, and the first betas for watchOS 6.2.8 and tvOS 13.4.8. There are two key new features coming in iOS 13.6. One is that users will now have more control over automatic software updates in Settings. As it stands right now, the OS will automatically download updates, and then you can set whether or not you want them to install overnight. With version 13.6, there will be two separate settings, one for automatic downloads and one for automatic installations. The other new feature is that HealthKit is getting new data types to track symptoms like headaches, chills, sore throat, and more. The change in version number isn't unprecedented. The exact same thing happened with the last update. The only difference was that during that beta cycle, a pandemic happened, so Apple had to add a new contact tracing API, requiring the use of a new SDK. Presumably, the new HealthKit data types require the same thing. Apple releases iOS 13.6 beta with more automatic software update controls
  13. Signal can now transfer your chat history to a new iPhone Transmitting your data directly between iOS devices Signal’s new transfer feature in action. Image: Signal Encrypted messaging app Signal now lets you transfer your account data, including your conversation history, to a new iPhone or iPad from your existing iOS device. The feature rolled out in the app’s version 3.9.1 update last week, but the company formally announced the new feature in a blog post published on Tuesday, which also outlines the steps of how the process works. “This is the first time that upgrading to a new device without losing any information has been possible on iOS,” according to Signal. The new process is an attempt to find a balance between convenience and security. The process works via a QR code, which your new device generates and your old device scans. Then, your devices establish a direct Wi-Fi connection (or Bluetooth if Wi-Fi isn’t available), and transfer your data through your local network without the data ever passing through a third-party cloud server. Because the transfer happens locally, even large transfers can be completed quickly, Signal says. Secure messaging apps like Signal typically store conversations only on local devices because of the risk of compelled decryption. But this has created a long-standing problem of how to transfer logs between devices without potentially exposing all the conversations a given user has had. WhatsApp, for example, can back up your chat history to Google Drive or iCloud depending on your device, but it warns that these backups currently aren’t protected by its end-to-end encryption. iMessage backups work in a similar way: they’re encrypted if you choose to back them up to Apple’s iCloud servers. But Apple currently holds keys to those backups, and it often provides decrypted backups to law enforcement in response to valid warrant requests. Signal’s new iOS transfer feature attempts to offer convenience, while still keeping keys in the hands of users. The connection between the two devices is end-to-end encrypted, and the app will use a variety of checks to make sure it’s only receiving the data it’s expecting. Once the process completes, you should be left with a more or less identical app on the new device. Signal users on Android have been able to transfer their data between devices for a little while now, but the process is more convoluted and relies on you having to manually move an encrypted local backup between the internal storage of your Android devices. The new QR code-based transfer is not currently available on Android. There are important caveats with how the new feature works that you should be aware of. The first is that you’ll need your old device if you want to transfer your Signal data from it. In other words, if you wipe your Signal data from your old phone before setting up a new one, then you’ll lose your message history. The feature also doesn’t work between iOS and Android. This is just the latest feature that Signal has introduced that helps users transition between devices. Last month, the messaging service introduced PINs — which let you encrypt data like profile information, account settings, and who you’ve blocked — and back it up to Signal’s servers so you can restore it on a new device. Crucially, however, the functionality doesn’t let you back up conversations, unlike the new iOS transfer feature. Signal can now transfer your chat history to a new iPhone
