Android

US Government Pushed Many Tech Firms To Hand Over Source Code (zdnet.com) 151

An anonymous reader writes: Apple isn't the only company that has been asked to hand over the source code of its operating system. In an effort to find security flaws that could be used for surveillance or investigations, the U.S. government has made numerous attempts to obtain the source code from other tech companies. From the ZDNet report, "The government has demanded source code in civil cases filed under seal but also by seeking clandestine rulings authorized under the secretive Foreign Intelligence Surveillance Act (FISA), a person with direct knowledge of these demands told ZDNet. The Justice Department wanted to draw outrage, painting Apple as the criminal. With these hearings held in secret and away from the public gaze, the person said that the tech companies hit by these demands are losing 'most of the time.'"
Encryption

Apple Employees, If Ordered To Unlock iPhone, Might Quit (nytimes.com) 417

An anonymous reader quotes an NYTimes article: Apple employees are already discussing what they will do if ordered to help law enforcement authorities. Some say they may balk at the work, while others may even quit their high-paying jobs rather than undermine the security of the software they have already created, according to more than a half-dozen current and former Apple employees. [...] The employees' concerns also provide insight into a company culture that despite the trappings of Silicon Valley wealth still views the world through the decades-old, anti-establishment prism of its co-founders Steven P. Jobs and Steve Wozniak. [...] The fear of losing a paycheck may not have much of an impact on security engineers whose skills are in high demand. Indeed, hiring them could be a badge of honor among other tech companies that share Apple's skepticism of the government's intentions.
AI

Facebook's Messenger Bot Store Could Be Most Important Launch Since App Store (techcrunch.com) 60

An anonymous reader writes from an opinionated article on TechCrunch by Tom Hadfield: If Facebook announces the "Messenger Bot Store" at F8, as many predict, it would be arguably the most consequential event for the tech industry since Apple announced the App Store and iPhone SDK in March 2008. Today, Facebook Messenger has 800 million monthly active users -- more than 100 times the number of iPhone owners when Apple launched the App Store. In January, TechCrunch first reported rumors of Facebook's secret Chat SDK for building Messenger bots. If and when Facebook announces a Bot Store, it will mark the "end of the beginning" of a new era: messaging as a platform. Over the summer, The Information broke the news that AI-powered Facebook M would enable Messenger users to make purchases, restaurant reservations, and travel bookings within the messaging interface. A Messenger Bot Store would have far-reaching consequences not only for entrepreneurs and investors, but also developers and designers. Sam Lessin, the CEO of Fin, says the rise of chat-based user interfaces will mark "a fundamental shift that is going to change the types of applications that get developed and the style of service development." For a time, bots were perceived to be plain-text exchanges and as such were often described as "invisible apps." As Jonathan Libov at USV points out, "just because the container is a messenger doesn't mean that all the apps inside are text-based." Tomaz Stolfa says there is "unexplored potential in blending conversational interfaces with rich graphical UI elements." If 800 million Facebook users start discovering bots in Messenger after F8, it will vindicate those who have been saying bots are the new apps.
Cloud

Apple Stores iCloud Data With Google (crn.com) 49

An anonymous reader writes: Alphabet's Google has quietly scored a major coup in its campaign to become an enterprise cloud computing powerhouse, landing Apple as a customer for the Google Cloud Platform, multiple sources with knowledge of the matter told CRN this week. Previously, Apple had acknowledge using Amazon Web Services (AWS) and Microsoft Azure's rival cloud computing platforms in addition to its own data centers. None of the services would have access to iCloud users' records. "The iCloud information is not at risk of being breached or otherwise observed by the ultimate owners of the platforms it resides on because of the very heavy encryption and partitioning technologies used," commended Chris Green, a tech expert at the consultancy Lewis. CRN has mentioned the agreement between the two companies was done late last year.
Encryption

Tim Cook Talks About Encryption, Right to Privacy, Public Safety, and DOJ (time.com) 135

