At the Black Hat conference today, Apple announced that it is greatly expanding its existing bug bounty program to include macOS, tvOS, watchOS, and iCloud. It will include rewards of up to $1 million for a zero-click, full chain kernel code execution attack.
Apple Pay has a slew of protective features that make it a secure method of online credit card transactions. And since 2016, third-party merchants and services have been able to embed Apple Pay into their websites and offer it as a payment option. But at the Black Hat security conference in Las Vegas on Thursday, one researcher is presenting findings that this integration inadvertently introduces vulnerabilities that could expose the host website to attack.
To be clear, this isn't a flaw in Apple Pay itself, or its payment network. But the findings illustrate the unintended issues that can emerge from web interconnections and third-party integrations.
Researchers on Wednesday during Black Hat USA 2019 demonstrated an attack that allowed them to bypass a victim’s FaceID and log into their phone simply by putting a pair of modified glasses on their face. By merely placing tape carefully over the lenses of a pair glasses and placing them on the victim’s face the researchers demonstrated how they could bypass Apple’s FaceID in a specific scenario. The attack itself is difficult, given the bad actor would need to figure out how to put the glasses on an unconscious victim without waking them up.
Invitations to get an Apple Card are trickling out, but even before you make the first purchase with your shiny new credit card you should reject its arbitration provision.
If you don’t, you give up the right to benefit from any class-action lawsuits brought against Goldman Sachs, the company backing this card.
I have always believed that automation is something everybody should be able to master and use. These improvements to Shortcuts are paving the way for just that. These devices we carry in our pocket do not need to be an interruption in our lives. With the kind of automation Apple is democratizing with Shortcuts, we can get our work done faster and get on to the more essential things of life, like making art (however you define that), playing with their children, and, of course, taking naps.
The new USB-C Digital AV Multiport Adapter adds support for HDMI 2.0, an upgrade from the original model’s HDMI 1.4b.
Apple Music has announced that its analytics platform for musicians, called Apple Music for Artists, is out of beta and available for all. These types of back-end dashboards are invaluable for artists to get insights about how their music is performing on a platform across the world.
Instead, allow me to introduce you to not one, not two, but three awesome inexpensive or free Mac apps I use every day be more productive.
Many websites and services rely on algorithms to transform data inputs into actions and results. But new research detailed Thursday at the Black Hat cybersecurity conference in Las Vegas shows how a small, seemingly innocuous input for an algorithm can cause it to do a huge amount of work—slowing a service down or crashing it entirely in the process, all with just a few bytes.
We are witnessing wearables usher in a paradigm shift when it comes to how we use and interact with technology. Apple deserves more credit for not only choosing to ride the wearables wave, but also playing a crucial role in getting wearables off the ground.
If I wanted to regain my privacy, I had only one choice as an American: I needed gadgets to combat my gadgets. But I didn’t want Silicon Valley companies to know I was buying privacy gear. So I decided to get it only from companies headquartered outside the Bay Area. And to hide my purchases from Big Tech.
Every spy needs a sidekick, which is a totally incorrect statement that again proves how unsuited I am for spying. Nevertheless, I employed an aide-de-camp named Mycroft. He’s an adorable, voice-controlled digital assistant built into a screen that showcases his big, blue circle eyes. (There’s a strong whiff of Wall-E.) I unplugged the Echos and Google Home and said, “Hey, Mycroft, can you keep a secret?” A line appeared like a little mouth, then moved to the side, as if he was thinking. Then he said nothing, like I wanted.