Identity Theft Vulnerability Affects All iPhones, Not Just Jailbroken Ones

A report surfaced recently about a vulnerability in Facebook that allowed people to access someone else's account. The report initially stated that this vulnerability only affected people on a jailbroken iPhone, however, that doesn't seem to be the case anymore as two new reports are stating that it isn't only jailbroken phones that are at risk.

Gareth Wright, an app developer from the U.K., along with The Next Web have each confirmed, separately, that this new vulnerability affects any and all iPhones, not just jailbroken ones. In addition to that, it has been discovered that the vulnerability originated in Facebook's iPhone app.

Wright released his report earlier in the week and claimed that the iPhone Facebook app includes a vulnerability that fails to encrypt log-on credentials whenever you get on Facebook on your iPhone via the app. Wright also said that he also discovered a Facebook access token in the Draw Something game. Wright copied the token, used the Facebook Query Language and extracted the information.

According to Wright's report, "Sure enough, I could pull back pretty much any information from my Facebook account." Wright also mentioned that the property list of the app contained any and all information needed to allow someone other than you to access your Facebook account, send private messages and do anything else imaginable.

However, Facebook is sticking by their claim that the vulnerability only affects jailbroken phones. In a statement from the social media giant, the company said, "Facebook's iOS and Android applications are only intended for use with the manufacture provided operating system, and access tokens are only vulnerable if they have modified their mobile OS (i.e. jailbroken iOS or modded Android) or have granted a malicious actor access to the physical device."

That may have been believable had The Next Web not released their very own report separate from Wright's. The Next Web confirmed themselves that the vulnerability also affects non-jailbroken phones. However, The Next Web also found that Dropbox also suffers from the same vulnerability, leaving the application open to a property list hack.

According to The Next Web, "We copied the .plist from one device, with the app installed and logged in, over to another which had a fresh installation of Dropbox on it. The profile copied and it worked seamlessly, as if we had logged on ourselves, which we had not." The Next Web also added that the Dropbox vulnerability works on phones that are passcode protected.

Facebook keeps saying that the vulnerability is only on jailbroken phones, though with the reports from Wright and The Next Web, I don't know how much longer the social media company can keep that story going.

Source: CNET - facebook ID theft impacts all iPhones, Dropbox

Power Point Projectors
Most business class projectors will do a good job displaying your PowerPoint presentation. If you have a small presentation group, a 2000 lumen LCD projector will be able to produce a nice and clear picture. For larger audiences you should consider a 5000 lumen LCD projector.

Windows 10 Spying Concerns: Are They Still Viable?

When Windows 10 first launched many users quick to flock to the new operating system as they were in a hurry to get away from Windows 8. However, a lot of those users became unsure of Windows 10 when reports started coming in that the operating system was practically spying on everything you did. Some of the reports were completely false while others held some truth but were completely blown out of proportion. With the operating system now available for over 8 months, it's time to take a look at all the concerns people had and whether or not those worries are still relevant today. Read more about this topic on the ComputerServiceNow Blog !

Parenting Haikus, By Stage- Originally published as guest post on MommyTries.com!

In trying to "develop a unique voice for my blog," I discovered that I am really good (read: fast) at writing haikus. If you like my haikus, comment and I will start delivering more haikus. I am nothing if not responsive to my loyal and growing readership. Without further adu (ha ha! I've been up since 4:30am cut me some slack), here are my.... Parenting Haikus, by Stage Newborn: Early exposure to computer linked to higher IQ, according to no literature I could find Peeing while breastfeeding. Every new mom has done this It's multi-tasking. Crawler: Just getting covered in dust motes at my sister's dress rehearsal Across the playground, See him eat mulch. Don't judge me, Mom of just one kid. Toddler: Reason? With me? Are you friend or foe? Who knows what you will do next. I am terrified. Preschooler: You can pump your legs! Swinging you no longer feels Like I'm Sisyphus. I'm eating the raspberries off the bush before they are ripe! Praise me! Scho...

Toshiba Introduces Tiny Enterprise Hard Drives

Toshiba's Storage Products Business Unit has just announced a high-capacity 2.5" high-performance enterprise-class drive. Known as the Toshiba MK01GRRB/R series, this drive supports the exacting requirements for compute-intensive environments witha 15,000 RPM spin speed, a 6Gb/s SAS interface and a maximum capacity of 300GB1. In addition to that, this drive also offers drive-based encryption in order to help companies manage data security. According to Vice President of Marketing at Toshiba's Storage Products Business Unit Joel Hagberg, "Enterprise customers are increasingly satisfying their performance and capacity needs with power efficient small form factor drives. Enterprise drives with the latest self-encryption features are helping data centers to more cost-effectively achieve compliance with information security mandates. Toshiba small form factor enterprise drives deliver the performance, capacity and security features IT administrators require for today's...

Predol

Search This Blog