IT Support and Hardware for Clinics
32.7K views | +2 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Apple is making it harder to steal the Apple Watch

t didn't make it into today's WWDC keynote address, but Apple is adding an important security feature to watchOS 2. The new version of the wearable OS will bring Activation Lock — a feature that has been on iPhones since 2013 — to the Apple Watch.


Activation Lock is an anti-theft measure that makes stolen devices less attractive to potential thieves. If someone were to steal your device and wipe it (something that can be done on a Watch in just a few taps), Activation Lock won't let the device be reactivated without first inputting the Apple ID and password that was originally used to set it up. It may not stop someone from stealing and selling your Watch for parts, and there's still no comparable feature to "Find my iPhone," but Activation Lock is a start.


IT'S NO FIND MY IPHONE, BUT IT'S A START

Just last month, users grew worried after9to5Mac pointed out how easy it is to wipe the settings, data, and passcode from an Apple Watch. From there, someone could pair a Watch to any new iPhone. In the user guide, Apple frames this as a way to restore your Watch's functionality should you forget your passcode, which is convenient. But for many people the function made it far too easy for someone else to wind up using your Watch as their own.


Users will have the choice to enable Activation Lock on their Watch or not, so it's ultimately up to them. The watchOS 2 developer beta is available today, and the final version will be released this fall.

more...
No comment yet.
Scoop.it!

Apple’s Activation Lock Leads To Big Drops In Smartphone Theft Worldwide

Apple’s Activation Lock Leads To Big Drops In Smartphone Theft Worldwide | IT Support and Hardware for Clinics | Scoop.it

The temptation of a smartphone for a thief is dropping, thanks to Apple’s decision to implement a remote kill switch via Find My Phone that can erase and disable a phone once it’s been stolen or gone missing. A new report from Reuters found that iPhone theft dropped by 50 percent in London, 40 percent in San Francisco and 25 percent in New York. The drops represent theft activity as measured during the 12 months following Apple’s introduction of the remote locking feature in September 2013 as part of iOS 7. With iOS 8, Apple made its so-called said “kill switch” active by default, in accordance with California regulation, and that should help the rates of theft continue to trend downwards.

Apple’s Activation Lock requires a user to authorize a wipe or fresh install using the existing iCloud credentials on record, ensuring that a thief can’t go ahead and just wipe the device easily to use it themselves or prepare it for sale on the secondary market. Apple is one of the first major manufacturers to switch to implementing the system by default, rather than through user opt-in, which means it should be present on far more devices. All new iPhone 6 and 6 Plus units, for instance, will have it on be default given that they shipped with iOS 8 pre-installed.

Stats from last year indicated that Apple’s implementation of the Activation Lock were having a significant effect, but Apple’s combined iOS 8 adoption rate (currently at over 70 percent) and the fact that it’s now on by default means that the risk associated with stealing a modern iOS device is even greater. The aim is to make smartphone theft ultimately as futile as stealing a credit card, whereby a user ‘cancelling’ their hardware renders it ultimately useless.

Smartphone theft is often theft of opportunity, meaning a thief weighs reward vs. risk, including factors like how difficult it is to recoup an investment on something they’ve taken. Activation Lock doesn’t automatically render smartphones using it worthless to thieves, but it skews the value proposition considerably, and reduces reward (an iPhone sold for parts is worth far less than a fully functional unity, for instance).

Apple seems committed to coming up with new ways to protect user devices and data when it comes to theft, given its early pioneering of phone tracking tech via Find My iPhone. Patents awarded Apple have also described systems whereby the phone requires positive ID of the user to even display an unlock prompt, and tech which can monitor and report on unidentified users in the background.


more...
No comment yet.
Scoop.it!

Apple and Google ask Obama to leave smartphone security alone

Apple and Google ask Obama to leave smartphone security alone | IT Support and Hardware for Clinics | Scoop.it

FBI director James Comey has asked Congress for help getting around the upgraded encryption on Apple's smartphone, something he believes is creating too high a hurdle for law enforcement. It's not clear if his calls for new legislation have much chance for success, but they are clearly causing ripples in Silicon Valley. In a letter obtained by The Washington Post, tech heavyweights like Apple and Google call on President Obama to reject any new laws that would weaken security.

Better domestic surveillance is not an easy sell


There have been laws kicking around Congress for a while that would create the kind of backdoors Comey and other security hawks have been pushing for. CALEA II is one such bill, but it trips over all the outsized fears about government surveillance that the public has long held, even more so in the wake of Edward Snowden and revelations about just how much of our everyday communication is being vacuumed up by the NSA.


As we wrote back in October of 2014, that means "Comey's left exactly where we started, making ominous noises and generating headlines favorable to the FBI, but not actually doing anything. It's a bluff, a way to nudge public opinion without committing the bureau to anything. This isn't a crypto war — it's a pageant."


more...
No comment yet.
Scoop.it!

Turns Out Apple Pay Can't Solve Credit Card Fraud

Turns Out Apple Pay Can't Solve Credit Card Fraud | IT Support and Hardware for Clinics | Scoop.it

Among other things, Apple's Second Coming of the Mobile Payment Solution was meant to fix our broke-ass credit card security system. Only, according to (unconfirmed) reports, it's doing exactly the opposite.

The Drop Labs blog has a good (if technical) post on how Apple Pay security does — and doesn't — work. In essence, the hardcore tech stuff for Apple Pay works just fine: no-one is breaking TouchID, stealing iPhones to pay for stuff, or hacking the NFC transmission protocol. Rather, the flaw lies in credit cards themselves.

According to Drop Labs, people are buying credit card numbers online, then loading those same numbers into Apple Pay, in essence making themselves a handy fake credit card, without going to the trouble of making a physical fake. And it's not a small problem: Drop Labs claims that for some issuers, fraud levels are as high as 6% (meaning $6 of every $100 spent is fraudulent). That's bad even when compared to regular credit cards, whose fraud rate averages out at under 1%.

This is possible because of two flaws with the system. Most problematically, it's easy for hackers to steal credit card numbers from stores, and then sell those numbers online. That's a fundamental problem with the credit-card system (and especially the stupid dumb magnetic stripes they all use), and something that Apple Pay is just an unwitting victim of.

The second issue, however, is specific to Apple Pay. In short, banks aren't taking the proper measures to ensure that the credit card owner is the one using the credit card in Apple Pay. According to Drop Labs, most banks use a phone call to authenticate when a card is loaded into Apple Pay, a method that's woefully inadequate.

While there's obviously not a lot that can be done about stolen credit card numbers (bar burning the whole broke-ass system to the ground, but that's a different conversation), banks *should* be able to fix their authetication system to make Apple Pay less fraud-ridden in the short run.

But what this data really tells us is that while credit cards and their stupid unencrypted magnetic strips continue to exist, no system — not even one that uses fingerprints and special super-secure chips — can prevent nefarious hackers buying hookers with your credit card.


more...
No comment yet.