Tag Archive for: Apple’s

Apple’s iMessage gains industry-leading quantum security


Apple is preparing for future threats to iMessage by introducing upgraded encryption for its messaging service by using quantum computers.

Think of it as state-of-the-art quantum security for messaging at scale, the company says, resulting in Apple’s messaging system being more secure against both current and future foes.

What is the protection?

Announced on Apple’s Security Research blog, the new iMessage protection is called PQ3 and promises the “strongest security properties of any at-scale messaging protocol in the world.”

The rationale behind this protection is “What if?

In this case, Apple’s security teams asked themselves what might happen if hackers, criminals, or state-backed rogue surveillance firms gathered vast quantities of encrypted iMessage data today in order to break that encryption using quantum computers tomorrow.

Apple calls this a Harvest Now, Decrypt Later attack. The new security protocol is designed to help protect against this.

How likely are such attacks?

These attacks are less likely today than they might become. It is widely accepted that quantum computers will be capable of cracking the classical public key cryptography  such as RSA, Elliptic Curve signatures, and Diffie-Hellman key exchange in use today.

Apple explains:

“All these algorithms are based on difficult mathematical problems that have long been considered too computationally intensive for computers to solve, even when accounting for Moore’s law. However, the rise of quantum computing threatens to change the equation. A sufficiently powerful quantum computer could solve these classical mathematical problems in fundamentally different ways, and therefore — in theory — do so fast enough to threaten the security of end-to-end encrypted communications.”

In truth, quantum computers are expensive, which means their use is largely limited to only the world’s most powerful entities. But as more are made and costs decline, they will proliferate — and if Apple is considering the potential threat, then threat actors of various stripes will also be exploring the possibility.

The security industry is getting ready

Apple isn’t alone. The cryptographic…

Source…

Apple’s Pledge to Support RCS Messaging Could Finally Kill SMS


Good news is coming to your group chat. Today, Apple said it will add support for the RCS messaging standard to the iPhone. The website 9to5Mac broke the news that Apple will release a software update some time next year that will bring support to iOS for the messaging standard, which is already widely used by Android phones.

RCS, or Rich Communications Standard, is a messaging service that’s a step up from the SMS and MMS messaging standards that smartphones have used since they first arrived. RCS can do more than SMS and MMS: It allows users to share higher-resolution photos and videos between their devices; it supports read receipts; and there’s more fun stuff, like the ability to easily drop emoji and GIFs into a conversation. It also adds extra layers of security that the older messaging standards lack.

Apple has famously shunned RCS in favor of its own iMessage platform, resulting in a layer of incompatibility that anyone with an Android phone—or any iPhone user who regularly texts people with Android phones—is painfully aware of. Videos shared between iOS and Android are crunchy and low-bandwidth, and Android users are often confounded by group chats, with missed messages, absent emoji, and other glitches.

For years, Apple has been relying on SMS and MMS to bridge the digital divide between these messaging platforms. It’s the last major holdout, as RCS is already supported by major players like Google, Verizon, AT&T, and T-Mobile. When Apple adds support for RCS, it won’t need that old bridge, and the move could signal the eventual death of SMS.

“It’s long been time for SMS to go away,” says Anshel Sag, principal analyst at the technology analyst firm Moor Insights and Strategy. “Now SMS can die, it can be sunset. So all the viruses and all the security flaws that are due to SMS can be eliminated.”

The move isn’t happening immediately; Apple told 9to5Mac that RCS support will come “in the later half of next year.” This timing suggests that support could arrive with the next version of iOS, which typically rolls out in September.

So it’s a ways out, but it’s certainly closer than Apple’s previous plan for the feature, which was apparently “never.”…

Source…

TSMC, Apple’s Chipmaker, Hit with a Ransomware Attack, LockBit Asks for $70M to Prevent Leaks


The famous technology company behind the Apple processors like the A-series Bionic chips and the M-series SoCs, was recently hit with a ransomware attack. The LockBit ransomware gang already took responsibility for the attack, notoriously known for its global activities and ties to Russia, having some of its members from the country.

It is demanding a $70 million ransom demand from the Taiwan Semiconductor Manufacturing Company (TSMC), or else it would leak all the stolen data it managed to steal from the company. 

TSMC was Hit with Ransomware Attack, LockBit Demands $70M

TAIWAN-CHIP-TSMC-COMPANY-EARNINGS

(Photo : SAM YEH/AFP via Getty Images)
A security staff stands next to a logo of the Taiwan Semiconductor Manufacturing Co, (TSMC), during the investors conference in Taipei on July 16, 2014. TSMC, the world’s biggest contract microchip maker, was to release second-quarter earnings results at an online conference.

TechCrunch reported that TSMC’s partner was hit with a ransomware attack, more specifically, one of its IT hardware suppliers, Kinmax Technology, with LockBit already owning up to the attack. The ransomware group is demanding a ransom payment of $70 million to keep the stolen data from getting leaked to the public. 

Kinmax made this known to TSMC, with the company’s services centering on setting up the server’s initial setup and configuration. The attacked company also said that several pieces of information were leaked last Thursday, but the reports did not expand more on how serious the attack was or how much was taken.

Other clients of Kinmax include Microsoft, Citrix, Cisco, VMWare, and HPE.

Read Also: Apple M3: Tests 12-Core CPU, 18-Core GPU, the Most on Any M-Series Chip; Coming Soon?

Stolen Sensitive Data Would be Leaked, is Apple Included?

As per 9to5 Mac, TSMC already confirmed that this attack did not affect its business operations and customer information, despite Kinmax Technology’s hand on its servers. This means that this should not be a massive cause of concern for TSMC’s customers, including Apple, one of its largest partners in the tech landscape. 

TSMC and the LockBit Ransomware Gang

TSMC remains the top supplier of Apple for all chip…

Source…

How to enable Apple’s Advanced Data Protection


You should always have a backup of precious photos and essential personal files. It would be best to back up your mobile phone before upgrading its operating system, so you don’t lose anything important. Tap or click for three things to look for in a cloud backup.

If you have an iOS device, there is a setting that lets you automatically back it up to iCloud at predetermined intervals. This is great if you have trouble remembering to do it on your own.

But backing up data to iCloud wasn’t as secure as you’d think. Until now. Read on for details on Apple’s new security setting to protect your data.

Here’s the backstory

Apple recently released an update for iOS devices, bringing the operating system to version 16.2. Pro tip: To improve your iPhone’s battery life, disable these three features now.

The latest iOS version adds a much-needed security tool. Previously, your backups to iCloud weren’t encrypted. If you wanted to encrypt your backups locally, you had to do so through iTunes on your computer.

That has changed with the addition of Advanced Data Protection with iOS 16.2. This means that any iCloud backup benefits from end-to-end encryption.

This is something that many advocacy groups have been fighting for. The Electronic Frontier Foundation asked Apple to add this security feature years ago.

How to enable Apple’s Advanced Data Protection

It is always a good idea to keep your phone updated to the latest version. If you are still on a previous iOS version, here’re how to update your device: go to Settings > General Software Update > Download and Install.

Once you are on iOS 16.2, you can enable the new Advanced Data Protection setting to encrypt iCloud backups. Here’s how:

  • Open Settings.
  • Tap your name.
  • Look for the iCloud option and tap it.
  • Under the Device Backups option, tap on iCloud Backup and make sure the Back Up This iPhone is toggled on.
  • Then, go back to the previous screen and scroll until you see Advanced Data Protection and select it.
  • Tap Turn On Advanced Data Protection.

Keep reading

Four data…

Source…