Insecurity of Security Apps

1 06 2016

Open systems are almost always open to bad guys. Only limitation (a rigorously implemented “sandbox mode“) adds value to your digital life. Openness is only needed if smartphones are designed to be play stations.

It’s the job of manufacturers to offer security.

Think of it like this:

You buy a car. Then you have to visit a market for accessories to separately buy the safety belts. Nobody would accept that.


Regarding mobile devices without wheels everybody should know that there are many bad as well as innovative guys often behaving like terrorists and always on the way to compromise digital identities.

So …

Again it turns out that running iOS is the best way to stay secure.

Here is the latest analysis of Fraunhofer SIT …

Insecurity of Security Applications


Note

If you want to keep a secret, you must also hide it from yourself.

(George Orwell)

Thanks for taking your time.





The new Porsche 911

20 12 2015

The new 911 only has Apple Car Play because Google is Nicht Gut.

So much for “Do No Evil.” There’s no technological reason the 991/2 doesn’t have Android Auto playing through its massively upgraded PCM system.

But there is an ethical one.

As part of the agreement an automaker would have to enter with Google, certain pieces of data must be collected and mailed back to Mountain View, California. Stuff like vehicle speed, throttle position, coolant and oil temp, engine revs – basically Google wants a complete OBD2 dump whenever someone activates Android Auto.

Not kosher, says Porsche.

Obviously, this is “off the record,” but Porsche feels info like that is the secret sauce that makes its cars special. Moreover, giving such data to a multi-billion dollar corporation that’s actively building a car, well, that ain’t good, either. Apple, by way of stark contrast, only wants to know if the car is moving while Apple Play is in use. Makes you wonder about all the other OEMs who have agreed to Google’s requests/demands, no?

(motortrend com)

  
Dire straits for companies whose business model is based on selling customer data, especially in Europe. Google damaged their reputation with collecting data extensively. People don’t trust this data kraken any longer.

Thankfully Apple just sells exciting products.

More …



13 Cool Facts about the 2017 911



Apple and Porsche, about similarities



When government comes knocking



CarPlay by Apple


Thanks for visiting iNotes4You.





I want you(r data)!

13 12 2015

Good news for customers of the “iPhone company” …

Apple earns five stars in this year’s Who Has Your Back report. This is Apple’s fifth year in the report, and it has adopted every best practice we’ve identified as part of this report. We commend Apple for its strong stance regarding user rights, transparency, and privacy.

(Who has your back? report, EFF 2015)

  


More …

About privacy

XcodeGhost Q&A


Always keep in mind this saying of George Orwell …

If you want to keep a secret, you must also hide it from yourself.


Thanks for dropping by.





Tim Cook about privacy

26 03 2015

An open letter from Tim Cook, CEO at Apple Inc. since August 24, 2011, regarding Apple products, services and beliefs …

At Apple, your trust means everything to us. That’s why we respect your privacy and protect it with strong encryption, plus strict policies that govern how all data is handled.

Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay.

And we continue to make improvements. Two-step verification, which we encourage all our customers to use, in addition to protecting your Apple ID account information, now also protects all of the data you store and keep up to date with iCloud.
We believe in telling you up front exactly what’s going to happen to your personal information and asking for your permission before you share it with us. And if you change your mind later, we make it easy to stop sharing with us. Every Apple product is designed around those principles. When we do ask to use your data, it’s to provide you with a better user experience.

We’re publishing this website to explain how we handle your personal information, what we do and don’t collect, and why. We’re going to make sure you get updates here about privacy at Apple at least once a year and whenever there are significant changes to our policies.

A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product.

But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy. Our business model is very straightforward: We sell great products.

We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you.

IMG_3625.PNG

Our software and services are designed to make our devices better. Plain and simple.

One very small part of our business does serve advertisers, and that’s iAd. We built an advertising network because some app developers depend on that business model, and we want to support them as well as a free iTunes Radio service. iAd sticks to the same privacy policy that applies to every other Apple product. It doesn’t get data from Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail, and you can always just opt out altogether.

Finally, I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

Our commitment to protecting your privacy comes from a deep respect for our customers. We know that your trust doesn’t come easy. That’s why we have and always will work as hard as we can to earn and keep it.

Tim
September 2014

Thanks for a remarkable statement.

Summary …

I cannot validate any of Tim’s statements. It needs technicians to look at the details. But what I know is that there is no evidence to not trust in Tim’s announcement.

Related links …

Tim Cook, the job after Jobs

2-Step Verification

Apple and the NSA

Thanks for dropping by.





Activation Lock Status

10 02 2015

In November 2014 Apple added a new tool to further increase the security of iOS devices. It’s called ACTIVATION LOCK STATUS.

Activation Lock is turned on by default since the launch of iOS 7 and with iOS 8 it comes together with a new feature called Send Last Location (Settings – iCloud – Find My iPhone – Send Last Location) which transmits the last known location of an iOS device before the internet connection is cut off or the battery is empty.

Apple’s Craig Federighi (CEO Software Development) …

We think this is going to be a really powerful theft deterrent.

Apple on it’s website …

Losing your iPhone feels lousy. Thankfully, Find My iPhone can help you get it back. But if it looks like that’s not going to happen, new security features in iOS 7 make it harder for anyone who’s not you to use or sell your device. Now turning off Find My iPhone or erasing your device requires your Apple ID and password. Find My iPhone can also continue to display a custom message, even after your device is erased. And your Apple ID and password are required before anyone can reactivate it. Which means your iPhone is still your iPhone. No matter where it is.

