Tag Archives: Apple

Posted on Author Atlantic Computer Services Categories Blog

New iOS Update Provides Fix For HomeKit Brick Issue

If you have an iPhone by now you’ve almost certainly heard of the security flaw in the HomeKit protocol which allows Apple users to discover and control a wide range of Smart Devices in their home from the HomeKit dashboard. The recently discovered security flaw dubbed “DoorLock” allows an attacker to essentially brick your phone by deploying a maliciously crafted HomeKit accessory name.  The issue is being tracked as CVE-2022022588.

Apple has now addressed the issue with the release of iOS 15.2.1 and iPadOS 15.2.1. Both updates improve input validation with the result that the devices are no longer susceptible.

That’s the good news.  Trevor Spiniolas is the researcher who first discovered the flaw and he gives us the bad news. The company has known about it since August of 2021, and it has taken months for them to issue a fix for it.  During that time Apple said very little about the issue while exposing their user base to unnecessary risk.

Spinolas had this to say about the matter:

“I believe this bug is being handled inappropriately as it poses a serious risk to users and many months have passed without a comprehensive fix.  The public should be aware of this vulnerability and how to prevent it from being exploited, rather than being kept in the dark.”

We agree.  It does appear that where the DoorLock issue is concerned, Apple dropped the ball.  The company is normally much better at handling and responding to issues like these.  Here’s hoping they take Spinolas’ criticism in the spirit in which it was intended and strive to do better when the next issue inevitably rears its head.

If you own an Apple device and if you use HomeKit be sure to check your iOS or iPadOS version.  If you’re running anything prior to 15.2.1 upgrade right away to mitigate your risk.

0
Posted on Author Atlantic Computer Services Categories Blog

A New iPhone Bug In HomeKit Could Brick Your Phone

Thank Trevor Spiniolas’ sharp eyes if you own an iPhone.  The independent security researcher recently discovered a critical security flaw in iOS that impacts all version from 14.7 to 15.2.

If exploited, this flaw can turn your fancy phone into a very expensive paperweight, so it’s one to take seriously.

Trevor discovered that by changing the name of a HomeKit device to a large string of characters, it would cause the iPhone to crash. In his case Trevor used a string half a million characters long for testing.

Unfortunately, there’s no easy way out if this should happen to a user because of course the new device name is backed up to the iCloud. So if the user tried to restore the iPhone it would pull the relevant information from the Cloud, hit the renamed device, and trigger the error again.

Spiniolas has publicly disclosed his findings, so Apple is aware of the issue.  Initially the company promised a fix before the end of 2021 but they’ve since come back with a revised timeframe of “early 2022.” For now, if you run afoul of this issue you don’t have many good options.

Spinolas recommends the following steps for impacted users:

  • Restore the affected device from Recovery or DFU Mode
  • Set up the device as normal but do NOT sign back into the iCloud account
  • After setup is finished, sign into iCloud from settings. Immediately after doing so disable the switch labeled “Home.” The device and iCloud should now function again without access to “Home” data.

It’s a bit of a process with more hoop jumping than many people will care for. However, the steps outlined above will get the job done and give you your phone back.  Here’s hoping Apple doesn’t hesitate in terms of the fix.

0
Posted on Author Atlantic Computer Services Categories Blog

Android Can Track AirTags And Similar Devices With New App

The Apple and Android ecosystems just took another step toward melding together with the release of a new App built by Apple.

The app allows Android devices to track any nearby device that is “Find My-enabled.”

From Apple’s perspective the move is less about creating a user experience that spans ecosystems and more about user security.

The new Android App is called Tracker Detect and can be found on the Google Play store. Once the app is downloaded and installed an Android user can scan the immediate area for rogue AirTags or other “FindMy-enabled” devices.

If you’re not already familiar with AirTags the big thing to know about them is that they will begin to beep annoyingly every few minutes if they have been disconnected from their owner.  The beeping is a means of alerting those nearby that an AirTag is present ostensibly in a bid to get a helping hand in finding its way back home.

The new App makes that process just a little bit easier. Once you’ve installed it you’ll be presented with a simple screen with a prompt to begin a scan of your immediate vicinity.

If you tell the app to scan it will look for any unknown devices and present you with the option to play a sound on the device. It will do this along with providing instructions for scanning the tag to see who it belongs to (or removing the battery to disable it).

The key thing to note here is that it is not a passive scan.  The person using the app must proactively scan for devices.  In an ideal world some future version would at least allow for the possibility of passively scanning an area as you moved through it, but this is  a step in the right direction.  Kudos to Apple!

0
Posted on Author Atlantic Computer Services Categories Blog

Study Shows People Are Spending More On Mobile Apps

App spending in 2021 grew by an impressive 25 percent in 2021 and has increased to an impressive $135 billion.  Even better is the growth shows no signs of slowing down.

That is surprising because the industry at large has come under increased scrutiny and both the Apple and Google App Stores have introduced new developer rules governing in-app payments.

Overall Apple’s App Store leads in total revenues while Google’s massive Play Store leads in terms of total numbers of downloads. That is according to the most recently published research by App Annie.

Apple users accounted for 65 percent of the total app revenue with $87.5 billion. Google Play racked up $47.25 billion which is a lower number despite having a larger user base.

A different app analytics company named Sensor Tower reports similar data.  According to their research spending on apps will reach $133 billion in 2021 representing a 19.7 percent growth.

Of interest Sensor Tower’s data provides more detail on the total number of downloads as well.  They estimate that downloads from the Google Play store will top 100 billion by the end of this year (2021) versus just over 30 billion from Apple’s App Store which is a good way of comparing the relative size of the rival ecosystems.

There are some lingering concerns that as the pandemic recedes further into the background and life begins to return to normal that the explosive growth in app sales will taper off.  It’s entirely possible that the rate of growth will slow given that the pandemic has fundamentally altered a number of aspects of our daily life. However all expectations are that growth will continue to be robust.

If you’re thinking of launching a premium app to support your existing business now is a great time to do so.

0
Posted on Author Atlantic Computer Services Categories Blog

Apple Rolls Out Digital Keys For Hotels With Partnership

Apple Wallet just got a powerful new feature that’s sure to make it more attractive to busy travelers.  Thanks to an agreement with Hyatt your Apple Wallet is now capable of serving as a digital hotel key.

This counts as a promise kept.  At the 2021 WWDC Apple promised that it would be adding digital hotel key functionality to its wallet app.

Although it took some time to hammer out the details of an agreement Hyatt is the first hotel to embrace the idea.

If your iPhone is running iOS 15 or later or if you’ve got an Apple Watch running WatchOS 8 or above you’ll be able to use it. You will select the key on your device hold it near the built-in sensor on the hotel room door and gain entry just as though you used a conventional room key card.

What’s even better is that keys can be added before your arrival at the hotel so all you’ll need to do is walk up to the front desk to get them activated. Best of all is the keys support alterations after the fact so if there was a problem with your reservation and you need a different room assignment all of that is easy to deal with.

At present the digital keys are only available at a limited number of Hyatt locations. However the company is excited to expand their portfolio and is hoping to develop a global digital key footprint in the months ahead.

Meanwhile Apple is busy making arrangements with other hotel chains and is currently working with a number of governmental agencies (starting in the US) to make digital government IDs a reality.

All of this is very good news that will radically expand the number of use cases for the Apple Wallet and that is fantastic news for anyone who’s a part of the massive Apple ecosystem.

0
1 4 5 6 7 8 18