Can iOS Activation Lock Be Bypassed?
December 7, 2016 by admin
Filed under Around The Net
Comments Off on Can iOS Activation Lock Be Bypassed?
Two researchers report that they have discovered a way to bypass the activation lock feature in iOS that’s supposed to prevent anyone from using an iPhone or iPad marked as lost by its owner.
The first report came Sunday from an Indian security researcher named Hemanth Joseph, who started investigating possible bypasses after being confronted with a locked iPad he acquired from eBay.
The activation lock gets enabled automatically when users turn on the Find My iPhone feature via iCloud. It links the device to their Apple IDs and prevents anyone else from accessing the device without entering the associated password.
One of the few things allowed from the activation lock screen is connecting the device to a Wi-Fi network, including manually configuring one. Hemanth had the idea of trying to crash the service that enforces the lock screen by entering very long strings of characters in the WPA2-Enterprise username and password fields.
The researcher claims that, after awhile, the screen froze, and he used the iPad smart cover sold by Apple to put the tablet to sleep and then reopen it. This is supposed to restore the state of the tablet from where it was left off, in this case, loading the WPA2 screen again with the long strings of characters filled in.
“After 20-25 seconds the Add Wifi Connection screen crashed to the iPad home screen, thereby bypassing the so-called Find My iPhone Activation Lock,” he said in a blog post.
Hemanth said he reported the issue to Apple on Nov. 4, and the company is investigating it. He tested the bypass on iOS 10.1, which was released on Oct. 24.
Last week, a researcher named Benjamin Kunz Mejri, from German outfit Vulnerability Lab, posted a video showing the same bypass, but on the newer iOS 10.1.1 version.
Kunz Mejri’s method is similar and also involves overflowing the Add Wi-Fi form fields with long strings of characters but also requires rotating the tablet’s screen in order to trigger the crash after the smart cover trick.
Apple has not yet confirmed that issue and did not immediately respond to a request for comment.
Source- http://www.thegurureview.net/mobile-category/researcher-prove-ios-activation-lock-can-be-bypassed.html
Samsung Buys LoopPay
March 5, 2015 by admin
Filed under Around The Net
Comments Off on Samsung Buys LoopPay
Samsung Electronics Co Ltd has acquired U.S. mobile wallet startup LoopPay, signaling its intention to launch a smartphone payments service to compete with rival Apple Inc.
Mobile payments have been slow to catch on in the United States and elsewhere, despite strong backing. Apple, Google, and eBay Inc’s PayPal have all launched services to allow users to pay in stores via smartphones.
The weak uptake is partly because many retailers have been reluctant to adopt the hardware and software infrastructure required for these new mobile payment options to work. These services also fail to offer much more convenience than simply swiping a credit card, Samsung executives said on Wednesday.
LoopPay’s technology differs because it works off existing magnetic-stripe card readers at checkout, changing them into contactless receivers, they said. About 90 percent of checkout counters already support magnetic swiping.
“If you can’t solve the problem of merchant acceptance…, of being able to use the vast majority of your cards, then it can’t really be your wallet,” said David Eun, head of Samsung’s Global Innovation Center.
Injong Rhee, who is leading Samsung’s as-yet-unannounced payments project, said the Asian giant will soon reveal more details of its envisioned service. He would not be drawn on speculation the company may do so during the Mobile World Congress in Barcelona.
He said new phones such as the upcoming, latest Galaxy would support the service.
Apple Pay, launched in September, allows iPhone users to pay at the tap of a button. Executives have lauded its rapid rollout so far, including the fact that more than 2,000 banks now support it and the U.S. government will accept Apple Pay later this year.
But Apple Pay requires retailers to install near-field communication and some have been reluctant. In addition, many retailers such as Wal-Mart Stores Inc and CVS Health Corp, back their own system, CurrentC.
Samsung had invested in LoopPay, along with Visa Inc and Synchrony Financial, before its acquisition. Terms of the deal, which Samsung negotiated over several months, were not disclosed.
It’s unclear how else Samsung could differentiate its service versus Apple’s or other rivals.
Dell Goes Bitcoin
Want to purchase a laptop with bitcoins? Dell is now accepting the digital currency as a form of payment.
Consumer and business shoppers can pay for products directly via bitcoins or through Coinbase, a third-party payment processing company, Dell said.
Buyers can pay for products through Bitcoin wallets or by scanning a QR code with a smartphone.
The volatile Bitcoin has had its share of controversies and exchange shutdowns as the currency matures. Companies like Overstock.com, Newegg, Expedia and some Amazon storefronts accept Bitcoin as a form of payment. But major retailers like Walmart and eBay have not warmed up to the idea. The value of one bitcoin was around $630 as of Friday, according to multiple cryptocurrency website.
There are some advantages to paying via Bitcoin. The form of currency is accepted around the world, and for Dell, the payment-processing cost is less than with credit cards.
But the form of payment has its quirks.
“Due to the nature of the Bitcoin network, once you initiate a Bitcoin transaction you cannot change or cancel it,” Dell said on a terms and conditions page.
Customers could seek refunds in the case of canceled transactions or product returns.
“For a qualifying return of product paid for in Bitcoin, any refund due will be remitted to the purchaser via check in U.S. Dollars for the full amount of the purchase price paid at the time of the original transaction, less any applicable restocking fees,” Dell said.
Insurers Eyeing Cyber Coverage
Insurers are eagerly monitoring exponential growth in the tiny cyber coverage market but their lack of experience and skills handling hackers and data breaches may keep their ambitions in check.
High profile cases of hackers seizing sensitive customer data from companies, such as U.S. retailer Target Corp or e-commerce company eBay Inc, have executives checking their insurance policies.
Increasingly, corporate risk managers are seeing insurance against cyber crime as necessary budget spending rather than just nice to have.
The insurance broking arm of Marsh & McLennan Companies estimates the U.S cyber insurance market was worth $1 billion last year in gross written premiums and could reach as much as $2 billion this year. The European market is currently a fraction of that, at around $150 million, but is growing by 50 to 100 percent annually, according to Marsh.
Those numbers represent a sliver of the overall insurance market, which is growing at a far more sluggish rate. Premiums are set to grow only 2.8 percent this year in inflation-adjusted terms, according to Munich Re, the world’s biggest reinsurer.
The European cyber coverage market could get a big boost from draft EU data protection rules in the works that would force companies to disclose breaches of customer data to them.
“Companies have become aware that the risk of being hacked is unavoidable,” said Andreas Schlayer, responsible for cyber risk insurance at Munich Re. “People are now more aware that hackers can attack and do great damage to central infrastructure, for example in the energy sector.”
Insurers, which have more experience handling risks like hurricanes and fires, are now rushing to gain expertise in cyber technology.
“It is a difficult risk to price by traditional insurance methods as there currently is not statistically significant actuarial data available,” said Robert Parisi, head of cyber products at insurance brokers Marsh.
Andrew Braunbergon, research director at U.S. cybersecurity advisory company NSS Labs, said that some energy companies have trouble persuading insurers to provide them with cyber coverage as the industry is vulnerable to hacking attacks that could trigger disasters like an explosion in a worst-case scenario.
Pricing on policies for retailers has climbed in the wake of recent high-profile breaches at Target, Neiman Marcus, and other merchants, he added.
eBay Expands Mobile Shopping
July 21, 2014 by admin
Filed under Around The Net
Comments Off on eBay Expands Mobile Shopping
Braintree, the payments gateway owned by eBay Inc, is working on removing a hurdle for e-commerce companies by making it easier for customers to directly pay for products on their smart phones.
The company rolled out a set of tools for software developers on Wednesday that allows businesses to deduct payments directly from a customer’s PayPal account.
The developer kit is the first big push from Braintree since it was bought by eBay for $800 million last year to help PayPal, eBay’s payments division, expand its presence on mobile devices.
Eliminating the need for mobile shoppers to type in their credit card details on their phones should help boost sales, Braintree Chief Executive Bill Ready said in an interview.
This is especially critical as consumers spend more time on their smartphones, a trend that is forcing developers to design a “fundamentally different computing experience” for the smaller screen, Ready added.
Braintree processes payments for businesses including car service Uber and online home-rental marketplace Airbnb.
Is Apple Now Copying Google
PC Advisor has been going through Apple’s latest iOS 8 operating system and is finding features which appear to be a direct lift from Google. Of course it has to say that Apple is being brilliant and original about stealing the ideas. After it points out that Apple did not invent the music player but it did steal it better than anyone else.
The top 5 iOS 8 features Apple stole from Android include:
Typing suggestions: Start typing and suggested words will appear letter by letter. Hit the correct word and you save the time it would have taken to type the while word and it is a pretty intelligent selection process.
Okay Google: Hotword detection is also the basis of the Google Now Launcher that shipped with the Nexus 5. As long as your phone is awake, saying ‘Okay Google’ wakes up the voice assistant. In iOS 8 Apple has added something similar in the guise of ‘Hey Siri’, the ability to immediately engage Siri simply via a voice command.
Third-party keyboards: Google has long given Android users the opportunity to explore the world outside its own platform. Apple is allowing the same thing on its system now.
Widgets: Widgets have always been part of Android and Apple finally is letting it happen. Of course Apple is not entirely prepared to let you have full control of your device’s desktop. iOS 8 widgets are small app extensions that take up a spot in the Notification Center. Not as good as Android but better than a poke in the eye with a short stick.
Useful notifications: Android has long allowed developers to add up to two action buttons to a notification. So when the message pops up telling you that you have a message you can reply right from the notification, the relevant app opening as required. Now Apple can do that.
While it is accepted that ideas are copied, at least until one of the sides turns into a Patent Troll, what is strange about Apple is that it markets itself as the innovation hub that others follow. It appears that if this was ever true it is not the case now.
Tizen Announces New Partners
November 25, 2013 by admin
Filed under Smartphones
Comments Off on Tizen Announces New Partners
Samsung and Intel announced on Tuesday that the open source Tizen operating system now has 36 partners, including eBay, Trend Micro and Panasonic.
The full list of new partners was announced at the Tizen Developer Summit, and includes a mix of firms from different sectors. Among the 36 backers are eBay, Nokia’s Here mapping service, Konami, McAfee, Panasonic, Sharp and The Weather Channel, giving us some insights as to what software applications are likely to appear on the Linux based operating system.
Trevor Cornwell, founder and CEO of Appbackr, one of Tizen’s newly added partners, said that his firm found the operating system appealing due to its open nature, perhaps hinting that it is more open than Google’s Android mobile operating system.
He said, “The Tizen OS promises to be the most open and comprehensive software platform available for those companies wishing to target the consumers of connected devices.
“The Association’s commitment to support HTML5 applications, combined with their vision that extends beyond the smartphone and tablet ecosystem to a wider array of other connected device segments, makes it attractive to all types of companies. We look forward to collaborating with the Tizen Association to ensure that all stakeholders can contribute to the development of a platform for this growing market opportunity.”
It’s still unclear when Samsung’s first Tizen powered smartphone will make it to market, but online speculation suggests we’ll be seeing the firm’s debut Android challenging smartphone at some point in 2014.
Further speculation suggests that Samsung’s first Tizen phone will be an updated version of the Galaxy S4, possibly to reduce its reliance on Android.
PayPal Extend Bug Bounty
PayPal is expanding its bug bounty program to individuals aged 14 and older, a move intended to reward younger researchers who are technically ineligible to hold full-fledged PayPal accounts.
PayPal’s program, which is a year old this month, only applied to those 18 years and older. Under the old rule, participants in the program were required to hold valid accounts, which excluded minors, said Gus Anagnos, PayPal’s director of information security.
In May, 17-year-old Robert Kugler, a student in Germany, said he’d been denied a reward for finding a vulnerability. PayPal said the bug had already been found by two other researchers, which would have made Kugler ineligible for bounty.
In an apparent miscommunication, Kugler said he was initially told he was too young rather than the bug had already been discovered. Nonetheless, PayPal said it would look to bring younger people into its program, which pays upwards of $10,000 for remote code execution bugs on its websites.