  14. Microsoft To Do for iOS gets updated with new features and improvements Microsoft has released a new update for the To Do app for iOS users. The update brings new features and improvements to the app. The latest update includes the new planned view that allows users to group tasks by the due date as well as by all available lists. Microsoft released the new planned view to Android users earlier last month and it's rolling out to the iOS app as well. Apart from that, the update allows users to sort both completed and current tasks depending on their preference. Lastly, it also includes bug fixes and improvements. Here's the full changelog: You asked for it and we got it for you; the improved and better, planned view! You can now group your tasks by the due date as well as by all available lists. Now, with a new all planned filter option, you see all your planned tasks at the same time. In this release, sorting has been made more convenient. You can sort both completed and current tasks as per your selected sorting order. There are a couple of bug fixes in this version to provide you with a smooth experience. Earlier this week, Microsoft also updated the To-Do app for Android users with the following features: You asked for it and we got it for you; the improved and better, planned view. Now, with a new all planned filter option, you see all your planned tasks at the same time. To make your task management better, we have improved the widget to show overdue tasks in red. The whole behavior is consistent with the app There are a couple of bugs and crash fix in this version to provide you with a smooth experience. Microsoft recently released a major update for the To Do app for Windows 10, Android and iOS users. The update brought new features including updated today and week view, ability to print lists, and more. The latest update bumps the app to version 2.19 and can be downloaded from the App Store. The Android update can be downloaded from the Google Play Store. Microsoft To Do for iOS gets updated with new features and improvements
  15. Slay the Spire, the decade’s best deckbuilding game, coming to iOS in June Android version also teased; exact June release date for $10 game coming soon. 44 with 36 posters participating, including story author Slay the Spire's success story is a remarkable one. As one of thousands of games to land on Steam in 2017, this fusion of roguelite progression and "deckbuilding" mechanics, made by a heretofore unknown development team out of Seattle, managed to become a phenomenon due entirely to word of mouth. The game has since surpassed its "2.0" milestone and climbed the download charts on Xbox One, PlayStation 4, and Nintendo Switch. Yet the game has stayed an arm's length away from smartphone platforms this whole time, in spite of being built primarily using libGDX, a flexible, open source development framework with smartphone-specific hooks. That changes this month, as the development team at MegaCrit ironically used its Steam community page on Wednesday to announce Slay the Spire's next platform: iOS. First image of article image gallery. Please visit the source link to see all 6 images. The game's first smartphone port will launch at $9.99 "this month," according to the developers at MegaCrit, with an exact date likely coming during the upcoming Guerrilla Collective game reveal stream, currently scheduled for June 6-8. ("You should try to tune in" on the event's first day, June 6, according to MegaCrit's latest update.) That price will include every single feature included in the game's existing versions on PCs and consoles—with MegaCrit acknowledging, via a joke about "anime mods," that it won't include Steam Workshop features. Though the post acknowledges plans for an Android port, MegaCrit wasn't ready to estimate when fans should expect that one; "we took the decision to launch the iOS version first." If you're wondering what the StS hubbub is about, consider this comment from our last feature on the game, which included a lovely interview with MegaCrit's staff about the game's genesis. As Ars commenter digital0verdose wrote in 2019: I must have watched half a dozen or so videos on this game trying to understand the appeal. Finally I just downloaded a copy to get my head around what I was missing and within a short period went and bought a copy on Steam. This, for me, was one of those games whose appeal only really came through with hands on play. StS was a fun game whose repetitiveness was not as tiring as I initially expected. Definitely a good purchase and I recommend it to those who, like me, are not really into card based games as you may be surprised. Wednesday's announcement includes a mere two screen shots, but they're enough to confirm what we've assumed for some time: that StS's card-based gameplay will translate neatly to a smartphone's touch interface. (And thank goodness; I for one am tired of using makeshift solutions like Steam Link or Xbox Game Streaming to run the game on my phone, as both of these require a gamepad of some sort.) And the StS iOS timing is perfect, as another contender to the deckbuilding-adventure throne, Monster Train, has been getting our attention (and racking up our play time counters) since its May 21 launch on Steam. Ars War Stories: Slay the Spire. Listing image by MegaCrit Slay the Spire, the decade’s best deckbuilding game, coming to iOS in June (To view the article's image gallery, please visit the above link)