Many users, once they find out that their iOS device has been stolen, completely erase it from iCloud or another iOS device with Find My iPhone installed. Erasing of a device is followed by Activation. This feature forces users to enter the Apple ID and password associated with that device to regain access.

IMG_3613.PNG

The new web-based tool allows you to check whether a device is currently locked for activation or not. To use the tool, users are asked to enter an iOS device’s IMEI or Serial Number, which is then cross-checked with Apple’s internal database to ensure that Activation Lock is not currently turned on for that device.

Summary …

Activation Lock Status is a further sophisticated step to secure your Apple device.

Related links …

Security made by Apple

2-Step Verification

Security made by Apple

Activation Lock Status

Apple about Activation Lock

Thanks for surfing by.





About Privacy

18 01 2015

If you are an Apple fan and can’t take a joke just skip this post and accept my sincere apology.

2015/01/img_3898.png

In reality you can be sure that Apple takes care of your privacy.

About  Pay …

If you are not familiar with Apple’s payment system, here is what the company publishes on

This is what Apple publishes on its website …

Your wallet.
Without the wallet.
Paying in stores or within apps has never been easier. Gone are the days of searching for your wallet. The wasted moments finding the right card. Now payments happen with a single touch.

Apple Pay will change how you pay with breakthrough contactless payment technology and unique security features built right into the devices you have with you every day. So you can use your iPhone, Apple Watch, or iPad to pay in a simple, secure, and private way.

Related links …

Security Made by Apple

Tim Cook about Privacy

Apple Pay with iPhone 6

Thanks for being sympathetic.





iOS 8 Security

5 01 2015

When government comes knocking …

Here is what The Washington Post published on September 18, 2014, shortly after Apple’s Keynote on September 9, the day Tim Cook introduced the iPhone 6 and 6 Plus and the updated operating system iOS 8 for mobile devices.

IMG_3471.PNG

Apple said Wednesday night that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user information.

The key is the encryption that Apple mobile devices automatically put in place when a user selects a passcode, making it difficult for anyone who lacks that passcode to access the information within, including photos, e-mails and recordings. Apple once maintained the ability to unlock some content on devices for legally binding police requests but will no longer do so for iOS 8, it said in the new privacy policy.

Please read the full article here …

About iOS 8 Security

Beside 2-Step Verification also available for iCloud in many countries this is a further step to more security for Apple’s customers. It should be mentioned that the so-called fragmentation is kept low for Apple’s devices.

See this concept map which shows the iOS versions in relation to all iPhone models on which they can be installed. The map includes what’s published about iOS 8 on Apple’s website after the WWDC event on June 2, 2014 in San Francisco.

IMG_3425.PNG

Just look at the iOS version and count the number of outgoing arrows.

It starts with compatibility to 2 models. Since iOS 6 the installation on the actual model and 3 predecessors is supported. With iOS 7 and 8 Apple’s mobile OS is ready to install on 5 models.

It needs enormous efforts to bring hardware and software engineers together to look into the future and design hardware components usable also for future versions of an OS.

Competitors show us that the alternative way is to build devices regardless what happens with newer versions of the OS.

According to a scary graphic for Android users published by Business Insider in Aug 2014 there are 18,796 unique devices running the Android OS. That fragmentation is tough on developers. It’s too difficult to make sure that an app runs well on each device. It’s one of the reasons why Android has severe disadvantages for customers using their device over years. The issue gets thornier if you look at the OS versions Android devices are running today. Many of them are still running Gingerbread (2.3), a version launched 4 years ago!
In contrast to Android about 91% of iOS devices are running the latest version (7.x) and it’s most likely that a significant percentage of devices will be updated to iOS 8 on the first day of its launch.

It’s a vicious circle to always buy a new (subsidized) device to get the latest OS version. Fragmentation is what developers and customers don’t like because it hampers a unique user experience and needs additional efforts. This might be one of the reasons why iOS is still the preferred platform for developing powerful apps.

Apple wants a perfect user experience for most of it’s loyal customers and developers are supported by the iOS feature ‘Size Classes’ with which Apple said Goodbye to an increasing complexity of code needed to support sizes like 3.5″ (iPhone 4), 4.0″ (iPhone 5), 4.7″ and 5.5″ (iPhone 6), 7.9″ (iPad Mini), and 9.7″ (iPad). Google with its Android OS is still faced with a lot of different form factors and it seems to be an impossible task for developers to ensure a perfect user interface and user experience on all devices.

Summary …

Security isn’t what Apple is just talking about like many other companies.
Today security is strongly related to updated applications and operating systems.

Apple reported that nearly half of the users installed the latest version of the mobile operating system less than a week after its introduction on Sept 17, 2014. The company said 46 percent are using iOS 8 as of Monday, with slightly more (49 percent) using the previous generation of software.

This is an adoption process happening nearly with the speed of light if you compare it with the competitors.

Related links …

Security made by Apple

2-Step Verification

Android Fragmentation

Interested in creating mind maps and concept maps?
See an app review of the app Inspiration here

Inspiration

Thanks for flying with iNotes4You.








Follow

Get every new post delivered to your Inbox.

Join 1,639 other followers

%d bloggers like this: