Researchers Claim Apple Can Potentially Access Encrypted iMessages

Following the revelation of government data gathering program PRISM in June, Applereleased a statement on customer privacy that suggested the company was unable to access or decrypt iMessage and FaceTime conversations. 

According to researchers who presented at the Hack the Box conference in Kuala Lumpur (via Macworld), it is actually possible for someone inside Apple to intercept messages because the company has access to public iMessage keys...

Read the full story here... Source: Mac Rumours

Apple Releases OS X 10.8.4 with Safari 6.0.5, iMessage Bug Fix

After a beta period spanning several weeks, Apple today released the final version of OS X 10.8.4. The update, which can be accessed via the Mac App Store, includes several notable bug fixes including a fix for an issue that caused iMessages to display out of order along with Microsoft Exchange and Calendar compatibility improvements. 

 - Compatibility improvements when connecting to certain enterprise Wi-Fi networks 

- Microsoft Exchange compatibility improvements in Calendar 

- A fix for an issue that prevented FaceTime calls to non-U.S. phone numbers 

- A fix for an issue that may prevent scheduled sleep after using Boot Camp 

- Improves VoiceOver compatibility with text in PDF documents 

- Includes Safari 6.0.5, which improves stability for some websites with chat features and games 

- A fix for an issue that may cause iMessages to display out of order in Messages 

- Resolves an issue in which Calendars Birthdays may appear incorrectly in certain time zones 

- A fix for an issue that may prevent the desktop background picture from being preserved after restart 

- A fix for an issue that may prevent documents from being saved to a server using SMB 

- Addresses an issue that may prevent certain files from opening after copied to a volume named “Home" 

- A fix for an issue that may prevent changes to files made over NFS from displaying 

- Resolves an issue saving files to an Xsan volume from certain applications 

- Improves Active Directory log-in performance, especially for cached accounts or when using a .local domain 

- Improves OpenDirectory data replication 

- Improves 802.1X compatibility with ActiveDirectory networks 

- Improves compatibility when using mobile accounts

The update also includes Safari 6.0.5, which improves stability for websites with chat features and games. 

After eight different beta builds, Apple closed its 10.8.4 Beta Testing Program last Friday. During the beta, Apple had asked users to focus on Wi-Fi, Graphics Drivers, and Safari. The public version of OS X 10.8.4 is the same 12E55 build that was seeded to developers on May 24. 

OS X Mountain Lion Update v10.8.3 (342.33 MB) 
OS X Mountain Lion Update v10.8.3 (Combo) (809.98 MB) 

Alongside OS X 10.8.4, Apple has also released security updates for OS X Lion and Snow Leopard: 

Security Update 2013-002 (Lion) (57.69 MB) 
Security Update 2013-002 Server (Lion) (105.61 MB) 

Security Update 2013-002 (Snow Leopard) (329.85 MB) 
Security Update 2013-002 Server (Snow Leopard) (404.83 MB)

Source: Mac Rumours

 

 

iMessage Spam Exploit Rears Its Ugly Head

Apple’s iMessage system is being exploited by a supposed AppleScript that has the potential to flood up a user’s account and crash the service. A report by The Next Web says the denial of service lock up is being targeted at a group of small developers right now, but paints a larger potential to reach a wider userbase.

Right now, the incident seems confined to the jailbreak community (any device, jailbroken or otherwise, can be a target). The AppleScript, as demonstrated by app developer iH8sn0w, is capable of flooding a person’s iMessage account so severely that the app could crash. Or, at the very least, messages could come so frequently that it would make the experience very limited because of the amount of notifications.

“What’s happening is a simple flood: Apple doesn’t seem to limit how fast messages can be sent, so the attacker is able to send thousands of messages very quickly,” said iOS developer Grant Paul. Paul also explains that users can send complex message using unicode characters to crash the app to crash and unable to reopen.

While this issue is so far only confined to a small number of users, the potential to be used more widely is there. Right now, there’s no way to block a specific iMessage sender, so if someone knows your account info, you’re open to attack. Of course, you can disable your iMessage number and handle, but that’s not exactly the solution people will be ok with in the long run.

[Source: TechnoBuffalo]

Apple pulling the plug on Messages beta for OS X Lion on December 14th

 

Apple is notifying OS X Lion users that the platform's preview of Messages will end on December 14th. Originally available as a free beta download for Lion 10.7, Messages went on to become an official feature of Mountain Lion 10.8. Obtained by Cult of Mac, the email from Apple advises that in order to continue using Messages, you'll need to upgrade to Mountain Lion. While it's saddening to have pay for an app that you're accustomed to having for free, keep in mind that this was only a preview. Besides, the upgrade to Mountain Lion is $20 and if you can afford any of Apple's products, we're pretty sure that this expense won't be too much of a stretch. Be sure to take a look at the email in question after the break, because it could be lurking somewhere in your junk mail folder.

[Source: Engadget]