  16. 5 handy things iPhone VPN apps can do Avoid those geo-blocks, save cash and much more besides (Image credit: Future) You’ve no doubt heard of virtual private networks (VPNs), but may not know what they actually are and how handy they can be - especially where your iPhone is concerned. Whether it’s curbing location blocks to watch the latest Netflix shows not available in your part of the world, getting access to better deals or simply improving your smartphone's security, here are just a sample of the useful things you can do with iPhone VPN apps. 1. Get around geo-blocks One of the best things about VPNs is that they allow you to work around geo-restrictions. So if you want to watch a Netflix show or access a website and find out it’s not available in your region, VPNs can help give you full access. They work by 'spoofing' your IP address so that the content provider effectively thinks you're somewhere else in the world altogether. So if you know there's a show on US Netflix you want to binge on, but you're north of the border or in another country altogether that doesn't have it in their catalogue, turning on your Netflix VPN will convince your iPhone that it's back in the US - letting you watch as if you were back on your sofa. The same goes for Amazon Prime, BBC iPlayer and pretty much every other streaming service you can think of. What’s more, having a VPN on your iPhone will also enable you to curb geo-blocks if you visit a country like China or Russia that has strict censorship laws. In many parts of the world, popular websites and apps (such as Facebook and YouTube) are blocked and can’t be accessed unless you’re able to conceal your IP address. ExpressVPN, in particular, boasts custom traffic obfuscation to improve connectivity in these countries - so no surprise that it tops our charts for the best China VPN. 2. Secure public Wi-Fi Many of us use public Wi-Fi networks, although what you may not realise is that they’re often insecure and can potentially allow hackers to compromise your device. But VPNs will encrypt your internet data, mitigating threats from cyber criminals. Lots of mobile VPN apps, including those from NordVPN and IPVanish, actually come with auto-connect features that automatically kick in when they find an untrusted connection. While Apple’s iPhones have typically been praised for being secure, that doesn’t mean they’re safe from all threats and the App Store isn't immune from being struck with apps riddled with malware. Downloading a VPN app on your iPhone will give you another layer of protection. 3. Improve your download speeds While some VPNs have been criticized for slowing down your connection, those with fast servers can actually improve the performance of your device - we've seen it with our own eyes during our testing. In fact, when we tested the IPVanish app for iPhone, we saw improved download speeds of 15% over long distances! For shorter distances, results were faster again. A lot of VPNs also offer the ability to stop bandwidth throttling (when your ISP purposely slows down your connection), giving you a smooth browsing experience. 4. Get an improved gaming experience If you use your iPhone for playing games, then downloading a VPN app is a good shout. The best gaming VPNs can ensure a smooth gaming experience by automatically connecting to faster servers, provide access to games wherever you are in the world, ensure that DDoS attacks don’t knock you offline when you’re in the middle of a game, get around geo-restrictions that may affect multiplayer games and encrypt your data. And remember, if you're a big gamer on desktop as well, most VPN providers allow you to use your subscription on five devices or more. While Surfshark goes even further by letting you use one account for unlimited gadgets. 5. Get things cheaper Ever been frustrated to find out that a really attractive deal isn’t available in your country - maybe it's cheaper to purchase software, a game or even holidays in other regions. As VPN apps enable you to alter your location, you can often save money when shopping for online goods, flight tickets and hotels and get the best deals possible. These apps effectively give you more choice. It’s easy to think of VPNs as something only relevant to tech geeks. However, the reality is that they’re incredibly useful for anyone using connected devices. If you’re an iPhone user who wants to ensure maximum security and be in control of what you can assess online, then an iPhone VPN is the way to go. 5 handy things iPhone VPN apps can do
