Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, and Sam Curry, chief security officer at Cybereason, comment on the news that Apple has updated its software for iPhones to address a critical vulnerability.
ARCHIVE FOR THE ‘apple’ CATEGORY
Sep 24, 2021 • News • Apple • Cyber Security • Digital Transformation • Software and Apps • GLOBAL • SYNOPSYS • CYBEREASON
Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, and Sam Curry, chief security officer at Cybereason, comment on the news that Apple has updated its software for iPhones to address a critical vulnerability.
It has been reported that Apple has updated its software for iPhones to address a critical vulnerability that independent researchers say has been exploited by notorious surveillance software to spy on a Saudi activist. Researchers from the University of Toronto's Citizen Lab said the software exploit has been in use since February and has been used to deploy Pegasus, the spyware made by Israeli firm NSO Group that has allegedly been used to surveil journalists and human rights advocates in multiple countries.
STAYING ON TOP OF ALL OPERATING SYSTEM UPDATES IS THE ONLY REAL PATH FOR END USERS TO PROTECT THEMSELVES AGAINST ZERO-CLICK SOFTWARE AND APPS
The urgent update that Apple released yesterday plugs a hole in the iMessage software that allowed hackers to infiltrate a user's phone without the user clicking on any links, according to Citizen Lab. The Saudi activist chose to remain anonymous, Citizen Lab said.
Commenting on this, Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, said "Zero-click software or apps should be a high concern for any mobile device user. This class of software doesn’t require any interaction by the user, so no explicit download and no explicit consent is granted. While there are legitimate uses for this class of software, the secretive nature of the installation makes it particularly appealing to malicious or criminal groups. The only real path for end users to defend against such software is to keep on top of all operating system updates, vendor updates, and maintain an up to date anti-malware solution."
Sam Curry, chief security officer at Cybereason, added "Monday’s emergency software updates for a critical vulnerability discovered in iPhones, Apple Watches and Macs, shouldn't be cause for panic. Yes, this newest Pegasus spyware delivery mechanism is novel, invasive and can easily infect billions of Apple devices, but stay calm and simply get control of your device and download the software updates available from Apple. Do that and move on. Follow Apple's instructions if you think you are infected and consult your IT department at work, school, etc. Failing that, Apple’s Genius Bar will be able to help. With nearly 2 billion iPhone active around the world, 100 million Apple Watches being used and more than 100 million Macs, security can’t be a luxury for Apple and it’s not, it’s a responsibility they take seriously.
This type of software is generally a scourge. This specific package has been known a while. What's novel is the subtle installation. These have happened in the past and should be a top priority to identify and fix for any vendor. Relating to Apple security, failing is OK. Failing consistently is not. Let's see how Apple addresses this. They are a generally more secure platform, but they must continue to invest and demonstrate commitment going forward. The most secure platform in the world can be cracked given time unless the security is maintained. An incident or two are not a cause for pitchforks and torches to come out. That comes later if things recur or are dealt with in a cavalier manner."
Further Reading:
- Read more about Digital Transformation @ www.fieldservicenews.com/digital-transformation
- Read more about Cyber Security on Field Service News @ www.fieldservicenews.com/cyber-security
- Read more about Software & Apps on Field Service News @ www.fieldservicenews.com/software-and-apps
- Find out more more about Synopsys @ www.synopsys.com
- Learn more about Cybereason @ www.cybereason.com
Sep 11, 2014 • Features • Hardware • Apple • iPhone • click software • Gill Bouhnick • hardware • iWatch
Whilst there were not that many surprises emanating from Cupertino with the latest Apple announcement (a 5inch iPhone had already be confirmed by leaks from a manufacturing base in China, whilst the fact that Apple have been working on a wearable is...
Whilst there were not that many surprises emanating from Cupertino with the latest Apple announcement (a 5inch iPhone had already be confirmed by leaks from a manufacturing base in China, whilst the fact that Apple have been working on a wearable is probably the worst kept secret in technology history) the fact is that when the folks at Apple launched the first iPhone it changed field service and enterprise mobility solutions forever. So what does this latest iteration mean for field service? Click Software's Gil Bouhnick takes a look...
So, what can the new iPhone and Apple Watch do for the field service?
The answer is: it depends. You probably don’t need the duo immediately, but the features are such that for workers out in the field, especially those that work for utilities, communications service providers, capital equipment, or even traveling healthcare workers, the benefits will be a boost for both employee and employer.
Here are a few advantages that may prove useful for field service organisations:
Size
From a competitive standpoint we had been seeing a fair number of organisations move to Android devices for 2 reasons: cost and size. The new iPhone (the 6 coming in at 4.7” and the 6 Plus at 5.5”) address the size issues, giving workers in sometimes difficult environments more room to type, more text to read, bigger images, troubleshooting guides and all sorts of size-related advantages.
Durability and Readability
The device includes a new polariser in the glass that offers better bright sunlight readability. And Apple touts the new iPhone as being stronger and more durable. While it’s no Toughbook, the device is certainly moving away from its fragile beginnings and is now more compatible with the realities of life in the field.
Predictive Text
Predictive typing with Apple’s QuickType keyboard (in iOS8) is said to be smarter, more personalised and intelligently take context into account, such as who the recipient is. Understanding the way people communicate and providing contextual guidance improves the speed of communications between workers and the office, workers and each other, and workers and customers.
I’ve been a long fan of iOs keyboard, and the way it quickly learns new words. If indeed this is going to be better as promised (so far my tests with iOS 8 beta is inconclusive) – it’s going to be by far the best keyboard out there.
Camera
While Apple spoke at length about selfies, mobile workers, especially in complex or low-light environments, will benefit from the new 8MP image sensors the iPhone 6 cameras feature what Apple is calling Focus Pixels, which more quickly focuses and snaps a shot. The iPhone 6 Plus offers optical image stabilisation to help reduce image blur in low light — iPhone 6 offers only digital image stabilisation.
Wi-Fi Calling
While reportedly only available with a limited number of carriers right now, we anticipate more will follow soon. And when they do, this will be helpful for workers who may or may not have access to cell coverage.
Apple Watch
I’m cautiously optimistic that the Apple Watch will significantly enhance the employee experience in the field. With the ability to respond, via voice or quick touch, to messages or alerts, the watch has the ability to take wearables from a “nice to have” object to a real everyday tool in the enterprise.
With the predictive features, availability of maps, and turn by turn directions, it may become the powerhouse piece of hardware that let’s workers do most of their work with the watch, and only need to pull out the phone when they need to larger screen environment for lengthy typing or to access large amounts of information.
Field employees often need to react quickly and respond to emergencies, notify their customers about their ETA, and report back to the back-office. Those are typically short interactions, and the Apple Watch may become the go-to device for such actions. In order for that to happen, the apps running on the watch must offer solid capabilities beyond notifications. I think Apple is almost there.
The HealthKit, which was touted for fitness junkies, also has real and impactful benefits in the field. With biometric feedback, heart rate detection and a host of other features, it will go a long way to adding to health and safety measures of workers in dangerous or remote locations. We’ve seen organisations ask about such capabilities (especially about simple wearables) and using apple’s HealthKit API’s, apps are now capable of providing these capabilities in that area.
Leave a Reply