Hackers want Ransom from Apple

/0 Comments/in /by

When you use iCloud to sync your Apple gadgets, your non-public knowledge could also be liable to getting uncovered or deleted by April seventh.

It has been discovered mischievous group of hackers claiming to have entry to over 300 million iCloud accounts is threatening Apple to remotely wipe knowledge from these thousands and thousands of Apple gadgets until Apple pays it $75,000 in crypto-currency or $100,000 price of iTunes present playing cards.

The hacking group, who recognized themselves as ‘Turkish Crime Household,’ has demanded a ransom to be paid in Bitcoin or Ethereum, one other in style crypto-currency.

Motherboard broke this story on Tuesday after a hacker claiming to signify the alleged hacking group shared screenshots of alleged emails between the group and Apple’s safety workforce with the publication.

I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” the hacker instructed Motherboard.

The screenshots of e mail change point out that when Apple safety workforce requested for a pattern checklist of hacked account to confirm the claims, the group solely offered a YouTube video demonstrating entry to one of many allegedly hacked accounts and remotely wiping all content material from the system.

Nonetheless, the story appears inconsistent, as on its Twitter account, the group claims to have entry to 200 million iCloud accounts, whereas in one of many emails, it says to entry 300 million Apple e mail accounts and in one other, the quantity will get nearly double to 559 million.

At the moment, it is vitally tough for even Apple to confirm the claims. Nonetheless, the corporate has warned the group saying that it doesn’t reward cyber criminals for breaking the legislation and asking them to take away the video because it was “searching for undesirable consideration.”

The hacking group has given Apple a deadline till April 7 to pay up the ransom. Except its calls for are met, the group are going to begin remotely wiping sufferer’s Apple gadgets and reset iCloud accounts.

iOS green screen of death

/0 Comments/in /by

I remember the days when windows used to be plagued with the lovely blue screen of death. It used to be a regular occurrence especially if you installed a third party driver or hardware that windows wasn’t particularly fond of. I have since switched to MacOS and have never experience such events ever again.

Now I mostly use mobile devices such as an iPad and iPhone to complete 90% of my work. And I must say I spend most time on these types of devices. I use both of the devices for both work and play. Which brings me to what had happened few days ago. I was on FaceTime and my iPhone 6S Plus running 10.2 locked up with the following green like screen:

iOS green screen of death

Nothing was responsive and I had to perform a hard reboot (home+power). The phone did go back to normal. I did some googling and I can’t figure out what this is? If anyone has any ideas feel free to drop me a line.

Android: versionCode vs. versionName

/0 Comments/in /by

When you are releasing an Android application you are faced with deciding of putting a versionCode and versionName. Both are usually found in your manifest. However, I have started to input them in my Gradle and more developers have started to do the same. But what the heck is the difference between the two.

Android:versionCode – An internal version number. Not visible to users.

Android:versionName – The version name shown to users.

My releases usually look as follows:

versionCode – 1
versionName – 1.0

Lets pretend I have just updated my app to the next version, it would look as follows:

versionCode – 2
versionName – 1.1

Full detailed explanation can be found under Android Deveoper Guide.

The importance of info.plist in iOS 10

/0 Comments/in /by

Since iOS 9 Info.plist has become a very important file especially during the app submission process. I think almost every developer has had a rejection notice by now due to a missing element in the info.plist directive. When iOS 10 was released Info.plist has become the most important file. I’ve had builds simply disappear from the iTunes.connect  dashboard simply because I was lacking a key-string that was required to be part of Info.plist.

The most common key-strings that I have missed are:

<string>This app requires access to the photo library.</string>
<key>NSMicrophoneUsageDescription</key>
<string>This app does not require access to the microphone.</string>
<key>NSCameraUsageDescription</key>
<string>This app requires access to the camera.</string>

Here is a full list:

Apple Music:

<key>NSAppleMusicUsageDescription</key>
<string>My description about why I need this capability</string>
Bluetooth:

<key>NSBluetoothPeripheralUsageDescription</key>
<string>My description about why I need this capability</string>
Calendar:

<key>NSCalendarsUsageDescription</key>
<string>My description about why I need this capability</string>
Camera:

<key>NSCameraUsageDescription</key>
<string>My description about why I need this capability</string>
Contacts:

<key>NSContactsUsageDescription</key>
<string>My description about why I need this capability</string>
Health Share:

<key>NSHealthShareUsageDescription</key>
<string>My description about why I need this capability</string>
Health Update:

<key>NSHealthUpdateUsageDescription</key>
<string>My description about why I need this capability</string>
Home Kit:

<key>NSHomeKitUsageDescription</key>
<string>My description about why I need this capability</string>
Location:

<key>NSLocationUsageDescription</key>
<string>My description about why I need this capability</string>
Location (Always):

<key>NSLocationAlwaysUsageDescription</key>
<string>My description about why I need this capability</string>
Location (When in use):

<key>NSLocationWhenInUseUsageDescription</key>
<string>My description about why I need this capability</string>
Microphone:

<key>NSMicrophoneUsageDescription</key>
<string>My description about why I need this capability</string>
Motion (Accelerometer):

<key>NSMotionUsageDescription</key>
<string>My description about why I need this capability</string>
Photo Library:

<key>NSPhotoLibraryUsageDescription</key>
<string>My description about why I need this capability</string>
Reminders:

<key>NSRemindersUsageDescription</key>
<string>My description about why I need this capability</string>
Siri:

<key>NSSiriUsageDescription</key>
<string>My description about why I need this capability</string>
Speech Recognition:

<key>NSSpeechRecognitionUsageDescription</key>
<string>My description about why I need this capability</string>

The complete list can be found on Apple’s developer website. 

iOS Version, Build, CFBundleVersion and CFBundleShortVersionString

/0 Comments/in /by

When you are building an app you are faced with version number and build number along with properly identifying the two in your plist. Here’s a quick summary of the two:

XCODE                           PLIST

Version                =    CFBundleShortVersionString
Build number    =   CFBundleVersion

Important note: Build number (CFBundleVersion) has to be a pure version number like 1.2.3 when you want to upload your application to the iOS App Store.

The two are easily mistaken for one another. Hope this helps those who get the two mixed up.

Does your 32-bit iOS application need to be updated?

/0 Comments/in , /by

Apple has all the earmarks of being wanting to drop bolster for 32-bit applications in a forthcoming form of iOS. The ready exchange displayed when propelling a 32-bit application on iOS 10.3 beta 1 now cautions clients that the application should be refreshed to keep taking a shot at future variants of iOS. This proposes iOS 11 expected in the not so distant future could be the principal adaptation to just support 64-bit applications.

Apple has upheld 64-bit applications on iOS since the dispatch of the iPhone 5s in September 2013. Apple has additionally required designers submit new applications with 64-bit bolster since February 2015 and application refreshes since June 2015.

While legacy 32-bit applications still in the App Store have kept on being upheld, iOS 9 incorporated a ready when first propelling 32-bit applications that told clients the legacy application may back off gadget execution.

Apple has changed the ready exchange on iOS 10.3 beta 1 to caution that support will be expelled in future iOS forms.

If you have a 32-bit application here is some of the messages your application might trigger.

From iOS 10.2.1:

“YOUR APP NAME” May Slow Down Your iPad

The developer of this app needs to update it to improve its compatibility.

And iOS 10.3 beta 1:

“YOUR APP NAME” Needs to Be Updated

This app will not work with future versions of iOS. The developer of this app needs to update it to improve its compatibility.

For applications that are still in the App Store, the ready exchange ought to put weight on application proprietors to get with the circumstances or face applications being expelled from the App Store.

Back in September, Apple point by point arrangements to start cleansing “problematic and abandoned apps” from the App Store in one of the principal moves to concentrate on application quality over list amount. The next month, Apple was said to have expelled about 50,000 applications from the App Store.

If you are require your application to be updated from 32-bit to 64-bit, we can certainly provide you with that service.

Project Zero Cloudflare Hack

/0 Comments/in , /by

On February 18, 2017 Tavis Ormandy, a research analyst with Google’s Project Zero, revealed delicate information spilling from sites utilizing Cloudflare’s proxy services, which are utilized for their content delivery network (CDN) and distributed denial-of-service (DDoS) mitigation services. Cloudflare gives an assortment of services to a ton of sites – to at least couple of million. Tavis informed Cloudflare promptly. A couple includes in Cloudflare’s intermediary services had been utilizing an imperfect HTML parser that spilled uninitialized memory from Cloudflare’s edge servers in some of their HTTP reactions. Helpless components in Cloudflare’s services were handicapped inside hours of accepting Tavis’ divulgence, and their services were completely fixed with every defenseless element completely re-empowered inside three days. Cloudflare has a point by point review about Cloudbleed’s basic issue and their reaction to it – Click here.