  17. Microsoft Teams for iOS gets raise hand feature and more in the latest update Microsoft has released a new update for Teams for iOS users. The update brings new features and improvements for the app. With the new update, iOS users can access files, org charts, and other features from the 'More' option at the bottom. The new update allows adds the ability to invite participants using an invite link. Microsoft has also added support for the raise hand feature which was rolled out to the Teams desktop app last week. Lastly, the update now enables users to add files and folders to channels. Here's the full changelog: Access files, org charts, and other features from "More" in the bottom bar of the app Invite people to your meeting with an invite link Add files and folders to channels Raise a virtual hand during a meeting to let others know you want to speak Bug fixes and performance improvements Microsoft has recorded a rise in Teams usage since the start of the coronavirus pandemic. Last month, Microsoft revealed that the service was used to make more than 2.7 billion minutes of calls on March 31 alone. The Redmond giant still has features planned to make working from home easier for Teams users. The upcoming features include AI-powered noise suppression, 250 participant limit in group chats, and more. The latest Microsoft Teams update is rolling out to the iOS users and can be downloaded from the App Store. Microsoft Teams for iOS gets raise hand feature and more in the latest update
  18. If an iOS 13 bug is stopping your apps from loading, you're not alone "This app is no longer shared with you" (Image credit: Future) There's a new iOS bug doing the rounds, linked to the roll out of iOS 13.5 a few days ago: it prevents certain apps from loading, displaying the message "This app is no longer shared with you. To use it, you must. buy it from the App Store." As reported by 9to5Mac and others, the bug seems to be affecting a substantial number of users, though it's not clear exactly what fraction of the millions of iPhone and iPad users out there have had problems. While Apple has yet to weigh in on what's happening, it seems as though the issue is at Apple's end – a blip in the iCloud servers is probably causing some apps to get flagged as unauthorized, though that's just speculation at the moment. If that is the case, the silver lining is that Apple should be able to patch up the problematic code without having to roll out another software update. If Apple responds with news that the bug is patched, we'll let you know here. What's gone wrong – and how to fix it At this stage it looks unlikely that there's anything wrong with your device or your iCloud account, if you've had the misfortune to see the error message on your iPhone or iPad. The theory that the iCloud Family Sharing service is to blame is one doing the rounds. If you see the bug showing up on your screen, the best course of action appears to be to uninstall and then reinstall the offending app. That should be enough to reestablish your credentials and get everything working again. However, with the problem seemingly affecting apps at random, it's a huge inconvenience for anyone who owns one of Apple's expensive portable devices – so a fix would be appreciated sooner rather than later. Next month we're expecting to hear all about what Apple is planning for iOS 14 when it rolls out later in the year. Let's hope the launch of the next version of Apple's mobile operating system is free from glitches and errors. Here's everything you need to know about the iOS 13.5 update Source: If an iOS 13 bug is stopping your apps from loading, you're not alone (TechRadar)
  19. HandyPAF

    3uTools 2.39

    An All-in-One Tool for iOS Devices 3uTools is an all-in-one tool for iOS devices that makes it easy to manage your device without the need to use iTunes. You can view detailed device information at a glance (including IMEI and serial number), uninstall apps, view and manage your photos/videos, create ringtones, import/export music, download wallpapers and ringtones, and more. 3uTools also enables you to flash and jailbreak your phone. The One-click jailbreak feature makes the jailbreak process so simple and easy. The program supports iOS flash in normal mode, DFU mode and recovery mode. In addition to managing your device content, 3uTools also includes a variety of utilities that include Real-Time Screen viewing, Icon Management, Data Migration, Video/Audio Conversion, Junk Removal, Backup and Restore, Photo Compression and more. The Most Efficient iOS Files & Data Management Tool 3uTools makes it so easy to manage apps, photos, music, ringtones, videos and other multimedia files. Fully view iOS device' s different statuses, including activation, jailbreak, battery and iCloud lock statuses, as well as detailed iOS & iDevice information. Numerous Apps, Ringtones and Wallpapers Various apps, distinctive ringtones and unique wallpapers are waiting for you to freely download and enjoy. Flash and Jailbreak Are Way Intelligent 3uTools can automatch available firmwares for iOS devices. iOS flashing in normal mode, DFU mode and recovery mode is supported. One-click jailbreak makes the jailbreak process so simple and reliable. More advanced features, including SHSH backup, baseband upgrade/downgrade etc. All-in-One iOS Helper Brings Useful, Delightful Features A collection of features are designed for iOS users, for example, data backup, ringtone maker, video converter, icon fixer, etc. ====================================================================== Home: https://www.3u.com/ Download: 109.27 MB http://url.3u.com/zmAJjyaa http://d.updater.3u.com/3utools/download/3uTools_v2.39.032_Setup.exe
