Reading Time: 7 minutes

In a transparency report unveiled a while ago, Apple disclosed that US law enforcement agencies made more than 1450 customer data requests in the second half of 2015.

This impacted more than 1200 customer accounts, rising from some 900 odd requests made during the first half of last year. The requests solely demanded data from services like iMessage, Emails, Photographs and backup data.

Such statistics are surely disturbing considering the fact that only a few years back, Apple’s mobile OS became target of “Wire Lurker” malware due to unaddressed vulnerabilities. Ironically, Apple has been victimized by both the so called good and the bad guys alike.

Yet despite overwhelming pressure, Apple has always stood by its users. On that note, in this article, we’ll take a look at how Apple fought for our privacy. We’ll also take a look at some of biggest privacy flaws in iOS 7 and iOS 8.

But before we begin, don’t forget to secure your iOS device with a reliable VPN for iPhone.

 

The Apple Transparency Report

Apple Inc.’s transparency report has been trending more than ever since the Snowden revelations. Historically, we have witnessed Google, Yahoo, Twitter, Facebook and various tech giants disclosing the gag orders and state requests for customer data. Now, Apple has revealed that authorities demanded user data over 1,000 times during the second half of 2015. Surprisingly, Apple complied with only 82% of the requests.

With increasing number of requests, the number of victims is rising dramatically. According to the report Apple has categorized the requests in two sections namely Account requests and Device requests. Account requests involve information about account holder’s iTunes, iCloud data, Name, Address, Photos, Emails, Documents, Contacts, Calendars, Bookmarks and device backups. Device requests include date and contact information provided to register the account or service.

 

FBI considers Backdoor for Apple

Apple users have their fingers crossed as Apple prepares to take on the FBI in court tomorrow. The Riverside magistrate judge will hear the FBI’s take on the need to hack into Apple’s software in light of the San Bernardino shooting, and Apple will fight to ensure that the iOS operating system remains backdoor-free.

Apple fans are raising questions about the usage of the term “Backdoor”, and this is what it is:

Backdoor usage has been very common in past. In early 80’s the term was known as “trapdoor”, implying that programmers or software designers would leave a trapdoor in device; that may be used to break into the device in future.

Later in the 90’s when the crypto-war started, data privacy advocates focused more upon the government’s proposal to record users’ decryption key to create backdoors whenever needed. The Dual EC DRBG Standard, built by NASA to spy on any device, has bothered huge many users worldwide.

The FBI has put Apple on the spot, by forcing it to implement the Backdoor. While Apple considers this to be the first step towards creating an intentional  vulnerability in iOS devices, the major concern for data privacy advocates and Apple users is whether Apple will approve the backdoor update without erasing the encryption keys. Apple stated that it has been caught off guard and it never expected the government to put up such a demand.

Should the FBI win the case, a large number of iPhone and iPad users might consider switching to Android in a desperate attempt to keep their data and privacy secure.

 

Fierce Battle between FBI & Apple Continues in Congress

Just a day after the US Senate’s Anti-Encryption bill by Senator Feinstein and Senator Burr was released, the fight between FBI and Apple moved courts to the US Congress. After facing strong resistance from Apple Inc. over the unlocking of San Bernardino terrorist Syed Farook’s iPhone.

The conflict over digital privacy continues, as Technology giants and Pro-privacy groups argue over the importance of encryption to ensure secrecy and privacy of user data. Law enforcement agencies claim that they can’t combat crimes effectively without accessing the information on suspect’s mobile device.

After months of strong confrontation from Apple, numerous security experts advised the bureau to try unlocking the phone by their own, through any means. This included getting help from third party contractors and numerous news outlets reported that Israeli tech firm ‘Cellebrite’ was approached by the FBI.

Forbes-iphone-FBI-Cybersecurity-hacking

The iPhone 5 of San Bernardino suspect Syed Farook was eventually unblocked possibly by Cellebrite but the FBI never disclosed a name. Considering the situation, data privacy advocates are concerned about device security & user privacy claims of various tech-giants, as cybersecurity & hacking services step upon the basic privacy rights of users.

Cybersecurity experts suggest that users should adapt data privacy tools like VPN, ad-blockers, internet security suites etc. for superior online privacy & robust data security against hackers, state-surveillances, and other malicious snoopers. By far, Virtual Private Networks have been the leading solution for online privacy, anonymous browsing and secure data transfers.

However, it is not recommended to fully rely on free VPN for iPhone because of apparent security flaws.

If you are curious as to how you can secure your iOS device with a VPN, make sure you check out our iPhone VPN setup guide.

WhatsApp Unleashed End To End Encryption Following San Bernardino Case

The news about WhatsApp End-To-End Encryption has surprised millions of users spreading like fire to billions of users. After being taken over by Facebook, WhatsApp privacy policies were given a major revision.

whatsapp-end-to-end-encryption

The chat app giant has now enabled an end to end encryption feature for all conversations including documents & voice messages to protect activity of millions of users worldwide.  This has left surveillance agencies unable to decrypt over 40 billion messages from WhatsApp daily traffic, which they were snooping on. WhatsApp users should expect following benefits with the latest encryption update:

  • With the end-to-end encryption, conversations are scrambled and can only be decrypted by receiver’s device.
  • Messages become unreadable if intercepted by snoops, hackers and State-surveillance agencies.
  • Encryption will also apply to file transfers and calls.
  • Intruders will now need to get physical access to device in order to see users’ conversation.

 

Apple – iOS 7 Bugs & Unpatched Vulnerabilities

The iOS 7 launch didn’t went too smoothly, Part of the reason why it took so many iterations to fully patch and fix. Soon after iOS 7’s release, a significantly small updated was unexpectedly released.

The update labeled as iOS 7.0.6 was meant to fix security loopholes in the iOS 7 SSL. The update could be found in the ‘Software Update’ section of the native Settings application in iOS.

Apple-iOS-7-flawed-security

The fact that the update was rushed into launch before iOS 7.1 gave rise to speculation that there might have been a major security risk in the iOS 7. Apple would not have rushed the update for independent launch before the iOS 7.1 release if there was no cause for worry.

Apple did refuse to provide any specifics about the scope of the SSL security loophole. However, the mere fact that the update was around 16MB (and may be as heavy as 35MB in some cases), had people worried about the degree to which the SSL issue was severe.

This was not the first time that Apple launched an update with a one-liner explanation and refrained from providing loyal customers any details.

Here is a brief description of the iOS 7’s update iterations, or patches as I like to consider them…

  • IOS 7.0.1

Released on September 19, 2013, around the time of the release of Apple’s iPhone 5, the iOS 7.0.1 was meant to fix bugs and deliver improvements for users with iOS 7 on their iPhone 5s and 5c devices.

  • IOS 7.0.2

Released September 26, 2013, the iOS 7.0.2 was Apple’s first attempt at fixing the Lock screen pass-code bug (an infamous highlight of the iOS 7) that made it highly penetrable.

  • IOS 7.0.3

Released October 22, 2013, the iOS 7.0.3 update was designed to fix a host of issues in the iOS 7. These included issues that iOS 7 users were experiencing with their iPhone/iPad’s Touch ID, Spotlight search, iMessage, system stability for iWork apps, accelerometer calibration, Lock screen pass-code
bug, Reduce Motion setting and device supervision during software updates; amongst others.

  • IOS 7.0.4

Released November 14, 2013, the iOS 7.0.4 update was designed to fix errors in the Apple iPhone’s classic FaceTime application. Apparently, FaceTime calls kept disconnecting for iOS 7 users and the update was designed to fix the bug causing the problem.

  • IOS 7.0.5

Released January 29, 2014, the iOS 7.0.5 update was designed particularly for Chinese 5s and 5c iPhone models. The models were experiencing networking problems within a few days of being launched in the region.

 

IOS 8 Released With Zero Online Security

The release of iOS 8 was long awaited. Seamless connectivity between iPhone, iPad, and Mac devices using iCloud was finally coming in the new update.

However, instead of learning from the vulnerabilities in iOS 7, Apple released iOS with adequate security features. Instead of being privacy-focused, with iOS 8, Apple was more inclined towards health and fitness.

 

Apple’s Exploited Vulnerabilities

Now we’ll look at some of the infamous cases of Apple’s biggest security flaws of all time. Some of these cases had brought major heat towards Apple.

 

The IPhone 6 Is Apple’s Cover up after the iCloud Leak

Apple was bogged down with allegations about apparent security weaknesses in the iCloud that led to the August 2014 Celebrity Photo leak bomb.

Judging by the tight spot that Tim Cook was in, I’m guessing must have tried to fast-track the iPhone 6 and iOS 8 launch in order to stifle updates about how the leak was damaging the lives of the affected celebrities.

There is a good chance that the next few weeks will reveal the weaknesses in the iOS 8 software and the iPhone 6 infrastructure. The best thing you can do is to buy the iPhone 6 and only connect to the seemingly smart functions once you have activated a VPN on your iPhone.

 

Apple Devices Attacked by a Malware “Wire Lurker”

Apple was in deep trouble when it was revealed by a team of security experts that a malware “Wire Lurker” has targeted many Apple devices. However, it is worth noting that only the Chinese users were subjected to the attack.