Should I be worried?

Not if you are hosted with Primary Technologies. We have NEVER endorsed third party CDN providers such as Cloudflare. If you are or been hosted elsewhere than your data may have been spilled. Any merchant’s site utilizing Cloudflare’s intermediary service could have uncovered your passwords, session treats, keys, tokens, and other touchy information. In the event that your association utilized this Cloudflare intermediary benefit between September 22, 2016 and February 18, 2017, your information and your clients’ information could have been spilled and stored via web crawlers.

Who is affected?

Prior to Tavis’ divulgence, information had been spilling for quite a long time. It’s too early to know the full extent of the information that was spilled and the locales and services that were influenced (in spite of the fact that we’re headed toward a nice begin). There is right now a decent lot of perplexity and misalignment on the status of different services.

iOS update might say a final goodbye to 32-bit applications

/0 Comments/in , /by

Beta forms of iOS 10.3, the first was issued a week ago, create cautioning messages when you attempt to run more seasoned 32-bit applications. The message, initially found by PSPDFKit CEO and application engineer Peter Steinberger, cautions that the applications “won’t work with future renditions of iOS” and that the application must be overhauled by its designer to keep running. The applications still keep running in iOS 10.3, yet it appears to be likely that iOS 11 will drop bolster for them totally.

In spite of the fact that the mistake message doesn’t expressly say the application’s 32-bit or 64-bit support, it’s certainly just more seasoned 32-bit applications that trigger the notice. Comparable messages that did expressly specify 64-bit support were available in the betas of iOS 10.0, yet they were evacuated in the last arrival of the product. Apple has required 64-bit bolster for all new application entries since February of 2015 and all application overhaul entries since June 2015, so any applications that are as yet tossing this blunder haven’t been touched by their engineer in no less than 18 months (designers could include 64-bit bolster as ahead of schedule as 2013, yet a large portion of them selected not to until it turned into a necessity).

To a limited extent in light of Apple’s aggregate control of its equipment, working framework, and application conveyance stage, iOS’ move from 32-bit programming to 64-bit programming has been exceptionally smooth and brisk. The initial 64-bit release of Windows was discharged in 2005, and however 64-bit Windows has more often than not been the default since the Windows 7 time, there’s still a 32-bit adaptation of Windows 10, despite everything it transports on some low-end equipment. Macintosh OS X (now macOS) started to incorporate 64-bit bolster with the OS beginning in 2003, a procedure that wasn’t finished until 2012; current variants of the OS can even now run 32-bit applications that aren’t generally inconsistent. Android’s 64-bit move is finished in the event that you have a more current telephone, yet some new telephones still ship with 32-bit Android, and more established telephones (even those that really get programming overhauls and have 64-bit equipment support) will keep on using 32-bit Android.

Expelling 32-bit bolster from iOS would likewise dovetail with another exertion Apple is making to expel old and unmaintained programming from the App Store so individuals can’t discover it in any case. Apple is endeavoring to contact application engineers so that any individual who needs to upgrade their applications still can, yet they won’t be permitted to remain up uncertainly. On the off chance that iOS 11 drops bolster for the 32-bit iPhone 5 and 5C and the fourth-era iPad, expelling 32-bit application support could likewise permit Apple to strip every one of the 32-bit code out of iOS completely.

Renewing or installing Universal SSL on Mail – Dovecot

/0 Comments/in , /by

If you are providing a universal SSL to your mail server, you will need to install an SSL and of course properly link it from your Dovecot configuration file.

This is not a guide how to achieve above but more of what to do after you have successfully installed an SSL. Your Dovecot will hang on to the old SSL certificate until your restart it. Last step people seem to forget and spend endless hours trying to figure out what went wrong in regards to installation or renewal of the SSL certificate. But really all Dovecot needs is a restart.

Service dovecot restart

That’s it!. You will notice your new SSL actually kick in and start to work again.

Jailbreak 10.1.1

/0 Comments/in , /by

Project-zero has detailed instruction on a kernel exploit that is capable of jailbreaking iOS 10.1.1. Here’s a screenshot:

Jailbreak 10.1.1

Therefore, if you are looking to jailbreak manually, CLICK HERE. Instructions are detailed and if you follow them, you should be able to jailbreak your device.

As mentioned in our previous post, if you have updated to the latest iOS 10.2, this kernel exploit will not work. Please downgrade to 10.1.1 (still signed by Apple).