  20. Why a small Facebook bug wreaked havoc on some of the most popular iOS apps Facebook’s near-ubiquitous SDK broke yesterday, taking major mobile apps with it Illustration by William Joel / The Verge Sometime around 6:30PM ET on May 6th, popular iOS apps from major companies like DoorDash, Spotify, TikTok, and Venmo suddenly starting crashing. The culprit didn’t remain a mystery for long. Developers on Twitter and GitHub quickly discovered the cause to be an issue with the software development kit (SDK) from Facebook, which is interwoven into the operation of countless mobile apps from companies large and small. The problem, while resolved rather quickly by Facebook, illustrates the scope of the social network’s platform and how even minor issues can have major ripple effects throughout the mobile software industry. “Earlier today, a new release of Facebook included a change that triggered crashes for some users in some apps using the Facebook iOS SDK,” a Facebook spokesperson told The Verge yesterday in a statement. “We identified the issue quickly and resolved it. We apologize for any inconvenience.” The Facebook SDK is a bundle of software tools for developers that helps power features like signing in with a Facebook account and providing share to Facebook buttons. So the issue was not unique to iOS; it could have happened to the Android SDK and, in this case, simply affected Apple’s platform. Yet Facebook didn’t exactly say what the issue was or how the new release of the SDK could have triggered the crashes. It also wasn’t clear why so many apps were so detrimentally affected, even when the user experiencing the crash didn’t log in with Facebook or even when the app itself didn’t make ample use of the SDK or rely on Facebook features. According to app developer Guilherme Rambo, the issue lies with the way Facebook markets its developer toolset. “Facebook really pushes developers into installing their SDK, likely because they want the very rich data they can collect on those app’s users. The SDK is offered as a convenience for both developers and marketing teams, since it can also be used to track the conversions of ads run through Facebook,” he explained to The Verge over email. (Rambo also has an analysis of his own posted to his website here.) For instance, he says, if you want to run an ad campaign for your mobile app through Facebook, the only way to get valuable insight into the campaign’s performance is to install the company’s SDK. “Another major reason is the infamous ‘sign in with Facebook’ we see in many apps, which can be implemented without using their SDK at all, but since using the SDK is more convenient, many companies end up going through that route instead,” he says. But if there’s an issue with the SDK, as was the case yesterday, then it has the potential to take everything down with it. Facebook pushed a server-side change to its SDK, which meant no developer had any say in whether their app would be communicating with the older, stable version or the newer broken one. And because an app communicates with the SDK every time it is opened by a user, the result was a cascading series of errors that led to full-blown app crashes. “The issue was that the SDK was expecting a server reply in a certain format, which on Wednesday, the Facebook servers were not providing,” wrote ZDNet’s Catalin Cimpanu, who cited technical analyses of the situation on GitHub and HackerNews. “Without the proper response, the Facebook SDK crashed, also bringing down all the apps that used it.” It also appears that, once affected, there was little any developer could do to restore service until Facebook fixed the issue on its end. Rambo says there should be ways to prevent this from happening, including developers deciding to implement sign-in with Facebook without using the company’s SDK. But other system-level protections are decisions Apple would have to make regarding the permissions it grants third-party SDKs. “The way it works today is if you install an app and that app includes third-party code (such as the Facebook SDK), that third-party code has the same level of permissions and access as the app itself does,” he says. “If you grant the app permission to access your location, contacts or calendar, the