According to Palo Alto Network, this malware infected tens and thousands of Apple devices in just six months.

To top it off, the malware apparently had been infecting iPhones as well. Once the phones were plugged into an infected Mac via USB, Wire Lurker automatically downloaded infected third-party apps in the phones regardless of their jail-broken status. That is why the malware had been given such name.

The malware stole information stored on Macs and iPhones by exploiting everything from contacts to iMessages.

It is exactly why experts recommended that Apple users take preventive measure before they fall prey to Wire Lurker. Apple users were advised to route their internet traffic through a different server, they can do so by connecting through VPN. It is also recommended to not to plug in their phones into the infected Mac devices.

Although, it is important to note that the malware has hit the Apple devices in China only and no other case has been registered from any other part of the world. Palo Alto Network claims that Apple is working on fixing the problem but it is not clear when it will be available.

 

Users complaining about iPad Vulnerabilities

An Australia VPN for iPad protects you against numerous threats and protects your privacy from the mandatory data retention law. But, to see the real troubles of iPad users, we took to social media and found different users facing different iPad security problems.

Here is one user that was facing problems in accessing Twitter once his iPad was hacked:

Weird blank white screens have been appearing on my iPad twitter app since I was hacked. Any idea’s? Is someone is watching?

It’s a nightmare for anyone to wake up one day and find that they owe money because their device has been hacked. Here are two user that faced the same issue:

When you get an unexpected bill for £35 because my iPad sim has been hacked and being charged a pound a day ?? cheers for that

My eBay account has been hacked (proper use of the word). Apparently I owe 8 people an iPad mini.

Here is one user advising everyone to back up their data on PC, iPad and iPhone in case it’s compromised in any way:

Protect against Ransomware Attacks on iPad

A new type of threat has recently been targeting iPad users and it’s called ransomware. This is a type of malware and infects devices in various ways. Some ransomware lock your device and restrict you from accessing it unless you pay a ransom. Similarly, some ransomware encrypt files, apps, and parts of your device and demand payment for unlocking those sections.

iPad/iPhone users in Australia are reporting a new ransomware that locks there device until they pay $100 #iphone #securty

Ransomware are propagated through multiple sources and cause severe damage to your privacy and security. One way of protecting against ransomware is by encrypting your web traffic and the best tool to do that is through a VPN. Its secure protocol and military grade encryptions will protect your confidential data against different cyber threats, including ransomware.

 

China Deploying Additional VPN Ban Policies in the Wake of Trade Shows

A new wave of China VPN banning strategies are at work ahead of the major trade expo and internet conferences that are being held in the country, claims Reuters.

Prior to this, China has always been against the idea of allowing VPNs to access overseas websites that are banned by the authorities. The Great Firewall of China is an internet censorship system that regulates country’s internet and prevent users from accessing Facebook, Gmail services, Twitter, etc. It seems that this idea has excelled to a full extent in this past week.

Experts believe that deploying of additional blocks at the time of major events happening in China could be the result of a new economic policy. While many other believe that authorities are just testing new technology that block VPNs, and this could just be a wave of experiments.

Sunday Yokubaitis, the Chief Executive of Golden Frog also spoke with Reuters explaining that the Chinese authorities are monitoring their response in real time after they adopted a countermeasure. He also mentioned that Chinese censors were quick on gauging the intensity of the counter measure and blocked their service again.

The continuous changes in blocking techniques is what making it impossible for VPN services to go their app working successfully. Even ExpressVPN users are facing connectivity issues in China for the past 2 days.

Changes in blocking techniques also indicates that this is a series of VPN block experiments that are being tested for the future, bit no one really knows. The cat-and-mouse game is likely to continue for a while before its settles down.

 

Websites and Apps Blocked in China:

 

Final words

Various tech giants including Google, Facebook, and Microsoft have surrendered their customer privacy before surveillance agencies, where Apple Inc. drew the line and denied compromising user data. In addition to this, Apple has demanded that authorities present a search warrant and customer notification for future requests.

As evident from Apple previous stances against oppression, they are willing to risk everything to secure the privacy of Apple user’s around the world. Even if it means fending off the likes of the FBI.

As far as Apple’s vulnerabilities are concerned, there is really no information about what update Apple will launch next, what problems it will aim to fix, and what dangers the problems really posed.

Apple’s updates continue to tweak the iOS’s functionality and security issues, while most issues don’t even become common knowledge until either Apple launches an update or news about a security breach goes public. Clearly Apple is still struggling with the iOS platform. Take a stand to protect your online security before it is too late.