The Spyware-Infection Edition Friday, August 26, 2016

Apple Issues iOS 9.3.5 Software Update For iPhone, iPad, And iPod Touch, by Zac Hall, 9to5Mac

The update fixes a serious security exploit that exposed contacts, texts, calls, and emails.

Government Hackers Caught Using Unprecedented iPhone Spy Tool, by Lorenzo Franceschi-Bicchierai, Motherboard

As it turned out, the message wasn’t what it purported to be. The link didn’t lead to any secrets, but to a sophisticated piece of malware that exploited three different unknown vulnerabilities in Apple’s iOS operating system that would have allowed the attackers to get full control of Mansoor’s iPhone, according to new joint reports released on Thursday by Citizen Lab and mobile security company Lookout.

This is the first time that anyone has uncovered such an attack in the wild. Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars. After the researchers alerted Apple, the company worked quickly to fix them in an update released on Thursday.


Setting The Record Straight, by WhatsApp Blog

If partnering with Facebook meant that we had to change our values, we wouldn’t have done it. Instead, we are forming a partnership that would allow us to continue operating independently and autonomously. Our fundamental values and beliefs will not change. Our principles will not change. Everything that has made WhatsApp the leader in personal messaging will still be in place. Speculation to the contrary isn’t just baseless and unfounded, it’s irresponsible. It has the effect of scaring people into thinking we’re suddenly collecting all kinds of new data. That’s just not true, and it’s important to us that you know that.

WhatsApp’s Privacy Cred Just Took A Big Hit, by Brian Barrett, Wired

Under the new user agreement, WhatsApp will share the phone numbers of people using the service with Facebook, along with analytics such as what devices and operating systems are being used. Previously, no information passed between the two, a stance more in line with WhatsApp’s original sales pitch as a privacy oasis.

How To Stop WhatsApp From Giving Facebook Your Phone Number, by Michael Duran, Wired

There is a way to opt out of this. But WhatsApp’s opt-out period is only 30 days long, so if you don’t want your phone number shared with Facebook, opt out now before the window closes.

WhatsApp keeps the policy change somewhat hidden, but there are two options. Both are outlined in the FAQ, and both of them will work inside the Android and iOS apps.

Four Years And $22 Billion Later, WhatsApp Has Decided Ads Aren’t Awful, After All, by Peter Kafka, Recode

Things change, perspectives evolve, and sometimes things you said a couple years ago aren’t what you think today. Happens all the time.

Just ask Mark Zuckerberg, who used to have a problem with ads that tracked what you did on the Web, but doesn’t anymore.

Now WhatsApp CEO (and Facebook board member) Jan Koum appears to be on a similar evolution.

Security Matters

Dropbox Is Resetting Passwords For Accounts That Haven’t Changed Them Since Mid-2012, by Matthew Lynley, TechCrunch

Dropbox is requiring users who have not changed their passwords since mid-2012 to reset their passwords this afternoon.

The action appears to be related to continued fallout over the massive hack on LinkedIn in 2012 where credentials for 117 million accounts were posted online. In recent months, treasure troves of user credentials and passwords — in addition to a large MySpace hack disclosed in May — have been discovered. Even though the data for these accounts is old, often passwords remain unchanged for long periods of time and are re-used across multiple accounts, leaving entire online identities vulnerable to hacks.


Apple Plans iPhone For Japan With Tap-to-Pay For Subways, by Mark Gurman, Gareth Allan, Bloomberg

Apple Inc. is planning a new iPhone feature for Japan that will enable users to pay for mass-transit rides with their smartphones instead of physical payment cards. A future iPhone will include technology called FeliCa, a mobile tap-to-pay standard in Japan developed by Sony Corp., according to people familiar with the matter. [...]

Apple has planned to launch these new features with the next iPhone models, which the company is set to unveil in September, according to people familiar with the matter. However, the company could hold back the transit card feature to next year’s model if discussions with the Japan-based payment networks fall apart, one person said. Apple is already at work on a major redesign of the iPhone for 2017 that focuses more heavily on the display by removing the Home button, according to a person familiar with the matter.


Simplenote For iOS Gains Markdown Support, by Preshit Deorukhkar, Beautiful Pixels

The info screen for each note now includes the Markdown button and once enabled, it stays enabled for all future notes.

Recordam Makes It Easy To Create, Store, Share And Play Back Audio Recordings On Your Mac, by Dennis Sellers, Apple World Today

If you need to quickly create, store, share and playback audio recordings on your Mac, Aperio Lux’s Recordam for Mac OS X (10.11 or later) combines a high-quality audio recorder and convenient storage for recorded audio files.

Bottom of the Page

I feel like I am already quite acquainted with the 2016 iPhone, and am now getting ready to get to know 2017 iPhone... Hey, no home buttons? How nice.


Thanks for reading.