Posted on July 4, 2011, at 3:03 PM .
The hacker group Anonymous has hacked into one of Apple’s servers used to process technical support follow-up surveys. The hack has revealed some 27 usernames and passwords and while the hack hasn’t revealed any customer data, it does expose internal passwords and usernames. What’s more interesting is whether the hacking team has managed to hack into Apple’s iCloud service. According to Lulzsec representatives: “After mapping their internal network and thoroughly pillaging all of their servers, we grabbed all their source code and database passwords, which we proceeded to shift silently back to our storage deck.” A hack of the iCloud service could really affect Apple once the service is more popular.
The usernames and passwords are available on Pastebin.
Posted on June 15, 2011, at 10:42 AM .
An iOS developer, Daniel Amitay, recently released iPhone passcode data revealed by his Big Brother Camera Security application. The free app uses code to record common user passcodes, and because the BBCS app’s passcode screen is identical to the iPhone passcode screen, it’s highly possible users will enter the same passcode for both. What he found was that the vast majority of users used very simple passcodes such as “1234″, “0000″ and “1111″. All told, Amitay discovered that 15% of the over 200,000 passcodes captured by his app were represented by just ten different passcodes. Therefore, anyone who steals an iPhone, has a 15% chance of breaking into it with just 10 password tries.
Now compare this to the BlackBerry and it’s full QWERTY keyboard passwords. The possible permutations of passcodes that you could come up with are so vast it’s not even worth trying. Now, there are still some out there who will use basic passwords such as “BNM$ ENTER” because it’s fast to use, but for the most part BlackBerry passwords are probably pretty diverse. Even the way the keyboard is designed means you probably won’t use “1234″ as your password because it’s not as easy to remember when surrounded by letters and symbols. What’s probably more common on a BlackBerry is a name or simple word such as “password”. Still, we’re happy to be using a device that at least gives you the option for a complex and secure password. Four digit passwords are simple to break simply by their nature of only being 4 digits.
Posted on June 8, 2011, at 2:44 PM .
At the Where 2.0 conference it was announced that Apple was secretly collecting the location of every iPhone and weren’t telling users. This led to a Senate hearing of Apple and Google execs who had to explain themselves and answer to why they are collecting the data without the user’s knowledge. Recently, SmrtGuard decided to do some digging around to see if RIM collects this same data for a BlackBerry, and yes they do. The difference is that RIM does it in a very transparent way that users can opt out of, which is exactly how Apple and Google should have done it.
Many of you have noticed this option but in case you haven’t, go to Options > Device > Location Settings and scroll down a little. There, you’ll see the Enable GPS option with a message that says: “Anonymously collects data to improve the speed and accuracy of future location services.” The intent is pretty clear and RIM is building a database of location data in order to be able to improve their software. RIM is explicit that the data is anonymous and give the user the ability to disable. Again, if Apple and Google had been this open about their location data collection, it probably wouldn’t have turned into such a debacle.
Read more over at SmrtGuard’s Resource Center where they’ll have regular content in the mobile security space.
Posted on May 31, 2011, at 10:02 AM .
Another Android hacked
A recent WaPo article talks about the growing shift from a single device (BlackBerry), to a multi-platform environment including iPhone, iPad and Android devices. The strange thing about the article is that the author barely touches on the subject of security, an issue that is becoming increasingly important in light of recent announcements that Lockheed Martin was hacked and the Pentagon said hacks could be an act of war.
While the WaPo likes to paint the picture as a massive shift in the way government is doing business, it seems the ways they’re actually implementing the use of these devices is pretty minimal. One such example was that the sign-in book at the reception desk was replaced with an iPad. Another example was showing video of an arrest to ATF employees with an iPad. These devices aren’t exactly transmitting highly sensitive data but do we trust employees using these devices to keep data safe?
Another question we should be asking ourselves is whether or not federal employees should even be able to use tax dollars on these devices just because of consumer hype. While many will claim that tablets increase productivity or the latest Android device has more processor power, allowing them to work faster, it’s probably just excuses to get the latest toy. There’s a reason governments shut out their devices from downloading apps and fooling around on the web: because it’s tax dollars and they have to be accountable for the time spent and security possibly compromised.
In fact, these new devices are actually impeding some federal employees from doing their jobs properly. For example, presidential recordkeeping:
Continue reading ‘Federal Government Getting an Increase of Unsecure Devices on Network’
Posted on May 2, 2011, at 6:45 PM .
Today at BlackBerry World, Fixmo announced a partnership with Veracode to integrate their cloud-based application platform into Fixmo’s Sentinel monitoring software.
Sentinel remotely tracks your organization’s mobile devices to make sure they’re remaining in a known and trusted state. Veracode’s cloud-based application platform combined with Fixmo Sentinel software will work to provide enterprise-level device integrity assurance. Sentinel features a dashboard that can do mobile administration, record detailed event logs, can perform instant over-the-air device locks or wipes, and more.
Visit Fixmo.com for more info
Posted on May 2, 2011, at 9:39 AM .
With an upward trend in Individual-liable devices, BlackBerry has announced BlackBerry Balance. Suitable for both employee-owned and corporate issued devices, BlackBerry Balance satisfies both corporate security and personal privacy in an elegant solution.
Features:
Secure access to business information while preventing the information from being copied into, sent from or used by personal applications like Facebook®, Twitter®, Windows LiveTM Hotmail, Google MailTM or Yahoo!® Mail accounts.
Business data or files created by business applications cannot be used by personal applications, not even using the copy and paste features
If a user attempts an action that is prohibited by IT policy, a notification is displayed on the device.
If an employee leaves the organization, an administrator can remotely wipe business information from the device while leaving personal information intact.
If a device is lost or stolen, an administrator can wipe all information from the device to help ensure that sensitive business information and the user’s personal information don’t fall into the wrong hands.
Get more details about BlackBerry Balance.
