Why You Should Stop Sending Photos On Apple iMessage

Our smartphones leak our personal information—we all know this. There’s a multi-multi-billion-dollar marketing industry tracking where we go, who we visit and what we buy. Facebook’s warning that a change in Apple’s iOS 14 would slash advertising revenue tells you just how welcome a change this will be for iPhone users when it eventually comes.

Location data is at the heart of this—our sneaky little smartphones know exactly where we are and, given a chance, they’ll happily share with the world.

Apple and (to a lesser extent) Google are now taking steps to provide more protection on what is shared and with who. Again, location sharing is at the heart of this.

https://www.forbes.com/sites/zakdoffman/2020/09/06/apple-iphone-12-ios14-ipad-upgrade-update-imessage-security/

#Apple #iOS #RCS

A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads

Smartphone apps raked in ~$500,000, in part thanks to shilling on TikTok and Instagram

Researchers said that a tip from a child led them to discover aggressive adware and exorbitant prices lurking in iOS and Android smartphone apps with a combined 2.4 million downloads from the App Store and Google Play.

Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active. To prevent users from uninstalling them, the apps hid their icon, making it hard to identify where the ads were coming from. Other apps charged from $2 to $10 and generated revenue of more than $500,000, according to estimates from SensorTower, a smartphone-app intelligence service

The apps came to light after a girl found a profile on TikTok that was promoting what appeared to be an abusive app and reported it to Be Safe Online, a project in the Czech Republic that educates children about online safety. Acting on the tip, researchers from security firm Avast found 11 apps, for devices running both iOS and Android, that were engaged in similar scams.

https://arstechnica.com/information-technology/2020/09/scam-apps-with-2-4-million-downloads-found-on-apple-and-google-shelves/

#scam #kids #adware #Playstore #android #AppStore #iOS #tiktok #instagram

The BEST FOSS iOS Apps

Finding FOSS apps for your Non-Open iOS is an tedious task. Here is an short list of open source apps for iOS which might meet your daily requirements.

📹 Watch it via:
YouTube || Invidious

📱Recommended FOSS apps for iOS:
• Messaging
Signal || Jami || Element || Threema
• Web Browser
DDG Browser || SnowHaze || Onion Browser
• Password Manager
Bitwarden || Keepassium || StrongBox
• Email
Tutanota || ProtonMail || SimpleLogin
• DNS/Firewall
LockDown || DNS Cloak
• 2FA Apps
Tofu || Authenticator
• Video/Audio conferencing
Jami || Element || Jitsi || Mumble

📡 @howtobeprivateonline
#iOS #Alternatives #Privacy #FOSS

iOS uses tracking codes without the users' consent

Third-party providers can track users across different iPhone apps using unique IDs without their consent. noyd has filed two complaints against Apple.

The Austrian NGO noyb ("none of your business") has filed a complaint against Apple for accusations of illegal data collection in Germany and Spain. According to the initiative around data protection activist Max Schrems, the Group uses an identification system comparable to cookies without obtaining the necessary consent from users:inside.

The complaint concerns the so-called Identifier for Advertisers (IDFA) - a unique ID that Apple generates for each iPhone. Third parties can use this ID to track end users through various apps, for example to track purchasing behavior.

The installation or reading of tracking codes should only be possible with the consent of the users, but most of them are unaware of IDFA. The fact that, strictly speaking, these are not cookies is no argument for noyb lawyer Stefano Rossetti: "This very simple rule applies regardless of the tracking technology used. While Apple even plans to block cookies in their browser, they themselves place similar codes in their cell phones without any user consent. This is a clear violation of EU data protection laws".

👀 👉🏼 Translated with DeepL
https://netzpolitik.org/2020/ios-nutzt-tracking-codes-ohne-einwilligung-der-nutzerinnen/

👀 👉🏼 COMPLAINT (PDF)
https://noyb.eu/sites/default/files/2020-11/IDFA_Germany_DEF_Redacted.pdf

#ios #tracking #ngo #noyb #IDFA #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Project Zero Security Blog

A Look at iMessage in iOS 14

https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html

@nogoolag
#projectzero #security #iOS #spiOS #goolag

Safari blocks any website URL containing the word “asian”

On iOS, if you turn on “Limit Adult Website” under Screen Time->Content Restrictions, Safari blocks any website URL containing the word “asian”. Seriously, go try it, it’s unbelievable. I filed a Feeback a long time ago. Nothing changed.

https://nitter.nixnet.services/Stevenpotato/status/1356953980174131200

#ios #safari #asian #blocking
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

https://nitter.42l.fr/Thomasbcn/status/1356645088697454596

#Google #ios #privacy #release

Facebook and Instagram overlays in iOS stoke fears about apps being free of charge

Through grinding teeth, the social media market leader is implementing iOS 14's new privacy requirements. But it can't refrain from a warning finger in the process.

Facebook originally intended to use "educational screens" to reveal details about data usage. Now they seem to be part of a scaremongering campaign. The message: help keep Facebook and Instagram free, and give us access to your data! The hints seem to be a new way to fight back against Apple's tracking protection in iOS 14.5. Meanwhile, the company is enjoying great business, turning over $26.2 billion between January and March alone. The company had already announced that it will expect users to read page-long data protection declarations.

