Connect with us

Tech News

Apple’s Unforgivable Mistake Threatens Millions Of iPad And iPhone Users

Published

on

Apple is in a continuing fight to keep the iOS platform secure, and it has made a mistake that has blown open the entire platform. This weekend it was revealed that Apple has been sloppy, and an old vulnerability that was patched over has been broken in the move to iOS 12.4, so it is possible for a iPhone running the very latest version of iOS to run unsigned code.

That could be an intentional choice by users wanting to access alternate app stores or access functions not normally exposed (a classic jailbreak) but it is more likely to be used maliciously, for example using a bug in another application that allows code to be run remotely on any up to date iPhone.

People cross the street underneath a billboard advertising the Apple iPhone X on August 15, 2018 in Istanbul, Turkey (Photo by Chris McGrath/Getty Images)

People cross the street underneath a billboard advertising the Apple iPhone X on August 15, 2018 in Istanbul, Turkey (Photo by Chris McGrath/Getty Images) GETTY

It cannot be stressed enough that this is a huge mistake by Apple. That said there are some limitations to note. First of all the vulnerability does not affect hardware running on the A12 system on chip – the iPhone X will be impacted, but not the iPhone XR, XS, or XS Max. unfortunately Apple has never released sales figures for the newer handsets so how many users are protected by hardware evolution is not known.

You also need to have iOS 12.4 installed. This is one moment in time where Apple’s ability to shift its user base to the latest version of the mobile operating system is not helpful (although it will be helpful when the presumptively named iOS 12.4.1 patch is rolled out). Unfortunately has Apple pulled iOS 12.2 and 12.3 from its servers and revoked their signatures, so there is no choice but to update to 12.4.

And for those who jailbreak their devices for their own use, there may well be ongoing issues if they use Apple’s online services – which will no doubt be double checking the devices that connect to them.

Advertising is displayed on a gigantic canvas for the iPhone X on the Louvre on February 02, 2018 in Paris, France (Photo by John van Hasselt/Corbis via Getty Images)

Advertising is displayed on a gigantic canvas for the iPhone X on the Louvre on February 02, 2018 in Paris, France (Photo by John van Hasselt/Corbis via Getty Images) GETTY

In the real world, let’s add together these puzzle pieces… you could download an app from the App Store which makes use of this exploit to ‘escape’ the iOS sandbox that an application is given by the operating system. Lorenzo Franceschi-Bicchierai reports:

“Due to 12.4 being the latest version of iOS currently available and the only one which Apple allows upgrading to, for the next couple of days (till 12.4.1 comes out), all devices of this version (or any 11.x and 12.x below 12.3) are jail breakable—which means they are also vulnerable to what is effectively a 100+ day exploit,” said Jonathan Levin, a security researcher and trainer who specializes in iOS, referring to the fact that this vulnerability can be exploited with code that was found more than 100 days ago.

Given Apple was made aware of this bug over 100 days ago by Google’s Project Zero team, there’s probably a good chance that elements not friendly to Apple’s ethos of user security will be aware of the issue and potentially using it quietly in the background. In the meantime, if you are on iOS 12.3 do not upgrade to 12.4 to stay protected over the next few days.

Apple’s PR team has been approached for comment. Presumably the development team are working quickly to roll out iOS 12.4.1 which will reapply the patch, now that the horse has bolted.

Source: https://www.forbes.com/sites/ewanspence/2019/08/19/apple-iphone-ios-jailbreak-security-broken-exploit-warning-danger/#4ad732a2553c

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Tech News

Microsoft Africa Development Centre appoints new Managing Director

Published

on

By

American technology giant, Microsoft Corporation has appointed Gafar Lawal as the Managing Director of its Africa Development Centre (ADC) in Nigeria. 

Nairametrics had previously reported that Microsoft launched the centre in May 2019 with two offices in Nairobi, Kenya, and Lagos, Nigeria. 

While speaking about Lawal’s appointment, Microsoft Corporate Vice president, Mike Fortin expressed his delight in bringing Lawal on board. 

“We’ve been actively sourcing talent to join our team of engineers and are delighted to have Gafar bring his leadership skills to the team.

“The ADC is unlike any other existing investment on the continent – enabling us to better listen to our customers, develop locally and scale for global impact – in the grand scheme of things, presenting a strategic opportunity for us to comprehend a continent that is rapidly adopting cloud technology and massive innovation at the intelligent edge,” Fortin said. 

Microsoft, Artificial Intelligence, 4Africa, Microsoft appoints Gafar Lawal as new Managing Director 

Lawal also spoke on his appointment“I am looking forward to embarking on this incredible new journey with the Microsoft team and effectively playing my part in bringing digital transformation to the continent at large. I hope that as we continue to not only identify and nurture talent but also bring about unprecedented change, that we will continue to aid every individual involved to achieve more.” 

