Did you know that Apple is tracking your every move with your iPhone and iPad? A blog post published today on O'Reilly Radar claims that devices running iOS 4 are gathering location and storing it in an unencrypted manner.
"What makes this issue worse is that the file is unencrypted and unprotected, and it's on any machine you've synched with your iOS device. It can also be easily accessed on the device itself if it falls into the wrong hands. Anybody with access to this file knows where you've been over the last year, since iOS 4 was released," wrote Pete Warden, founder of the Data Science Toolkit, and Alasdair Allan, a senior research fellow at the University of Exeter.
The data is being stored to a file known as "consolidated.db," which includes latitude-longitude coordinates and a timestamp.
Of course, this shouldn't surprise anyone who read the entire 45-page EULA, as it clearly states the following clause when going into detail on the type of “non-personal information” that Apple can “collect, use, transfer, and disclose … for any purpose.”
We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.
Back in September, Google introduced the ability to add two-step verification for Google Apps accounts. What this means is that in order to log into your Google account, you not only enter your username and password, but you also enter an ever changing code. The code is sent to you by SMS, or can be found by using an iPhone, Blackberry, or Android app. This security feature makes it so that if someone finds your password by looking over your shoulder, phishing it, guessing it, or sniffing it from whichever network or computer you use, they will be unable to access your account, because they won't have access to this second factor authentication.
Now, Google just announced that they are rolling out the feature for all users. Over the coming days, a new option will appear in the Security tab of your Google Account. The feature is optional, and will allow you to use this option to better protect your account, either by receiving an automated call, SMS, or by using an app on your phone. This only occurs when you need to actually log on, which only happens on a new system or after a few months of use, so you won't need to do this every time you check your email. The process is not completely painless. The sign-up involves registering a backup number and one-time password, and you need to make special cases for apps which may need access to your Google account but do not support this feature, such as a desktop mail app. Still, it's a very good security measure, which everyone should look into.
Read More | Google Blog
In a reminder to always use strong, unique passwords on every service we use, we learn this week that Trapster, a web site and app used by over 10 million users, was targeted by a hacker which may have compromised the login and password information of all of their users. The company has posted an advisory urging people to change their password on the web site, and anywhere else they may be using the same password.
Read More | Peer360
Many people take the security of their smartphones for granted. As the amount of private data communicated through smartphones increases, so does the threat of attacks from viruses and hackers. Choosing to act now rather than wait for a security fiasco, phone companies such as AT&T, are hiring security researchers to focus on strengthening the security of mobile phones from attacks. Since security has previously not been a major concern on mobile devices it will take some time (years) for these security measures to fully implement.
"Everyone is realizing that this is an uncontrolled environment," said Edward G. Amoroso, chief security officer of AT&T Inc. "We don't want to have the same problems that we had with PCs."
Read More | Wall Street Journal
We've spent some time with the Zomm "wireless leash" and have come away impressed by the simplicity of the device, as it's one of those things that make you wonder why a product like it hasn't been available until now. With that, we thought it would be a good inclusion in our 2010 Holiday Gift Guide. The Zomm can be attached to your keychain, and connects to your smartphone over Bluetooth. Once paired, it becomes your wireless alarm system for your phone. For example, if you walk away from your phone, Zomm will sound a notification alarm and start vibrating, letting you know that you've left your device more than 30 feet away. This way, you don't leave a restaurant without your phone, or spend forever looking for it because you left it in the car (or, that you are in your car driving and left your phone at home!) Cool enough, but it does more.
Zomm also has an integrated speaker and microphone, so it also acts as a hands-free calling device. If your phone rings, Zomm will ring as well, and you just press the Z button to take the call without having to fish around for your phone while driving. Zomm also has a built-in panic alarm. Hold down the Z button and the alarm will go off. Continue holding it, and the Zomm will use the Bluetooth connection to your phone to dial 911, and it will let you speak with the authorities right from the Zomm device. This is seriously a cool piece of technology that is a must-have for those people who constantly leave their smartphones behind in cabs and restaurants, or just anyone who wants an extra layer of security with them at all times. You can get a Zomm from Newegg for $79.99.
Read More | Zomm Bluetooth Smartphone Leash
Sick of entering a PIN every time you turn on your phone? Want something a bit more futuristic to go with the vastly improved OS of your smartphone? The University of Manchester has the answer - facial recognition.
In order to keep your identity safe in the very likely situation of misplacing your phone, the University of Manchester has created a sophisticated facial recognition technology called the Active Appearance modeling technique that locks in and tracks twenty-two of your facial features, even when upside down. The facial recognition technology was created as a way to access social media sites securely through your smartphone, but no word yet as far as how quickly it works in action. Check out the video after the jump.
Read More | Manchester
Oddly enough, amidst all the tweaks, fixes, and refinements in Snow Leopard is an old version of the Adobe Flash Player. Specifically, the version of Flash Player that is included in Snow Leopard is 10.0.23.1. Problem is, the newer 10.0.32.18 includes fixes for a few security holes that, we assume, you’d prefer weren’t left on your system. If you’re running Snow Leopard and haven’t upgraded Flash yet, head on over to the Flash Player download page to take care of it.
Read More | Adobe
For those of you who want some added security to your flash drive should consider the Flash Drive Lock. Hopefully, an info-thief won’t be able to dial the 1,000 possible combinations before you catch him or her trying to steal from you.
This little extra piece of security will cost you about $9.80 and is available Read More | Red Ferret
Since we live in an age of personal security, it is important that the valuable information on our hard drives is locked down under lock and key. Fortunately, Freecom has released the Hard Drive Secure.
The Hard Drive Secure is a compact and portable external hard drive that can only be accessed with the use of an AES-encrypted RFID keycard. Passing the card through the reader gives the user access to their data in just seconds, while maintaining that extra level of security.
Read More | Freecom
Morro is finally available in beta, limited to users in the United States, Brazil, and Israel. The free security tool replaces Windows Live OneCare, which was a paid service. Available for 32- and 64-bit installations of Windows XP/Vista/7, it supplies you with protection against viruses, malware and others baddies on the Internet. Microsoft is hoping to target those who let their yearly software subscriptions expire, those who don’t buy it and users that never turned theirs on.
Read More | PC World
© Gear Live Inc. – User-posted content, unless source is quoted, is licensed under a Creative Commons Public Domain License. Gear Live graphics, logos, designs, page headers, button icons, videos, articles, blogs, forums, scripts and other service names are the trademarks of Gear Live Inc.