Category Archives: update

CNN iPhone app exposing login info of its iReporters unencrypted, according to security researchers

iReport Functionality iReport Login

Security researchers at Zscaler claim to have found a security flaw in CNN’s iPhone app that exposes personal login and passwords of its users. The CNN app for iPhone, which includes an iReport feature that allows users to sign-up and submit news stories, is reportedly not using SSL encryption for registration/login and SSL certificate pinning like its Android app counterpart and sending the personal user info to and from the app unencrypted. The report notes that CNN’s iPad app is not subject to the same vulnerability as it currently doesn’t have the iReport feature:

The current CNN for iPhone App (verified on Version 2.30 (Build 4948)) has a key weakness whereby passwords for iReport accounts are sent in clear text (unencrypted). While this is always a problem, it’s especially concerning that this relates to functionality which permits people to anonymously submit news stories to CNN. This occurs both when a user first creates their iReport account and during any subsequent logins.

As can be seen, both transmissions are sent in clear text (HTTP) and the password (p@ssword) is sent unencrypted, along with all other registration/login information. The concern here is that anyone on the same network as the user could easily sniff the victim’s password and access their account. Once obtained, the attacker could access the iReport account of the user and compromise their anonymity. The same credentials could be used to access the user’s web based iReport account where any past submissions are also accessible.

Zscaler said it notified CNN of the security flaw on July 15th and that the company confirmed it’s investigating. The CNN app for iPhone received an update today with “bug fixes” listed in the release notes, but the company is yet to confirm if the update was to address the security flaw detailed by Zscaler.


Filed under: Apps Tagged: CNN, Encryption, iphone app, iReport, Security, security flaw, SSL, unencrypted, update, zscaler

Visit 9to5Mac to find more special coverage of Apps, update, and Security.

What do you think? Discuss "CNN iPhone app exposing login info of its iReporters unencrypted, according to security researchers" with our community.

Last week’s MacBook Air firmware update reportedly failing to install for some, leaving users with bricked machines

Macbook Air-MC969LL:A-sale-01

Apple released an EFI firmware update (version 2.9) for the mid-2011 MacBook Air last week to address problems the computer could have while waking from sleep, but recently users have started to report on the company’s support forum that the software was failing to install on their machines, and in some cases leaving them with completely non-functional computers, as first noted by MacRumors.

While some users report that their MacBook Airs shut down for several hours only to suddenly spring back to life, others claim that their machines still won’t startup. In other cases, users are finding that the Mac App Store prompts them to re-install the update over and over. So far there aren’t any reports of a successful resolution to the issue, even through AppleCare channels.

If you haven’t already installed the update, it may be best to sit this one out until Apple has fixed whatever problem seems to be plaguing users at the moment.


Filed under: Mac Tagged: EFI, issue, MacBook Air, problem, support, update

Continue reading more about update, MacBook Air, and Mac at 9to5Mac.

What do you think? Discuss "Last week’s MacBook Air firmware update reportedly failing to install for some, leaving users with bricked machines" with our community.

Intel launches updated Haswell chips, likely to appear in upcoming MacBook Pro spec bump

Screen Shot 2014-07-21 at 6.40.05 PM

Intel has debuted the next generation of its Core i5 and i7 processors, according to a report from CPU World. Each of these updated chips sports a 200 MHz speed boost over its previous incarnation, which can currently be found in the MacBook Pro lineup. It’s likely that these processors will be found in a spec-bumped version of the MacBook Pro later this year.

The current series of MacBook Pro processors are available at clock speeds of 2.0 GHz (in the lowest-end 13-inch model) up to 2.6 GHz (in the top-of-the-line, built-to-order 15-inch model). The next-gen models released this week range from 2.2 to 3.0 GHz, which will provide a decent speed boost to each model.

