Tuesday, October 29, 2013

Vulnerability lets attackers hijack iOS apps' web requests over WiFi (video)

Source: http://www.engadget.com/2013/10/29/vulnerability-lets-attackers-hijack-ios-app-web-requests/

WiFi vulnerability lets attackers hijack web requests in iOS apps

Be careful which WiFi hotspots you use -- Skycure has just revealed a web-based exploit that lets attackers hijack a iOS device on the same network through its mobile apps. The technique intercepts some apps' attempts to cache a web status message, redirecting the request to a hostile server; after that, an intruder can stealthily inject malware from any location. Thankfully, there are already some solutions at hand. Victims can uninstall apps to scrub their devices clean, and Skycure has released app code that prevents the web caching from taking place. It may be a while before iOS users can assume that their apps are safe, but we wouldn't expect the vulnerability to remain for long.

Filed under: , ,

Comments

Via: The New York Times

Source: Skycure

Read More...

Virgin Media's SmartCall app lets you make WiFi calls with landline minutes

Source: http://www.engadget.com/2013/10/29/virgin-media-smartcall-app/

DNP Virgin Medias SmartCall app lets you make WiFi calls with landline minutes

Those of you with long memories will recall that Virgin Media announced a WiFi calling platform way back in November 2012. Nearly a year later, and the company is finally offering the system to Android and iOS users. Virgin Media SmartCall is an app that lets you make calls while roaming and charge them to your home package,cutting the cost of getting in touch with your nearest and dearest. It'll also let you make international calls through the app, and you'll be charged as if you were making the call from your domicile. Either way, nice to know that someone's looking after your wallet in these straightened times, eh?

Filed under: ,

Comments

Source: Google Play, App Store

Read More...

Researchers beat fiber optic broadband speeds using visible LED light

Source: http://www.engadget.com/2013/10/29/researchers-report-10gbps-data-transmission-with-visible-led-lig/

Researchers report 10Gbps data transmission with visible LED light

High speed data is already being transmitted by visible light to the moon, so why not in your living room, too? After the Fraunhofer Institute showed off 3Gbps speeds with LED lights, researchers from five UK universities have managed to transmit data at 10Gbps using micro-LEDs with a technique they've coined "LiFi." The team was able to crack the barrier by combining 3.5Gbps streams in each of the red, green and blue frequencies that make up white light. Such a technique could one day work with existing light bulbs, promising higher speeds than current WiFi and increased security -- since visible light can't penetrate solid objects like walls. In addition, a single bulb could theoretically provide connectivity for up to four devices. For now, such devices are confined to the lab, but given the torrid pace of development, don't be surprised if your data connection is soon a click of the switch away.

Filed under: , , ,

Comments

Source: BBC

Read More...

Compromised Adobe account tally rises to include at least 38 million users

Source: http://www.engadget.com/2013/10/29/compromised-adobe-account-numbers-rise-38-million/

It seems that the initial report of 2.9 million compromised user accounts from Adobe's security breach earlier this month was a mere drop in the bucket. Krebs on Security reports that at least 38 million active users were were impacted by the incident and that the swiped source code included the Photoshop line of offerings in addition to Acrobat Reader and ColdFusion. If you'll recall, the breach nabbed encrypted credit card info as well as a then unknown number of user ID and log-in credentials alongside the aforementioned code. Adobe claims that all customers with a stolen ID have been contacted and that no "unauthorized activity" has been seen with any of the compromised log-ins. Of course, it will take some time to determine the full extent of the damage, but for now, the creative software giant's push to subscription-based releases is sure to take a bigger hit.

Filed under:

Comments

Source: Kebs on Security

Read More...

Firefox 25 now official with guest browsing on Android

Source: http://www.engadget.com/2013/10/29/firefox-25-now-official/

Firefox 25 for Android with guest browsing

If you regularly share your Android gadgets with others, you'll be glad to hear that Mozilla has officially released Firefox 25. The finished web browser lets Android users run guest sessions, which hide personal info while friends borrow a device. Mobile surfers also get a mixed content blocker to prevent attacks on partially unencrypted websites. As for the desktop version? It's not getting quite as substantial an upgrade, although the software now supports advanced sound effects through Web Audio. Whichever Firefox client you prefer, you'll find your relevant update at one of the source links.

Filed under: , , ,

Comments

Via: The Mozilla Blog

Source: Google Play, Mozilla

Read More...