Lawal’s profile: Lawal has served in various business roles for more than 20 years. He returned to Microsoft from Morgan Stanley where he served as Managing Director and Global Chief Technology Architect for the Wealth Management Division.  

Before joining Morgan Stanley, Lawal spent over six years working at Microsoft’s US headquarters in Redmond, WA as Partner Architect in the Windows server group and Windows phone services division. He also spent ten years as First Vice President and Chief Technology Architect at Merrill Lynch. 

What you should know: The ADC centre was set up to help Microsoft grow its market share across the continent in the wake of increased technology uptake in various economic sectors. The centre would work with local engineers who would be tasked with churning out cutting-edge technology tailored for the local and global markets. 

Source: https://nairametrics.com/2019/09/16/microsoft-africa-development-centre-appoints-new-managing-director/

Continue Reading

Tech News

Facebook Paid Contractors to Transcribe Users’ Audio Chats

Published

on

By

Facebook Inc. has been paying hundreds of outside contractors to transcribe clips of audio from users of its services, according to people with knowledge of the work.

The work has rattled the contract employees, who are not told where the audio was recorded or how it was obtained — only to transcribe it, said the people, who requested anonymity for fear of losing their jobs. They’re hearing Facebook users’ conversations, sometimes with vulgar content, but do not know why Facebook needs them transcribed, the people said.

On Wednesday, the Irish Data Protection Commission, which takes the lead in overseeing Facebook in Europe, said it was examining the activity for possible violations of the EU’s strict privacy rules.

Shares of the social-media giant were down 1.3% at 7:49 a.m. in New York during pre-market trading.

Facebook confirmed that it had been transcribing users’ audio and said it will no longer do so, following scrutiny into other companies. “Much like Apple and Google, we paused human review of audio more than a week ago,” the company said Tuesday. The company said the users who were affected chose the option in Facebook’s Messenger app to have their voice chats transcribed. The contractors were checking whether Facebook’s artificial intelligence correctly interpreted the messages, which were anonymized.

Big tech companies including Amazon.com Inc. and Apple Inc. have come under fire for collecting audio snippets from consumer computing devices and subjecting those clips to human review, a practice that critics say invades privacy. Bloomberg first reported in April that Amazon had a team of thousands of workers around the world listening to Alexa audio requests with the goal of improving the software, and that similar human review was used for Apple’s Siri and Alphabet Inc.’s Google Assistant. Apple and Google have since said they no longer engage in the practice and Amazon said it will let users opt out of human review.

The social networking giant, which just completed a $5 billion settlement with the U.S. Federal Trade Commission after a probe of its privacy practices, has long denied that it collects audio from users to inform ads or help determine what people see in their news feeds. Chief Executive Officer Mark Zuckerberg denied the idea directly in Congressional testimony.

“You’re talking about this conspiracy theory that gets passed around that we listen to what’s going on on your microphone and use that for ads,” Zuckerberg told U.S. Senator Gary Peters in April 2018. “We don’t do that.”

In follow-up answers for Congress, the company said it “only accesses users’ microphone if the user has given our app permission and if they are actively using a specific feature that requires audio (like voice messaging features.)” The Menlo Park, California-based company doesn’t address what happens to the audio afterward.

Facebook hasn’t disclosed to users that third parties may review their audio. That’s led some contractors to feel their work is unethical, according to the people with knowledge of the matter.

At least one firm reviewing user conversations is TaskUs Inc., a Santa Monica, California-based outsourcing firm with outposts around the world, the people said. Facebook is one of TaskUs’s largest and most important clients, but employees aren’t allowed to mention publicly who their work is for. They call the client by the code name “Prism.”

Facebook also uses TaskUs to review content that’s in possible violation of policies. There are also TaskUs teams working on election preparation and screening political ads, though some of those employees were recently moved to the new transcription team.

“Facebook asked TaskUs to pause this work over a week ago, and it did,” TaskUs said in response to a request for comment about the transcription work.

The Facebook data-use policy, revised last year to make it more understandable for the public, includes no mention of audio. It does, however, say Facebook will collect “content, communications and other information you provide” when users “message or communicate with others.”

Facebook says its “systems automatically process content and communications you and others provide to analyze context and what’s in them.” It includes no mention of other human beings screening the content. In a list of “types of third parties we share information with,” Facebook doesn’t mention a transcription team, but vaguely refers to “vendors and service providers who support our business” by “analyzing how our products are used.”