third-party code it embeds can also get that information. The only way to fix that would be to implement some form of sandboxing model that separates third-party SDKs from an app’s own code,” he adds. “It’s a big challenge, but I hope Apple’s engineers are working on something like that.” Apple did not respond to a request for comment. That said, developers did not seem especially pleased about the situation. “From what I’ve seen, developers are really frustrated about this, especially because the engineers who have to deal with these types of problems are usually not the ones who have decided to add such an SDK to the app they work on,” Rambo says. He adds that the decision to integrate with Facebook’s developer tools is usually a top-down decision, “many times from the marketing or product teams who only see the benefit of using those types of SDKs (more data, more analytics).” But those types of employees at tech companies “don’t see the enormous amount of engineering hours spent dealing with the problems they can cause in an app,” he says. “Crashes caused by SDKs in major apps are not that uncommon, but I’ve never seen something of this magnitude where an SDK affected so many apps at the same time. I’d say this was an unprecedented event and it shows that something must be changed in the way apps integrate third-party code.” Source: Why a small Facebook bug wreaked havoc on some of the most popular iOS apps (The Verge)
  21. Face ID doesn’t work when you’re wearing a mask—Apple’s about to address that Not every beta feature makes it to release, but this one seems likely. Enlarge / The TrueDepth sensor array on the iPhone. Samuel Axon 103 with 70 posters participating Apple's Face ID method for authenticating on recent iPhones offers a number of security benefits, and it's a neat trick to boot. But in a pandemic-stricken world where many people either opt to or are even required to wear protective masks, users have discovered that Face ID doesn't usually work when they need it to. Those masks interfere with the iPhone's ability to read your face, and at the moment, there's no easy solution. That might change with the next release of iOS. This week, Apple released the third beta of iOS 13.5, the next major feature release for its mobile operating system. Among other things, the beta introduces new Face ID behavior when users are wearing protective masks. Apple hasn't come up with some magical way to make the phone read your face through the mask, of course. Rather, the update fast-tracks you to passcode entry. Right now, raising the iPhone to use it results in a quick scan with the front-facing TrueDepth sensor array to allow you to access your files, messages, and apps. If your face is obscured, the lock indicator shakes and the phone vibrates, indicating there's a problem. After Face ID times out, you're then prompted to swipe up to get to the screen where you can enter your passcode instead. The iOS 13.5 beta skips a step. Now, it will give you the option to swipe up and enter a passcode without waiting on Face ID to finish failing. This is especially important for Apple Pay; contactless payments are a good way to minimize direct contact during the pandemic, but Face ID made them something of a hassle for mask-wearers. Apple hasn't said when iOS 13.5 will be finalized and released to the public, but it's likely not too far-off at this point, judging from past updates' timelines. Not every feature that shows up in an iOS beta gets included in the final release, but this one seems like a necessary change, so it's likely to make it to the finish line. iOS 13.5 will also introduce Apple's contact-tracing API, meant to help with efforts to tackle the coronavirus by tracking contact with people who are confirmed to be infected. Source: Face ID doesn’t work when you’re wearing a mask—Apple’s about to address that (Ars Technica)
  22. Apple releases iOS 13.5 beta 3 with contract tracing API Today, Apple is releasing the third developer betas for iOS 13.4.5, iPadOS 13.4.5, macOS 10.15.5, watchOS 6.2.5, and tvOS 13.4.5. Interestingly though, iOS 13.4.5 and iPadOS 13.4.5 have new versions. They're both version 13.5 now, and there's a good reason for the change. They now include the new contact tracing API that was announced a few weeks ago, and it can be used by health institutions. Normally, a bug fix update like iOS 13.4.5 would use the iOS 13.4 SDK. But being that there's a new API, that requires a new SDK, so that's where iOS 13.5 comes in. Other new features in the update include the ability to share songs, albums, and playlists from Apple Music to Facebook and Instagram. That's the only thing that's listed in the release notes. As for when these updates will be released, expect to see them within the next month. It's also possible that iOS 13.5 might take a bit longer than the rest since it does have this new API, but we're also just over a month away from WWDC, where the company will announce the next major software updates. Source: Apple releases iOS 13.5 beta 3 with contract tracing API (Neowin)
