New iOS 10.3.1 to Address Wi-Fi Vulnerability

Just one week after releasing iOS 10.3, a major update that included Apple Filesystem and Find My AirPods, Apple has released iOS 10.3.1, which appears to be a minor update to address bugs and other issues that have popped up since the release of iOS 10.3.

iOS 10.3.1 is available as a free over-the-air update for all iOS 10 users, and it can also be downloaded via iTunes.

iOS 10.3.1

According to Apple’s release notes, iOS 10.3.1 includes bug fixes and improves the security of your iPhone or iPad, and a security document suggests it fixes a Wi-Fi-related vulnerability. The release notes do not go into more detail about what bug fixes might be bundled into this release, so we’ll update this post if and when we learn more about the content of the iOS 10.3.1 update.

Facial Recognition Feature on Galaxy S8 Bypassed Using Just a Photo

The security of the facial recognition feature on Samsung’s new Galaxy S8 smartphone has come into question, after a video was shared online that appears to show one of the handsets being unlocked by waving a photo of the user’s face in front of the camera.

The YouTube video embedded below, recorded at the S8 launch event, shows the registered user of the device presenting a picture of himself to the phone’s front-facing camera. After a couple of attempts, the phone recognizes the close-up selfie as the user’s face, and the lock screen is subsequently bypassed.

Last month it was reported that Samsung Continue reading Facial Recognition Feature on Galaxy S8 Bypassed Using Just a Photo

Symantec Defends Its CA

Since the post published by Ryan Sleevi from Google team, it has been viral over internet, and Symantec has quickly responded to Google.

Below are the full statement from Symantec.

At Symantec, we are proud to be one of the world’s leading certificate authorities. We strongly object to the action Google has taken to target Symantec SSL/TLS certificates in the Chrome browser. This action was unexpected, and we believe the blog post was irresponsible. We hope it was not calculated to create uncertainty and doubt within the Internet community about our SSL/TLS certificates.

Google’s statements about our issuance practices and the scope of our past mis-issuances are exaggerated and misleading.  For example, Google’s claim that we have mis-issued 30,000 SSL/TLS certificates is not true. In the event Google is referring to, 127 certificates – not 30,000 – were identified as mis-issued, and they resulted in no consumer harm. We have taken extensive remediation measures to correct this situation, immediately terminated the involved partner’s appointment as a registration authority (RA), and in a move to strengthen the trust of Symantec-issued SSL/TLS certificates, announced the discontinuation of our RA program. This control enhancement is an important move that other public certificate authorities (CAs) have not yet followed.

While all major CAs have experienced SSL/TLS certificate mis-issuance events, Google has singled out the Symantec Certificate Authority in its proposal even though the mis-issuance event identified in Google’s blog post involved several CAs.

Continue reading Symantec Defends Its CA

Earn & Save Money Tips & Tricks

%d bloggers like this: