Repeated DDoS attacks on Dyn, a company providing core services for Twitter, Reddit, PayPal, and other sites, caused major Internet outage between approximately 11AM UTC and 6PM UTC on October 21th, 2016. According to security firm Flashpoint, the attacks were built at least partially on the backs of hacked IoT devices.
As mobile applications increase in popularity and as more transactions are carried out via mobile devices, security is a topic of growing concern. In his talk "Modern iOS Application Security" at QCon New York 2016, Dan Guido takes a closer look at iOS security. While Apple already provides the means to create highly secured applications, there are still threads that may render them useless.
The court appearance between Apple and the FBI, originally scheduled for later today, has been postponed a week until after Easter, following a request from the FBI to defer.
Today, Apple released iOS 9.3 at a special event held at Apple's headquarters which fixed a number of security bugs with the mobile OS, including several with remote code execution and an iMessage encryption bug. InfoQ investigates.
Apple and the FBI have appeared before the House Committee on the Judiciary Hearings to argue over the legalities of whether Apple should be compelled to create an insecure version of iOS to allow the FBI to break into a suspect's phone. InfoQ has been watching the live video stream and summarises the outcome.
A New York judge has denied a motion raised by the government who were attempting to use the All Writs act to compel Apple to break into an iPhone. InfoQ investigates.
Apple continues to resist providing a backdoored version of iOS for the FBI, while technology companies come out in support of Apple's stance. Political candidates capitalise on the stance leading to polarised advice. InfoQ provides an update to the situation as it currently stands.
Google has made its first comment on the Apple/FBI encryption fight, with Chief Executive Officer Sundar Pichai offering Tim Cook some limited support via a series of Tweets:
Apple has publicly berated the US Government for overreach of their duties in the case of providing assistance in unlocking a suspect's mobile phone, in a trial that is polarising the technology nation. InfoQ summarises the situation and what the possible outcomes might be.
Google has moved quickly to reassure Android users following the announcement of a number of serious vulnerabilities. The Stagefright Media Playback Engine Multiple Remote Code Execution Vulnerabilities allow an attacker to send a media file over a MMS message targeting the device's media playback engine, responsible for processing several popular media formats.
Mobile devices often contain both personal and corporate data. When these devices use cloud services with an "always on" internet connection the risk of security breaches increases says Jeff Crume. An interview on mobile security threats, increasing adherence to security policies, using mobile devices to collaborate efficiently, effectively and secure, and deploying enterprise mobile security.
CERT Secure Coding team have recently released a freely available tool capable of analysing the leakage of sensitive information from an Android app. CERT researchers claim their tool "is the most precise taint-flow static analysis tool for Android apps."
The step-by-step app creation tools provided by backend services such as StackMob enable developers to create mobile apps that they would not otherwise be technically proficient enough to produce. With Stackmob gone, app developers may be searching for a replacement.Here's a look at some of the remaining options for those and other developers looking to find a mobile backend service provider.
CERT Secure Coding team, part of the Software Engineering Institute at Carnegie Mellon University, have recently released secure coding guidelines specific to Java's application in the Android platform. InfoQ interviews Lori Flynn, one of the researchers who authored them.
On Sunday May 11, 2014 mobile backend as a service (MBaaS) vendor StackMob will cease operations. PayPal dictated its closure after eBay's online payment system acquired the company at the close of 2013.