  23. A critical iPhone and iPad bug that lurked for 8 years may be under active attack Malicious emails require little or no interaction; exploits active since at least 2018. Enlarge ZecOps 45 with 26 posters participating A critical bug that has lurked in iPhones and iPads for eight years appears to be under active attack by sophisticated hackers to hack the devices of high-profile targets, a security firm reported on Wednesday. The exploit is triggered by sending booby-trapped emails that, in some cases, require no interaction at all and, in other cases, require only that a user open the message, researchers from ZecOps said in a post. The malicious emails allow attackers to run code in the context of the default mail apps, which make it possible to read, modify, or delete messages. The researchers suspect the attackers are combining the zero-day with a separate exploit that gives full control over the device. The vulnerability dates back to iOS 6 released in 2012. Attackers have been exploiting the bug since 2018 and possibly earlier. Enormous scope “With very limited data we were able to see that at least six organizations were impacted by this vulnerability— and the full scope of abuse of this vulnerability is enormous,” ZecOps researchers wrote. “We are confident that a patch must be provided for such issues with public triggers ASAP.” Targets from the six organizations include: Individuals from a Fortune 500 organization in North America An executive from a carrier in Japan A VIP from Germany Managed security services providers in Saudi Arabia and Israel A journalist in Europe Suspected: An executive from a Swiss enterprise Zerodays, or vulnerabilities that are known to attackers but not the manufacturer or the general public, are rarely exploited in the wild against against users of iPhones and iPads. Some of the only known incidents a 2016 attack that installed spyware on the phone of a dissident in the United Arab Emirates, a WhatsApp exploit in May of last year that was transmitted with a simple phone call, and attacks that Google disclosed last August. Apple has currently patched the flaw in the beta for iOS 13.4.5. At the time this post went live, a fix in the general release had not yet been released. Malicious mails that trigger the flaw work by consuming device memory and then exploiting a heap overflow, which is a type of buffer overflow that exploits an allocation flaw in memory reserved for dynamic operations. By filling the heap with junk data, the exploit is able to inject malicious code that then gets executed. The code triggers strings that include 4141...41, which are commonly used by exploit developers. The researchers believe the exploit then deletes the mail. A protection known as address space layout randomization prevents attackers from knowing the memory location of this code and thus executing in a way that takes control of the device. As a result, the device or application merely crashes. To overcome this security measure, attackers must exploit a separate bug that reveals the hidden memory location. Little or no sign of attack The malicious mails need not be prohibitively large. Normal-size emails can consume enough RAM using rich text format documents, multi-part content, or other methods. Other than a temporary device slowdown, targets running iOS 13 aren’t likely to notice any signs that they’re under attack. In the event that the exploit fails on a device running iOS 12, meanwhile, the device will show a message that says “This message has no content.” ZecOps said the attacks are narrowly targeted but provided only limited clues about the hackers carrying them out or targets who were on the receiving end. “We believe that these attacks are correlative with at least one nation-state threat operator or a nation-state that purchased the exploit from a third-party researcher in a Proof of Concept (POC) grade and used ‘as-is’ or with minor modifications (hence the 4141..41 strings),” ZecOps researchers wrote. “While ZecOps refrain from attributing these attacks to a specific threat actor, we are aware that at least one ‘hackers-for-hire’ organization is selling exploits using vulnerabilities that leverage email addresses as a main identifier.” The most visible third-party organization selling advanced smartphone exploits is Israel-based NSO Group, whose iOS and Android exploits over the past year have been found being used against activists, Facebook users, and undisclosed targets. NSO Group has come under sharp criticism for selling its wares in countries with poor human-rights records. In recent months, the company has vowed to serve only organizations with better track records. It's generally against security community norms to disclose vulnerabilities without giving manufacturers time to release security patches. ZecOps said it released its research ahead of a general release fix because the zeroday alone isn't enough to infect phones, the bugs had already been mentioned in the beta release, and the urgency created by the six organizations the firm believes are under active attack To prevent attacks until Apple releases a general-availability patch, users can either install the beta 13.4.5 or use an alternate email app such as Gmail or Outlook. Apple representatives didn’t respond to an email seeking comment for this post. Source: A critical iPhone and iPad bug that lurked for 8 years may be under active attack (Ars Technica)
