Tag Archives: Mac

What You Need To Know About The iMessage Security Flaw

With everything that’s gone down in 2016 it’s easy to forget Tim Cook’s and Apple’s battle with the FBI over data encryption laws. Apple took a strong stance though, and other tech giants followed suite leading to a victory of sorts for (the little guy in) online privacy. In this era of web exposure, it was a step in the right direction for those who feel our online identities are increasingly vulnerable on the web.

All of this stands for little though when a security flaw in your operating system allows carefully encrypted messages to be effectively decrypted offline. That’s what happened to Apple with its iOS 9.2 operating system. Though the patches that ensued largely fixed the problem, the whole issue has understandably left iOS users with questions. What really happened and are we at immediate risk?

What Is The iMessage Security Flaw?

A paper released in March by researchers at John Hopkins University exposed weaknesses in Apple’s iMessage encryption protocol. It was found that a determined hacker could intercept the encrypted messages between two iPhones and reveal the 64-digit key used to decrypt the messages.

As iMessage doesn’t use a Message Authentication Code (MAC) or authenticated encryption scheme, it’s possible for the raw encryption stream, or “ciphertext” to be tampered with. iMessage instead, uses an ECDSA signature which simulates the functionality. It’s still no easy feat exploiting the security flaw detailed by the researchers. The attacker would ultimately have to predict or know parts of the message they are decrypting in order to substitute these parts in the ciphertext.

Using this method, a hacker can gradually figure out the contents of a message by replacing words. If they figure out, for example, that they have successfully replaced the word “house” in the message for “flat” they know the message contains the word “house”. Knowing whether the substitution has been successful though, is a whole other process which may only be possible with attachment messages.

It may sound simple, but it really isn’t. The full details of the security flaw, and the complex way it can be exploited are detailed in the John Hopkins paper.
The paper includes the recommendation that, in the long run, “Apple should replace the entirety of iMessage with a messaging system that has been properly designed and formally verified.

Are iMessage Users At Immediate Risk?

Despite the recommendation, the answer is no. It is very unlikely. One thing that should be made clear is that these weaknesses were exposed as a result of months of investigation by an expert team of cryptologists. The type of hacker that would take advantage of these weaknesses would undeniably be a sophisticated attacker. That of course doesn’t mean that Apple shouldn’t take great measures to eradicate this vulnerability in their system.

Your messages, though, are not immediately at risk of being decrypted, and much less if you’ve installed the patches that came with iOS 9.3 and OS X 10.11.4 (though they don’t completely fix the problem). Tellingly, the flaws can’t be used to exploit numerous devices at the same time. As already mentioned, the process that was exposed by the John Hopskins paper is incredibly complex and relies on various steps that are by no means easy to complete successfully.

All of this means that it would take a very sophisticated attacker a complex and lengthy process (up to and beyond 70 hours) to decrypt one message. iMessage has a supported base of nearly one billion devices and handles more than 200,000 encrypted messages per second. We’ll let you do the math there but it seems highly unlikely that a hacker would try to exploit this weakness unless they’re trying to uncover very sensitive and important data.

A hacker would most likely carefully vet their target as someone who possesses valuable information that could then be contained within that person’s messages. If a hacker’s investing 70 hours of their time to uncover cat pics, the joke’s really on them.

Could this have any connection with the FBI encryption dispute?

Matthew D. Green, the well-known cryptographer and leader of the John Hopkins research team, has spoken with the Washington Post about the implications of his team’s research. “Even Apple, with all their skills -and they have terrific cryptographers- wasn’t able to quite get this right. So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.

So you’d probably need the resources of say, the FBI, to pull off an attack exploiting the vulnerability exposed in the John Hopkins paper. It seems very unlikely that individuals would be targeted en masse. 2016 has been such a surreal year though, who are we to say what is and isn’t possible?

The post What You Need To Know About The iMessage Security Flaw appeared first on Panda Security Mediacenter.

Apple Macs – more secure, but not invulnerable

pandasecurity-apple-macs-not-invulnerable

Over the years, Apple computers have developed a reputation for exceptional security. In fact, many people believe that Macs are completely invulnerable to malware, like viruses and ransomware.

But in an age where cybercriminals are using increasingly sophisticated attacks to break into computers, Apple owners need to know the truth.

No computer is 100% secure

The first thing to realise is that Apple computers are not completely hack proof. No computer is completely hack proof. It is completely untrue to say that Apple Macs cannot be hacked, or be infected with malware.