The role of humans in analyzing recordings underscores the limits of artificial intelligence in its ability to recognize words and speech patterns. Machines are getting better at the task but sometimes still struggle with the unfamiliar. That some of the contractors have found the recorded content disturbing is further reminder of the human toll of moderating content on Facebook, the world’s biggest social network.

Facebook first started allowing Messenger users to have their audio transcribed in 2015. “We’re always working on ways to make Messenger more useful,” David Marcus, the executive in charge of the service at the time, said in a Facebook post.

Source: https://www.bloomberg.com/news/articles/2019-08-13/facebook-paid-hundreds-of-contractors-to-transcribe-users-audio

Continue Reading

Tech News

Huawei Mate 30 Pro Leaked Images Show Jaw-Dropping Design

Published

on

By

The next flagship from Huawei, the Huawei Mate 30 Pro, is due to be revealed in Munich, Germany on September 19. Though some clues as to what it will look like have already been revealed, the latest renders, courtesy of @OnLeaks and @Pricebaba, and picked up by 9to5Google, take our knowledge to a whole new level.

Of course, these are renders rather than photographs so it’s advisable to keep that pinch of salt handy, but these are proficient and reliable leakers. Here’s what we know, but first, what we don’t.

Is this what the Huawei Mate 30 Pro will look like?

Is this what the Huawei Mate 30 Pro will look like? @ONLEAKS, @PRICEBABA

The operating system

Currently, it’s believed Huawei is not permitted to put Google’s Android operating system, complete with Google apps, on its next phone because that hasn’t been authorized as the relationship between Huawei and the United States is a little complicated at the moment. Read more details here.

But the options remaining are a phone powered by Huawei’s own HarmonyOS or a version of Google. It’s possible for a manufacturer to use Android because it is open source. It’s the bit that goes with it,  Google Mobile Services, that complicates matters. That’s the part that Google chooses to license, and which gives access to the Google Play Store and Google Maps, for instance. In theory, any device could have vanilla Android, and customers could theoretically add a Google account.Today In: Innovation

This is just possibly a route Huawei could go down.

The rear cameras on the Mate 30 Pro - square inside a circle?

The rear cameras on the Mate 30 Pro – square inside a circle? @ONLEAKS, @PRICEBABA

The four rear cameras

These renders, if accurate, confirm the belief that the Mate 30 Pro will have four rear cameras, arranged in a square inside a circle. This is personal taste, of course, but to my eyes this design looks fantastic: unlike anything else on the market, with a pleasing symmetry and the surrounding circle wittily evoking a camera lens on its own.

Almost all screen

Sure, there’s a bigger notch than on the P30 Pro, for instance, but the wide cut-out at the top of the screen looks good, I’d say, and hints at advanced technology nestling in it. The display squeaks right out to the far edges of the long side and looks appealing, too. And, unlike many smartphones, the bottom bezel is very slim, almost symmetrical to the one along the top of the screen. Both top and bottom bezels look slimmer than on the P30 Pro.

Mind you, there seems to be more metal at top and bottom as well, compared to the P30 Pro.

Let's hope this is the slim, gorgeous shape of the Huawei Mate 30 Pro.

Let’s hope this is the slim, gorgeous shape of the Huawei Mate 30 Pro. @ONLEAKS, @PRICEBABA

Elegant design

The styling is classy and understated, with gently curved corners and defiantly flat top and bottom edges both drawing the eye. But it’s what is missing that seems most intriguing.

Will the Huawei Mate 30 Pro manage without physical volume buttons?

Will the Huawei Mate 30 Pro manage without physical volume buttons? @ONLEAKS, @PRICEBABA

The ground-breaking design element

A word of caution as this may be simply down to an incomplete CAD from which the renders are drawn, but if true, this design choice is remarkable: there are no volume buttons.

Assuming it’s not that the CAD author forgot to draw them, it potentially offers a whole new way to control your phone. Is it down to pressure-sensitive edges on the phone itself, similar to the technology HTC has built in previously?

Or will Huawei introduce one of its unique gestures to change the volume?

It seems unlikely to be built into the rather small power button on the right edge, but that is still a possibility.

For me, the lack of a volume rocker is emblematic of how innovative Huawei is. Even if the final result is fitted with volume buttons, the fact that I and others are even considering rocker-free volume control is a mark of the high level of innovation the company has already reached.

We’ll have the conclusive answer in a matter of days.

Source: https://www.forbes.com/sites/davidphelan/2019/09/04/huawei-mate-30-pro-leaked-images-show-jaw-dropping-design/#15ebb77761c2

Continue Reading
Advertisement

Trending

%d bloggers like this: