Apple’s iCloud attacked by state-sanctioned hackers in China: reportLINKS
- Hackers in China have reportedly staged 'a man-in-the-middle attack’ against iCloud in which they position themselves between users and servers to steal messages, photos and contacts.
By: Tim Culpan Bloomberg, Published on Tue Oct 21 2014
TAIPEI — Apple Inc.’s iCloud service in China was attacked by government-backed hackers, according to Greatfire.org, which monitors Internet censorship in the country.
A man-in-the-middle attack, where hackers position themselves between users and computer servers, was conducted by Chinese authorities, Greatfire wrote in a blog post. Not all users in China are affected because the attack is only staged against one of multiple Internet protocol addresses used by iCloud, it said.
“Apple is deeply committed to protecting our customers’ privacy and security,” Trudy Muller, an Apple spokeswoman, said Tuesday. She declined to comment on Greatfire’s report that the attack was conducted by China-backed hackers.
China’s State Council Information Office didn’t immediately respond to a faxed request for comment.
This week’s attack, aimed at gaining usernames and passwords, is at least the second that Greatfire has outlined in the past month by which China utilizes a man-in-the-middle strategy against Western websites. Facebook Inc.’s Instagram was blocked last month while Chinese messaging services including Tencent Holdings Ltd.’s WeChat are also controlled.
Successful implementation of the iCloud attack would allow access to data including messages, photos and contacts, Greatfire said. Customers should take note of security warnings, use a trusted browser and enable two-step verification to mitigate the threat, Greatfire said.
“If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by the Chinese authorities,” Greatfire said.
Muller said in her statement that the company is “aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously.” She referred users to a company website that detail how people can verify that their browser is securely connected to iCloud. The website advises consumers to “never enter their Apple ID or password into a website that presents a certificate warning.”
In August, Apple said it will shift user data onto servers run by China Telecom Corp., with the information to be encrypted. The latest iPhones gained approval for sale in China last month after Apple agreed to improve user security and privacy. Apple subsequently said pre-orders set a record in the country. The devices debuted in China on Oct. 17.
In May, U.S. prosecutors announced the indictments of five Chinese military officers for allegedly hacking into the computers of American companies, escalating tensions between the countries about cyber-security.
Apple last month said it will add new security features to iCloud after the accounts of celebrities using its services were hacked and photographs of them were posted on the Internet. The Cupertino, California-based company said people will receive e- mails and other alerts on their iPhones and iPads if an effort is made to change a password, log in from a new device or restore files.
I picked up a Macbook Pro a few months ago...
Tattoos disrupt Apple Watch features, users say- http://www.cbc.ca/news/technology/tattoos-disrupt-apple-watch-features-users-say-1.3055388 (http://www.cbc.ca/news/technology/tattoos-disrupt-apple-watch-features-users-say-1.3055388)
Matt Siegel, Thomson Reuters | Posted: Apr 30, 2015 10:56 AM ET
Early adopters of the Apple Watch, Apple Inc's first new product in five years, are complaining that a number of its key functions are disrupted by their tattoos.
Owners of Apple Watch - including this reporter, who bought a 42mm version with stainless steel case and black classic buckle for $1,029 Australian ($978 Cdn) — have found that their inked skin confuses the sensors on the underside of the device.
Users of the watch, which went on sale last week, took to social media on Thursday under the hashtag #tattoogate to air their frustration with the flaw from Apple's renowned design house.
One anonymous user on Reddit, an entertainment, social networking, and user-generated news website, said the device's locking mechanism, which should disengage when the watch detects it is being worn, failed to work on decorated skin.
"My hand isn't tattooed and the Watch stayed unlocked. Once I put it back on the area that is tattooed with black ink, the watch would automatically lock again," the user wrote.
This Reuters reporter, who has a black tattoo on his left arm, also found that the watch locks on tattooed skin and does not deliver the soft pings that alert a user to incoming messages. The heart rate readings were also significantly different on the tattooed and untattooed wrists.
An Apple support article says the watch uses green LED lights paired with light-sensitive photodiodes to detect the amount of blood flowing through the wrist and calculate the frequency of heart beats.
A website support page from the company says tattoos can interfere with readings from the heart rate monitor, but does not mention interference with other functions.
"Permanent or temporary changes to your skin, such as some tattoos, can also impact heart rate sensor performance. The ink, pattern, and saturation of some tattoos can block light from the sensor, making it difficult to get reliable readings," it said.
A spokesman for Apple in Sydney declined to comment on Thursday, but three Apple employees at its flagship Sydney store, including a senior advisor from its tech support line, said they were unaware of any issue.
"To be honest, you're my first caller about the Apple Watch at all," the senior advisor told Reuters.
Flaw slows rollout
The tattoo issue follows a report in the Wall Street Journal on Wednesday that some taptic engines, which produce the sensation of being tapped on the wrist, started to break down over time, a flaw that was slowing the rollout of the item.
The report said the problem had been detected in some of the parts supplied by AAC Technologies Holdings Inc, based in Shenzhen, China. Shares in AAC Technologies dropped 8 percent on Thursday morning after the report. The company did not respond to requests for comment.
A Taipei-based technology analyst, who is in regular contact with AAC, said he was not aware of the tattoo problem, but did not expect it would have a significant impact on production.
"We have been hearing suppliers encountering some bottleneck issues for Apple Watch's production such as problems with its displays, haptics or assembly," he told Reuters, adding that those issues were quite common for new products.