Earlier this year Apple refreshed the MacBook Air with upgraded Haswell processors after Intel released new versions of the chips in those machines. It’s expected that Apple will do the same for the Pro line following the release of these newer i5 and i7 CPUs. Intel is currently working on its new Broadwell line of processors that will reportedly allow for the creation of a fanless MacBook Air, which will likely open the door a similar move for the MacBook Pro.


Filed under: Mac Tagged: Haswell, Intel, MacBook Pro, processors, refresh, Retina, update

For more information about update, Mac, and Intel continue reading at 9to5Mac.

What do you think? Discuss "Intel launches updated Haswell chips, likely to appear in upcoming MacBook Pro spec bump" with our community.

Facebook introducing ‘Save’ read later feature for iOS & Android

Facebook announced today that it’s rolling out a new feature for its mobile apps that will let users save content for easy access at a later date. A list of saved content from Facebook— including links to things like places, movies, TV, and music— will appear in the Facebook mobile apps in the “More” section and on the left side bar on the web.

Facebook notes that it will sometimes show users reminders of saved content in the News Feed and also let users share saved lists with others (although saved items are set to private by default):

Your saved items list is organized by category and you can swipe right on each item to share it with your friends or move it into your archive list…We’ll sometimes show you reminders of your saved items in News Feed. For example, we might show you links to articles you saved.

The new Save feature could be considered a competitor to services like Pinterest or reader apps that let users save content from around the web for reading and sharing at a later date. The feature appears to allow users to share individual items they’ve added to their Saved items list in a similar way users currently share individual posts via the Facebook timeline.

The new feature is rolling out for all users on iOS, Android and web over the coming days.

introducingsave introducingsave3 introducingsaved2
Filed under: Apps Tagged: Android, Facebook, feature, how to, iOS, Pinterest, read-it-later, save, Saved, update

Continue reading more about Apps, iOS, and Android at 9to5Mac.

What do you think? Discuss "Facebook introducing ‘Save’ read later feature for iOS & Android" with our community.

Screenshots of redesigned iTunes 12 for OS X Yosemite (Gallery)

Screen Shot 2014-07-21 at 10.19.35 AM

Earlier today, Apple released iTunes 12 to developers with a new design to fit in with OS X Yosemite. We’ve taken a look at the new player and below is a gallery of what end-users can expect to see come fall:

Screen Shot 2014-07-21 at 10.20.15 AM Screen Shot 2014-07-21 at 10.21.19 AM 9to5-image 2014-07-21 at 1.21.31 PM 9to5-image 2014-07-21 at 1.21.50 PM 9to5-image 2014-07-21 at 1.22.18 PM Screen Shot 2014-07-21 at 12.24.30 PM Screen Shot 2014-07-21 at 12.24.39 PM Screen Shot 2014-07-21 at 12.24.47 PM Screen Shot 2014-07-21 at 12.25.09 PM Screen Shot 2014-07-21 at 12.25.53 PM Screen Shot 2014-07-21 at 12.26.09 PM Screen Shot 2014-07-21 at 12.25.56 PM
Filed under: AAPL Company Tagged: fall, gallery, Get Info, iTunes 12, playlists, redesign, software, update, yosemite

Continue reading more about AAPL Company, update, and software at 9to5Mac.

What do you think? Discuss "Screenshots of redesigned iTunes 12 for OS X Yosemite (Gallery)" with our community.

Upcoming Twitter for iPhone update will allow you to browse your entire DM history

screen568x568-1 screen568x568

Twitter has announced that an upcoming update to its mobile clients will allow users to go back and review their entire direct message history. Currently the app only provides a limited look back, but that restriction will be removed in a new version that will also make deleting messages more reliable across its web and mobile platforms.

There’s still no word on whether this update will be the one to restore the inability to send links in direct messages, which has been an ongoing issue for several months now for many useres, while others are still able to send URLs in messages with no problem.

 


Filed under: Apps Tagged: app, Messaging, Twitter, update

Visit 9to5Mac to find more special coverage of Apps, update, and Twitter.

What do you think? Discuss "Upcoming Twitter for iPhone update will allow you to browse your entire DM history" with our community.