#facebook #DeleteFacebook #instagram #overlays #ios #ad #tracking
📡 @nogoolag 📡 @blackbox_archiv

Social credit systems are here

#apple #ios #iphone #social #credit

#iphone #ios #apple

Best advice: Sell it
Second best advice: Change your settings. Don’t give your permission to track you (it will probably iGnore you though)

Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers - The Citizen Lab – 2023

Based on an analysis of samples shared with us by Microsoft Threat Intelligence, we developed indicators that enabled us to identify at least five civil society victims of QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time.
We also identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware.

The exploit was deployed as a zero-day against iOS versions 14.4 and 14.4.2, and possibly other versions. The suspected exploit, which we call ENDOFDAYS, appears to make use of invisible iCloud calendar invitations sent from the spyware’s operator to victims.

#Quadream #spyware #ENFOFDAYS #Ios #Calendar #Icloud

Dissecting TriangleDB, a Triangulation spyware implant | Securelist – June 2023


Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Often, the process of infecting a device involves launching a chain of different exploits, e.g. for escaping the iMessage sandbox while processing a malicious attachment, and for getting root privileges through a vulnerability in the kernel. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.In 2021, analysis of iTunes backups helped to discover an attachment containing the FORCEDENTRY exploit. However, during post-exploitation, the malicious code downloaded a payload from a remote server that was not accessible at the time of analysis. Consequently, the analysts lost “the ability to follow the exploit.”

#FORCEDENTRY #Ios #TriangleDB

Facebook approached NSO to buy Pegasus spyware capabilities to monitor certain iOS users, according to a statement filed in a court case by the NSO CEO


WhatsApp vs. NSO Group, et al.
4:19-cv-07123-PJH

https://www.documentcloud.org/documents/6824735-Declaration-of-Shalev-Hulio-in-Support-of.html

#Pegasus #NSO #Israel #Facebook #Ios #Apple

Little tool can crash an #iPhone running iOS 17

Security researchers have discovered that iPhones updated to #iOS 17 are susceptible to a Bluetooth attack using a #Flipper Zero device that can crash the phone

https://www.theverge.com/2023/11/3/23944901/apple-iphone-ios-17-flipper-zero-attack-bluetooth

Comments

Kaspersky reveals new method to detect Pegasus spyware | Kaspersky –

Kaspersky's Global Research and Analysis Team (GReAT) has developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as #Pegasus, #Reign, and #Predator through analyzing Shutdown.log, a previously unexplored #forensic artifact.

The company’s experts discovered Pegasus infections leave traces in the unexpected system log, Shutdown.log, stored within any mobile #iOS device’s sysdiagnose archive. This archive retains information from each reboot session, meaning anomalies associated with the Pegasus malware become apparent in the log if an infected user reboots their device.

Among those identified were instances of ”sticky“ processes impeding reboots, particularly those linked to Pegasus, along with infection traces discovered through cybersecurity community observations.

#Pegasus #NSO #Reign #Predador #iOS #Spyware #Malware #Kapersky #MobileForensics #CyberSec

Sweet QuaDreams or Nightmare Before Christmas? Dissecting an iOS 0-Day

Not quite nation states but not quite independent corporations, "private sector offensive actors" (#PSOAs) have become one of the latest sophisticated threats. These companies develop and sell surveillance and intrusion capabilities to governments around the world. While some governments responsibly use the tools to track criminals and terrorists, others instead opt to abuse the tools by spying on journalists, dissidents, or members of their political opposition....

By: Christine Fossaceca , Bill Marczak

Full Abstract and Presentation Materials

Initial post on Quadreams
Total post (5)

#QuaDreams #Ios #ZeroDay #PSAO

How to detect Predator spyware on Phone (iOS) | OneJailbreak - 21/03/2024

Cytrox, a prominent Macedonian cybersecurity firm, gained notoriety in 2021 for its development and dissemination of the Predator spyware targeting iPhones. This sophisticated spyware successfully infiltrated iOS 14.6, the latest OS version at the time, through the utilization of single-click links distributed via the popular messaging platform, WhatsApp. Predator persists after reboot using the iOS automation feature.

- Cytrox (10 posts)
- Predator ( 25 posts)
#Predator #Cytrox #Apple #IoS

iOS LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India

LightSpy possesses modules designed to exfiltrate device information and saved files, including data from popular messenger applications such as QQ, WeChat, and Telegram. It also has a plugin capable of crawling the payment history of the victim from WeChat Pay (Weixin Pay in China). It can additionally access a user’s contacts, SMS messages, phone call history, GPS location, connected WiFi history, and the browser history of Safari and Chrome. This comprehensive set of features can turn a user’s infected phone into a potent spying device.

@androidMalware
#LightSpy #Spyware #India #SouthAsia #Asia #iOS

XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities – Linkedin

XAgent is a spyware targeting iOS devices, representing a mobile implant. Publicly attributed to the group APT28 (also known as Sofacy or Fancy Bear), XAgent is consistent with TTPs of targeting government entities, political organizations, and individuals of interest for cyber espionage purposes.

The XAgent iOS implant exhibits advanced functionalities for comprehensive data collection, exfiltration and potential remote control, aligning with APT28's objectives of gathering intelligence and maintaining persistent access to compromised systems.

Via @androidMalware
#iOS #XAgent #Spyware #Espionage #APT #APT28 #Sofacy #FancyBear

#Apple has been saving all your deleted files and data.
#cloud #ios