This week's Halloween-inspired Apple Byte features CNET TV's Brian Tong discussing the latest in Apple news, tips, tricks, and of course rumors. This week, Apple's biggest security flaw has been exposed by simply initiating an emergency call, iOS gets major competition from a forthcoming Sony PSP phone and major dap from Nintendo, and the MacBook Air gets a speed test versus popular MacBook Pro versions.
The Halloween season my be winding down, but that doesn't mean there aren't still plenty of scary laptops out there. Of course, the vast majority of laptops we review are pretty decent examples of technology. After all, there are only a handful of common components used in most systems, and things such as speed and battery life are, if not standardized, at least largely predictable based on the list of what's inside the box.
That said, we occasionally run into a laptop that just rubs us the wrong way. Maybe it's a key missing feature, or terrible design, or an unusable touch pad--or sometimes products simply don't work as advertised. We've compiled our own list of the scariest laptops of 2010, the models that either had one or more frightening flaws, or else were just dogs. … Read more
Apple has acknowledged a newly-discovered security flaw in the iPhone and is promising to offer a fix with next month's release of iOS 4.2.
The new flaw allows someone to access the phone dialer on a locked iPhone by punching a certain sequence of buttons, thereby giving them the ability to make phone calls, send e-mails, and access the address book. Confirmed by Wired Magazine, the Boy Genius Report, and other online sources, the flaw was reportedly first discovered and posted by a user on the MacRumors online forum on October 22.
Bypassing the lock requires someone to … Read more
In an advisory published Friday, Microsoft detailed how its Enhanced Mitigation Experience Toolkit 2.0 could be used to short-circuit the threat. Adobe, which has not yet released a patch, updated its original advisory to reflect the new information.
Microsoft issued an advisory on Monday about a security issue that could leave many Windows applications vulnerable to attack.
The advisory deals with a type of attack mechanism known as DLL preloading, or binary planting. Although the attack mechanism is not new or entirely unique to Windows, Microsoft acknowledged that there appears to be a new remote-attack vector that could allow more systems to be attacked quickly.
Two researchers at the University of California at Davis published a paper earlier this year on how programs that were vulnerable could be automatically detected. In recent days, security expert and Metasploit creator … Read more
Apple has quickly released a patch for the recently uncovered security flaw with how Mobile Safari handles PDF files in iOS 4.0.1 and earlier for the iPod Touch and iPhone, and iOS 3.2.1 and earlier for the iPad.
The iPhone Dev Team uncovered the flaw and released software that took advantage of it to jailbreak iOS devices when you visit its Web site.
A week ago, CNET reported that Apple was preparing a fix, but there was no mention of when Apple would release it.
The update to fix this problem should now be available via … Read more
As iPhone 4 hits seem to keep piling up, Apple finds a friend in an electromagnetic engineer and self-described "mobile topic expert" who claims that Consumer Reports failed to provide a truly scientific test of the antenna issues facing Apple's iPhone 4.
Bob Egan, now a technology blogger and global head of research & chief analyst at the TowerGroup, claims that the Consumer Reports study, which had the popular independent customer advocacy group unable to recommend purchasing the iPhone 4, has many inherent flaws and can barely be counted as scientific.
Egan writes, "Bottom line. From … Read more
Cisco Systems has issued a range of security advisories giving details of 11 vulnerabilities in IOS, the operating system on which many of its products run.
One of the vulnerabilities, described as "highly critical," could lead to a hacker compromising the affected system or launching a denial-of-service attack against it. The advisories, issued Wednesday, are part of Cisco's twice-yearly schedule of security updates for IOS.
The highly critical vulnerability affects IOS version 12 devices running SIP, a protocol used by many businesses to set up and tear down voice and video calls. IOS version 12 is widely … Read more
Mozilla has released fixes for five security holes in older versions of Firefox, while a security company has warned of a zero-day flaw in the latest version of the popular browser.
Mozilla issued patches Wednesday for versions 3.5.8 and 3.0.18 of the browser, sending out fixes for the latter even though it had said it would stop supporting Firefox 3.0 in January. In its security bulletin, the company said the vulnerabilities had previously been resolved in Firefox 3.6, which was launched on January 21. The five flaws addressed by Mozilla included three the company … Read more
A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt Web pages, has been made public.
Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for Web transactions.
Ray, who works with Dispensa at two-factor authentication company PhoneFactor, explained in a blog post this week that he had initially discovered the flaw in August and demonstrated a working exploit to … Read more