TIME reporters sat down with Apple CEO, Tim Cook, to talk about encryption, public safety, and right to privacy among other subjects. The wide-ranging interview captures Cook's discomfort with how his company has been treated by the Department of Justice. Following are some interesting excerpts from the interview: The thing that is different to me about Messages versus your banking institution is, the part of you doing business with the bank, they need to record what you deposited, what your withdrawals are, what your checks that have cleared. So they need all of this information. That content they need to possess, because they report it back to you. That's the business they're in. Take the message. My business is not reading your messages. I don't have a business doing that. And it's against my values to do that. I don't want to read your private stuff. So I'm just the guy toting your mail over. That's what I'm doing. So if I'm expected to keep your messages, and everybody else's, then there should be a law that says, you need to keep all of these. [...] Law enforcement should not be whining about iPhones; it should be rolling around in all the other free information that criminals and terrorists are spewing through social networks and Nest thermostats, surveillance cameras and Hello Barbies. [...] Going dark -- this is a crock. No one's going dark.
IOS

The Law Is Clear: the FBI Cannot Make Apple Rewrite Its OS (backchannel.com) 367

An anonymous reader cites a post by Susan Crawford, Harvard Law Professor and former Obama Special Assistant: From her column at Backchannel, "Barack Obama has a fine legal mind. But he may not have been using it when he talked about encryption last week. [...] The problem for the president is that when it comes to the specific battle going on right now between Apple and the FBI, the law is clear: twenty years ago, Congress passed a statute, the Communications Assistance for Law Enforcement Act (CALEA) that does not allow the government to tell manufacturers how to design or configure a phone or software used by that phone -- including security software used by that phone.
Security

Researchers Find iOS Malware That Infects Non-Jailbroken Devices (paloaltonetworks.com) 39

An anonymous reader writes: Researchers at Palo Alto Networks are reporting about a new iOS malware that could infect non-jailbroken devices without a user's consent. Dubbed "AceDeceiver," the iOS malware exploits a flaw in Apple's DRM software. The researchers claim that the iOS malware could technically infect any type of iOS device, provided a user downloads a third-party app. From the blog post on Palo Alto Networks' website, "AceDeceiver is the first iOS malware we've seen that abuses certain design flaws in Apple's DRM protection mechanism -- namely FairPlay -- to install malicious apps on iOS devices regardless of whether they are jailbroken. This technique is called "FairPlay Man-In-The-Middle (MITM)" and has been used since 2013 to spread pirated iOS apps, but this is the first time we've seen it used to spread malware." The aforementioned malware required users to download a compromised Windows application. Apple has removed three offending apps from the App Store, and it appears that only users in China were targetted.
Democrats

Apple Files Final Response In San Bernardino iPhone Case (reuters.com) 250

An anonymous reader writes: In its final briefing before a court showdown next week, Apple said, "The court must consider the national debate surrounding the issue of mandating a backdoor or the dangers to the security and privacy of millions of citizens. According to Apple, the government also believes the courts can order private parties "to do virtually anything the Justice Department and FBI can dream up. The Founders would be appalled." In response to the government, Apple said, "the catastrophic security implications of that threat only highlight the government's fundamental misunderstanding or reckless disregard of the technology at issue and the security risks implicated by its suggestion." According to TechCrunch, Apple made an interesting change in its strategy in the court on Tuesday. From its article, "The tone of today's filing and subsequent call was much more cold and precise. Apple got some time to consider the best way to respond and went with dissecting the FBI's technical arguments in a series of precise testimonies by its experts. Where the FBI filing last week relied on invective, Apple's this week relies on poking holes in critical sections of the FBI's technical narrative." Edward Snowden also made a remark about the hearing. He tweeted, "Today I learned that "#Apple has way better lawyers than the DOJ."
Blackberry

What Apple Can Learn From BlackBerry Not To Do (informationweek.com) 150

dkatana writes: There is no shortage of news about the fight between Apple and the Justice Department to unlock the iPhone of a suspect in the San Bernardino, Calif., terrorist case. Apple can take a page from the fight BlackBerry had back in 2010 with some governments in the Middle East and Asia. At that time -- afraid to lose a lucrative business -- RIM [gave] in and allowed those governments to access its secure BBM (BlackBerry Messenger) service. The rest is history. If Apple complies with the Justice Department request, according to Craig Federighi, senior VP of software engineering at Apple, "[This software -- which law enforcement has conceded it wants to apply to many iPhones --] would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all."
IOS

DOJ Threatens To Seize iOS Source Code (idownloadblog.com) 596

An anonymous reader writes from an article posted on iDownloadBlog: The DoJ is demanding that Apple create a special version of iOS with removed security features that would permit the FBI to run brute-force passcode attempts on the San Bernardino shooter's iPhone 5c. Meanwhile, President Barack Obama has made public where he stands on the Apple vs. FBI case, which has quickly become a heated national debate. In the court papers, DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state." Footnote Nine of DoJ's filing reads:

"For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."

As Fortune's Philip-Elmer DeWitt rightfully pointed out, that's a classic police threat. "We can do this [the] easy way or the hard way. Give us the little thing we're asking for -- a way to bypass your security software -- or we'll take [the] whole thing: your crown jewels and the royal seal too," DeWitt wrote. "With Apple's source code, the FBI could, in theory, create its own version of iOS with the security features stripped out. Stamped with Apple's electronic signature, the Bureau's versions of iOS could pass for the real thing," he added.

Software

Major Browsers Add Experimental Support For WebAssembly (thestack.com) 118

An anonymous reader writes: Four major web browsers have announced support for the near-native compiling technology WebAssembly, and collaborated to bring an initial common game demo of Angry Bots, running via Unity and WebAssembly, to experimental builds of Chrome, Firefox, Microsoft Edge and, shortly, Safari. WebAssembly was launched last year in a joint project between Microsoft, Mozilla, Apple and Google as a potentially more efficient route to assembly-level performance than asm.js, which is in itself a low-level subset of JavaScript.
Desktops (Apple)

Typosquatters Running .om Domain Scam To Push Mac Malware (threatpost.com) 64

msm1267 writes from an article on Threatpost: Typosquatters are targeting Apple computer users with malware in a recent campaign that snares clumsy web surfers who mistakenly type .om instead of .com when surfing the web. According to Endgame security researchers, the top level domain for Middle Eastern country Oman (.om) is being exploited by typosquatters who have registered more than 300 domain names with the .om suffix for U.S. companies and services such as Citibank, Dell, Macys and Gmail. Endgame made the discovery last week and reports that several groups are behind the typosquatter campaigns. Mac OS X users are being singled out in this typosquatting campaign with malware. According to Endgame, when a Mac user stumbles on one of the typosquatters' webpages, a fake Adobe Flash update pops up and attempts to trick users to install the advertising component called Genieo. Endgame suspects that typosquatters are exploiting a hole in Oman's domain name registration process. When Endgame tried to register a domain it was asked to verify that it had the authority to registrar a specific commercial domain. "It's unclear how typosquatters were able to register so many domains in such a short period of time," Endgame said.
Desktops (Apple)

Sorry, Indie Devs -- Pop Apps Are the Future of App Store (imore.com) 103

An anonymous reader points us to an opinion piece by Apple blogger Rene Ritchie on the dim prospects for indie app developers, in the face of mass-market, big-name competition. From his piece: Big apps get all the attention these days, just like big movie, music, or book releases and indies get what little is left, when there's even a little left. The App Store is big business, and that's how big business works. [...] Apple could use its considerable power and influence to help shape the App Store economy into one more hospitable to indie developers. After all, those are the apps I love and the ones that dominate my home screens. But the truth is, even if Apple gave indie developers everything they wanted, it wouldn't matter much over the long term. It may help a few for a while, and a very few for a while longer, but the app economy and apps themselves are evolving. Brent Simmons has offered his opinion on the matter. He writes, The Mac has for a long time been overlooked -- first because Windows was so huge, and then web apps, and now iOS. For my entire career people have said that the Mac is a bad bet, that it's dumb to write Mac apps. [...] There was never a golden age for indie iOS developers. It was easier earlier on, but it was never golden. (Yes, some people made money, and some are today. I don't mean that there were zero successes.) And there's a good chance that many of the people you currently think of as thriving iOS indie developers are making money in other ways: contracting, podcast ads, Mac apps, etc.
Facebook

WhatsApp Encryption Said To Stymie Wiretap Order (nytimes.com) 56

bsharma writes from an article on the New York Times: WhatsApp, which is owned by Facebook, allows customers to send messages and make phone calls over the Internet. In the last year, the company has been adding encryption to those conversations, making it impossible for the Justice Department to read or eavesdrop, even with a judge's wiretap order. [As recently as this past week, officials said,] the Justice Department was discussing how to proceed in a continuing criminal investigation in which a federal judge had approved a wiretap, but investigators were stymied by WhatsApp's encryption. (WhatsApp uses Signal software developed by Open Whisper Systems.) "WhatsApp cannot provide information we do not have," the company said this month when Brazilian police arrested a Facebook executive after the company failed to turn over information about a customer who was the subject of a drug trafficking investigation. "The F.B.I. and the Justice Department are just choosing the exact circumstance to pick the fight that looks the best for them," said Peter Eckersley, the chief computer scientist at the Electronic Frontier Foundation, a nonprofit group that focuses on digital rights. "They're waiting for the case that makes the demand look reasonable."
Education

Amazon Working On Education Platform To Offer Free Learning Materials (techcrunch.com) 20

An anonymous reader writes: E-commerce giant Amazon is planning to launch a new education platform which would enable educators to upload, manage, share, and discover open education resources. Earlier this month, the company quietly opened an Amazon Education Wait List to allow educators to be alerted about the availability of the platform. The website currently reads, "The future of education is open. Someday soon, educators everywhere will have free and unlimited access to first-class course materials from a revolutionary platform. Get on the wait list to be notified when the platform is available for all schools and classrooms!" The webpage, do note, could be related to some other project. This isn't the first time Amazon has shown interest in the education sector. In 2013, it acquired TenMarks, a company that offers mathematics learning materials. Amazon, which lets you purchase or rent books for Kindle, is also a major name in the publishing world. Over the years, Apple, Google, and Microsoft have also become increasingly interested in seeing their hardware and software in classrooms.
Data Storage

Intel's Optane SSD Compatible With NVMe; Could Boost MacBook Storage Speeds By 1000x 76

More details have emerged about Intel's Optane, a new kind of memory and SSD that utilizes 3D Xpoint. The upcoming 3D Xpoint technology, which is supposedly 10 times denser than DRAM and 1,000 times faster than flash storage, will be compatible with NVMe, a storage protocol that allows an SSD to make effective use of a high-speed PCIe. Several MacBook Pro models already support NVMe technology. Apple is often among the first companies to adopt emerging standards and technologies, which has led many to believe that the Cupertino-based company might leverage Intel's Optane solid state drives for super fast performance speeds in its next batch of laptops. Apple is expected to announce the refreshed MacBook lineup sporting Intel Skylake processor later this year.
Iphone

Obama: Government Can't Let Smartphones Be 'Black Boxes' (bloomberg.com) 546

JoeyRox writes: President Obama said Friday that smartphones -- like the iPhone the FBI is trying to force Apple to help it hack -- can't be allowed to be "black boxes," inaccessible to the government. He believes technology companies should work with the government on encryption rather than leaving the issue for Congress to decide. He went on to say, "If your argument is strong encryption no matter what, and we can and should create black boxes, that I think does not strike the kind of balance we have lived with for 200, 300 years, and it's fetishizing our phones above every other value." Obama's appearance on Friday at the event known as SXSW, the first by a sitting president, comes as the FBI tries to force Apple to help investigators access an iPhone used by one of the assailants in December's deadly San Bernardino, California, terror attack. "The question we now have to ask is, if technologically it is possible to make an impenetrable device or system, where the encryption is so strong there's no key, there's no door at all, then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?" Obama said. "If in fact you can't crack that at all, government can't get in, then everybody's walking around with a Swiss bank account in their pocket." He said compromise is possible and the technology industry must help design it.
Encryption

Skype Co-Founder Launches End-To-End Encrypted 'Wire' App (reuters.com) 52

An anonymous reader writes: A group of former Skype technologists, backed by the co-founder of the messaging platform, has introduced a new version of its own messaging service that promises end-to-end encryption for all conversations, including by video. Wire, a 50-person start-up mostly made up of engineers, is stepping into a global political debate over encryption that pits privacy against security advocates, epitomized by the standoff between the U.S. government and Apple. Wire, which is headquartered in Switzerland and Germany, two of the most privacy-friendly countries in the world, relays communications through its network of cloud computers where user communications are stored, in encrypted form, on their own devices. It delivers privacy protections that are always on, even when callers use multiple devices, such as a phone or desktop PC simultaneously. For voice and video calls, Wire uses the same DTLS and SRTP encryption standards found in the peer-to-peer WebRTC protocol. Rivals such as Facebook's Messenger and WhatsApp or Telegram offer encryption on only parts of a message's journey or for a specific set of services, the company said. "Everything is end-to-end encrypted: That means voice and video calls, texts, pictures, graphics -- all the content you can send," Wire Executive Chairman Janus Friis told Reuters.
IOS

Apple Might Be Forced to Hand Over iOS Source Code to the FBI (theguardian.com) 273

Bruce66423 writes: In its latest filing, the FBI implies that, if the burden on Apple programmers of their alternative approach is too great, then Apple should release the whole source code to the FBI to allow them to do the work, quoting the precedent of the Lavabit confrontation. Clearly it is time for Apple to move offshore!? To recall, Lavabit abruptly shut down in 2013 when the FBI attempted to get the company to hand over the encryption keys for its secure email service. While the current situation seems to put Apple in the same ballpark as Lavabit, what gives the Cupertino-giant company an advantage is the immense support it is receiving from other Silicon Valley companies and personnel. Many believe that the FBI doesn't really need Apple's help in unlocking the iPhone. Reports claim that the iPhone in question already has a "backdoor" which could allow the government-backed institution to access the data on the smartphone. Other widely reported theories include cracking the iPhone and manipulating the innards to trick the system into spilling out all the information. One proposed method, which requires the phone's NAND flash chip to be taken out, may not work, though. Daniel Kahn Gillmor, a technology fellow with the ACLU's Speech, Privacy and Technology Project, pointed out the risks in playing with flash memory. He said that an error in removing the memory could make the data unreadable forever.
Iphone

Apple Announces 'Let Us Loop You In' Event For March 21st (theverge.com) 66

An anonymous reader writes: The official Apple Events page has been updated in advance of the newly announced media event. Invitations were sent out earlier Thursday inviting members of the press to "let us loop you in." The event will be streamed using Apple's HTTP Live Streaming technology and will require an iPhone, iPad or iPod Touch running iOS 7.0 or later. The company is expected to announce a new, smaller iPhone SE, that will be the same size as the iPhone 5 but with improved specs like a A9 processor and 8-megapixel rear camera. In addition, Apple is expected to announce a new, smaller iPad Pro. It is rumored to feature a 9.7" display and a Smart Connector to support Smart Keyboard -- it may even be compatible with the Apple Pencil. We can expect some kind of update for the Apple Watch, most likely new Apple Watch bands. A black version of the Milanese Loop may be in the works to match the Space Black Apple Watch. Of course, Apple will talk encryption as the event is scheduled one day before the next hearing between Apple and the FBI on March 22. Apple may surprise us with new MacBooks or OS X updates but we will most likely have to wait until Apple's developer conference in June.

Slashdot Top Deals