In fact, one of the first viruses ever created was targeted at the Apple II computer back in 1982. The virus was relatively harmless – it simply displayed a rather childish poem on screen. But the reality was that the computer’s built-in security had been breached.

More malware followed over the years, each becoming more serious as time went on.

OS X significantly improves security

With the release of OS X in 2001, Apple significantly improved the security of their operating system. The core of the operating system made it much harder for malware to install itself – and it was around this time that Apple began to attract a reputation for being 100% secure – one they did little to dispel.

Interestingly, there has been roughly one significant item of Mac malware released every year since 2004. But the fact that there are less viruses targeting OS X than Windows, helped drive the legend of invulnerability. In most cases the only way to “catch” one of these viruses was to install illegal software from a “warez” website.

Ransomware – a true game-changer

Like its Windows-based relatives, most Mac malware was designed to steal personal information. However these viruses were relatively easy to identify and remove – often before any real damage was caused.

The emergence of ransomware has completely changed the game however. These malware infections encrypt the files stored on your Apple computer so that you can no longer read or use them. The only way to decrypt them is by paying a ransom to the cybercriminal behind the infection.

Eventually the ransomware infection will make all of your files unreadable.

There’s still worse to come

Cybercriminals are also creating new attacks that use a number of different techniques to trick you installing their malware. An infected email may be followed by an official-sounding phone call for instance, encouraging you to download and install an application to assist with internet banking, or to troubleshoot a technical issue.

Hackers are also becoming more patient, sometimes spending days and weeks building trust with their victims, using a technique known as “social engineering”. Which makes these attacks all the more subtle and effective.

Mac anti-virus software is no longer optional

When Mac malware was relatively rare, the chances of your computer becoming infected were slim. Mac malware is becoming more common and sophisticated – so all of your computers need to be protected with a comprehensive security package.

Panda Antivirus help to block malware and ransomware before it can be installed on your computer. It will also help to protect against social engineering attacks – you won’t be able to install dodgy software, even by accident.

To learn more about how to protect your Mac, download a free trial of Panda Mac Antivirus now.

The post Apple Macs – more secure, but not invulnerable appeared first on Panda Security Mediacenter.

Avira Antivirus for Mac scores in AV Comparatives test

Avira Antivirus for Mac – and its development team – got great marks in the latest Mac Security Test & Review from AV Comparatives for its malware stopping ability, easy usability, and fast response to user suggestions.

The post Avira Antivirus for Mac scores in AV Comparatives test appeared first on Avira Blog.

What is ransomware?

Ransomware – it’s the online threat everyone’s talking about. Crypt0L0cker was one of the first on the scene in 2013; and since then, the costs of attacks continue to grow.

As an individual or business owner, you may be wondering just what ransomware is, what kind of risk it poses to you, and how attacks like these can occur.

Here’s the breakdown.

What is ransomware?

Ransomware is a type of malware with the ability to silently encrypt your files, before demanding payment for their return – often with a time limit.

And not only does ransomware target your most valuable files, like photos, documents and spreadsheets, it can also lock down system files to render your web browser, applications, and entire operating system unusable.

Our VirusLab has analyzed many variants of ransomware, including the well-known Crypt0L0cker, Locky, and TeslaCrypt.

But the threat isn’t limited to PCs. Both Android™ mobile devices and Macs can be infected as well.

How does ransomware get on my PC?

Most commonly, ransomware is spread via malicious email links and attachments – often concealed by changing the file extension and compressing the malicious code into a zip file. Opening the file infects your system.

Ransomware can also be bundled into other applications, such as games, video players, etc. So any application from an unknown or untrusted publisher is a potential risk upon installation.

Once on your system, ransomware works in the background, connecting to a remote server to encrypt single files, whole directories of files, or complete drives.

How do I know if my PC is infected?

You’ll see a message pop up demanding payment, which can range from a few hundred to tens of thousands of dollars. Payment must usually be made in some form of anonymous currency, like Bitcoin.

But even if you pay the ransom, there are no guarantees your files will be unlocked.

So naturally, this kind of malware has incredibly serious consequences, particularly for businesses holding sensitive customer information or internal data that’s not securely backed up.

Does AVG protect against ransomware?

It sure does. Both our PRO and FREE versions of PC antivirus provide protection against ransomware. This goes for AVG Business Editions, too.

Our protection is multi-layered. Not only do we check against known malware variants and behavioral patterns in our virus database, we also further test previously unseen files in a secure virtual environment before they are executed on your PC. This is done using artificial intelligence, sophisticated behavioral analysis and various other methods.

And we automatically update it all, so you stay protected.