  24. iOS 13.4.1 and iPadOS 13.4.1 are out with a fix for FaceTime Today, Apple released iOS 13.4.1 and iPadOS 13.4.1, introducing a few key fixes. The update is the 12th since iOS 13 and iPadOS 13 were originally released, and they're not the last either, with version 13.4.5 currently in beta. Both updates have a handful of key bug fixes. For one thing, there was an issue that causes iOS 13.4 devices from being in FaceTime calls with users on iOS 9.3.6 and earlier, and OS X El Capitan 10.11.6 and earlier. This was resolved on both iOS and iPadOS. Another fix for both platforms is for a bug with choosing Bluetooth from the quick actions menu, causing it to fail. Finally, there's one fix that's exclusive to iPadOS, and more specifically, the fourth-generation 12.9-inch iPad Pro and second-generation 11-inch iPad Pro, fixing an issue that caused the flashlight to not turn on when it was accessed through Control Center. These updates do not include any security fixes, at least according to Apple. iOS 13.4.5 should be the next update, and that will likely arrive in a few weeks or so, followed by betas for iOS 14 and other major updates after the WWDC keynote in June. Source: iOS 13.4.1 and iPadOS 13.4.1 are out with a fix for FaceTime (Neowin)
  25. Video calling app Zoom's iOS version is sharing user data with Facebook Even if you don't have a Facebook account (Image credit: Shutterstock) Zoom's video calling service has been available for a while now but the unprecedented number of people working from home during the coronavirus pandemic has skyrocketed the app's popularity. However, research conducted by Vice's tech branch, Motherboard, has revealed that Zoom's iOS app has been secretly sharing analytical data with Facebook, even if the user doesn't have an account on the social media platform. The data being shared includes time the app is launched, device and location information, phone carrier, and analytical data that can be used to create targeted ads. Too much information The reason Zoom is able to share user data with Facebook, even if there's no linked social media account, is because the video calling app uses Facebook's software development kits (SDKs). So, when Zoom is downloaded and launched, it immediately connects to the Facebook Graph API. This is not a new practice: developers have long used Facebook SDKs to add features to their apps, although Facebook's terms of use require app makers to inform users of these data sharing practices. While Zoom's privacy policy mentions that the app may collect data related to a user's Facebook profile which may then be shared with third parties – although Facebook is not explicitly mentioned as a third party – there's no clear indication it will be doing the same for users who do not have a Facebook account. Not the first time Zoom does have a history of privacy issues. In 2019, a security researcher unearthed a bug that allowed webcams of Zoom users to be hacked without their knowledge, although the company has said that the issue has been resolved. Other recent news related to video chat security involves a man exposing himself in front of children on a video call after he was able to "guess" the link to the call. While this was not on a Zoom call (instead on an app called Whereby), TechCrunch reported last year that it was possible to hijack a Zoom meeting by "cycling through different permutations of meeting IDs in bulk". This was possible as the meetings weren't protected by a passcode. The Electronic Frontier Foundation (EFF) recently explained how a host on a Zoom call can monitor the activities of participants while screen-sharing. If users record the video call, then Zoom administrators are able to "access the contents of that recorded call, including video, audio, transcript, and chat files, as well as access to sharing, analytics, and cloud management privileges". While the old security issues have since been resolved by Zoom, this new discovery highlights how simple technological solutions can sometimes come at the cost of privacy. Source: Video calling app Zoom's iOS version is sharing user data with Facebook (TechRadar)
×
×
  • Create New...