Those who are under 18 years old can receive a bug bounty payment through a PayPal student account, an arrangement where a minor can receive payments via their parent’s account, Anagnos said.
Anagnos said other terms and conditions have been modified to make its program more transparent, such as clarifying which PayPal subsidiaries and partner sites qualify for the program.
PayPal pays much less for vulnerabilities on partner websites, which have a URL form of “www.paypal-__.com.” A remote execution bug found on that kind of site garners only $1,500 rather than up to $10,000 on the company’s main sites.
Like other bug bounty programs run by companies such as Microsoft and Google, PayPal will publicly recognize researchers on its website with a “Wall of Fame” for the top 10 researchers in a quarter. Another “honorable mention” page lists anyone who submitted a valid bug for the quarter.
Eusebiu Blindu, a testing consultant from Romania, was one of the researchers listed on the Wall of Fame for the first quarter of this year.
“I think Paypal is the best bug bounty program, and I am glad I participated in it from the first days of its launching,” he wrote on his blog.
Is E-Commerce Next For Facebook?
April 13, 2012 by admin
Filed under Around The Net
Comments Off on Is E-Commerce Next For Facebook?
A group of e-commerce start-ups, backed by some of the tech world’s most respected financiers, are hoping that Facebook Inc will become an e-commerce powerhouse to rival Amazon.com Inc and eBay Inc.
As the world’s largest social network moves toward a $5 billion initial public offering, it will come under more pressure from Wall Street to generate new sources of profit growth and reduce its reliance on advertising, which accounted for 85 percent of its 2011 revenue.
Some entrepreneurs and investors increasingly think “f-commerce” – meaning e-commerce on Facebook – is the answer. Start-ups such as BeachMint, Yardsellr, Oodle and Fab.com are coming up with novel ways to persuade Facebook users to not just connect with friends on the social network, but to shop as well.
Backed by tens of millions of dollars from venture capital firms like Accel Partners and Andreessen Horowitz, and other big investors like Goldman Sachs, these start-ups are pushing out shopping apps, hosting online garage sales and testing out new business models on Facebook.
“E-commerce is a huge category with very strong tailwinds and it’s a natural move for Facebook,” said Sam Schwerin of Millennium Technology Value Partners, which owns Facebook shares and has a stake in BeachMint.
Amazon revolutionized online shopping by crunching lots of customer and purchase data to come up with relevant, personalized recommendations. In the same vein, Facebook’s combination of data, analytics and payment technology could fuel the next generation of e-commerce, Schwerin said.
PayPal Wooing SMB’s With Payments Service
March 23, 2012 by admin
Filed under Around The Net
Comments Off on PayPal Wooing SMB’s With Payments Service
PayPal is focusing on small businesses, service providers, and casual sellers on the move with its new PayPal Here service which allows vendors to process a variety of payments including checks and cards using their mobile phones.
The new service unveiled Thursday includes a free app and encrypted thumb-sized card reader, which allows merchants with an iPhone, and later Android smartphones, to process payments.
Merchants can accept payments by swiping cards in the card reader, scanning cards and checks using their phone cameras, or by entering card information manually into the app, the eBay unit said. They can also send an invoice and set payment terms, and accept PayPal payments from the app. The check facility is however only available in the U.S.
An iPhone version of the card reader and merchant app is available from Thursday to select merchants in the U.S., Canada, Australia and Hong Kong, with general availability in those countries scheduled for April. PayPal also plans to have an Android version of the merchant app by then. It will announce the availability of the service in more countries soon, it said.
Merchants pay a flat rate of 2.7 percent for card swipes and PayPal payments, while checks will be processed free of charge. Scanning of cards or typing the card information will be charged extra. PayPal Here merchants will also receive a business debit card for access to cash and 1 percent cash-back on eligible purchases.
PayPal will be competing with mobile payment systems from other providers such as Square and Intuit.
The key differentiator for PayPal Here in comparison to other small business mobile payment services is that it comes from a trusted brand in the online payments industry, with more than 100 million customers globally, David Marcus, vice president of mobile at PayPal said in a blog post.