Pages

Showing posts with label ios. Show all posts
Showing posts with label ios. Show all posts

Apple iOS 7.1: Well, your iPhone can live without it

Saturday, 15 March 2014


Apple iOS 7.1 Apple iOS 7.1 has some design tweaksSUMMARY
The Apple iOS 7.1 is a upgrade you can go for, but you won't regret if you give this a miss
Tweet This
RELATED
M_Id_418666_Business
Review: Slick iOS 7 shines on Apple's new iPhones
Seven Up
M_Id_393069_Apple_Inc_iOS
Apple Inc. iOS system update: Mapping change for users
Apple iOS 7.1 is here. I have been looking forward to it, hoping that my iPhone 4, which slowed down dramatically in the weeks since I upgraded to iOS 7, would get a new lease of life. A couple of days after the upgrade, I think it is time to tell you if it is worth the effort.
Download
Yes, it took the customary three tries to get this iOS upgrade through. It would be great if iTunes is able to continue an operating system download where it was paused, often due to an erratic broadband connection. The 150MB download is ‘fast’ and took me about an hour with Airtel’heys 4Mbps connection.
Shock and awe
There was absolutely no shock and awe. In fact, I was not even sure the install was done as everything from the wallpapers to the apps on the homepage looked the same. But the difference was visible when my phone rang for the first time. The rectangular swipe to answer bbutton had been replaced by a very Androidish-looking red and green buttons. The ‘Remind Me’ and ‘Message’ buttons on the call screen had also changed.
photo 1
No big change in user experience here, but I can live with it.
The other big change is when you make a call. The numbers are laid out like before, but the call buttons is now a green circle instead of the rectangle before. Again, nothing great.
photo 3
Nothing major, but the Weather apps is a bit different, so is the calendar. Mostly design changes that won’t impact your life much.
photo 2
There are changes in Siri and the virtual assistant seems to have been reined in a bit. But I use a iPhone 4 and could not check what’s new.
We also noticed that the keypad is now a bit different and has more breathing space between the letters.
Problems
I faced one major problem. I am in the habit of responding to calls with ‘will call back’ messages. I haven’t been able to send one succesfully since the upgrade and I have no idea why this is happening. I was expecting issues with Bluetooth and Wi-Fi, but both worked smoothly and I did not even have to link again after the upgrade.
Is it worth it?
Well, I did not find anything that made me jump up in joy, except for the fact that my phone it a tad bit faster now. But I suggest you go ahead with the upgrade as there is nothing wrong with the version. I would have loved some really new features, instead of minor bug bixes and design tweaks.
Read more ...
Posted by at No comments:
Labels:

Another security weakness found in iOS 7

Friday, 14 March 2014

Researcher finds a flaw that would allow attackers to exploit the OS kernel


A researcher has discovered a weakness in iOS 7 that would enable an attacker to bypass a number of mechanisms Apple uses to prevent exploitation of the operating system's kernel.
The problem stems from being able to brute force the random number generator, called the Early Random PRNG, to predict its outcomes. The generator is used by a number of important memory protections for iOS devices.

The PRNG generates numbers used by the physical kernel map randomization, stack-check guard, zone cookie protections and kernel map randomization. These attack mitigations prevent hackers from executing buffer overflows and other exploits that could be used to take over a device with malware that takes advantage of how memory is allocated to safely execute code.
Tarjei Mandt, senior security researcher at Azimuth Security, found that the PRNG in iOS 7, the latest version of the OS, is weaker than the one used in iOS 6. In a paper presented this week at CanSecWest, Mandt described the impact of knowing the PRNG's outputs.
"Recovering these outputs essentially allows an attacker to bypass a variety of exploit mitigations, such as those designed to mitigate specific exploitation techniques or whole classes of vulnerabilities," the paper says.
"In turn, this may allow trivial exploitation of vulnerabilities previously deemed non-exploitable."
Scott Morrison, senior vice president and distinguished engineer at CA Technologies, called Mandt's work an "important discovery."
"PRNGs are fundamental to many computer security functions, particularly those around cryptography," Morrison said. "PRNGs are a common point of attack because if they are in any way predictable, the entire security system built on them can collapse like a house of cards."
The random number generator in iOS 7 uses an algorithm called a linear congruential generator (LCG), which produces sequences of random numbers calculated with a linear equation. One of the oldest and best-known random number generators, it is known for being fast and easy to implement, the paper authored by Mandt, said.
While these algorithms work well in devices with limited resources, such as smartphones, "they exhibit severe defects and are easily broken when confronted by an adversary who can monitor outputs," Mandt wrote.
"As such, LCGs should not be used for cryptographic applications or security related work," he said.
Mandt told the security blog ThreatPost that he had not disclosed his findings to Apple. Representatives of the company had requested to see his slides shortly before his presentation.
Read more ...
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)