FBI Paid $900K for San Bernardino iPhone Hack

The FBI refused to ever share how much it paid for the hack into San Bernardino shooter Syed Farook’s iPhone, but thanks to Senator Diane Feinstein we now know the price was US$900,000. The Senator accidentally spilled the beans during a Judiciary Committee meeting on accessing encrypted data on smartphones and personal computers.

DOK Malware Signed by Valid Developer Certificate (for Now)

A new piece of malware, called OSX/Dok, has been discovered by the Check Point malware research team. It affects all versions of macOS and is signed with a valid developer certificate authenticated by Apple. Dok malware is also the first to spread in a widespread email phishing campaign. Andrew Orr gives us the technical details.

Physical Security Matters, Too – Mac Geek Gab 652

SMC Resets, Migration Assistant tricks, Auto-Upgrade solutions and Renting vs. Owning your Cable Modem are just the beginning for your two favorite geeks today. S/MIME is taken to a whole other level with guest Jeff Butts who helps us all understand how to make this work on both macOS and iOS! Then it’s time to dive into your system certificates – and which ones you can touch vs. those that you can’t. Security is always on the mind and a quick VPN discussion rounds that out. Then John and Dave move on to something more pleasing to the ear: sound, and how best to manage it on your Mac!

TMO Staff Share their Favorite VPN Services

Thanks to a new law green lighting ISPs selling our personal web browsing data, along with restrictions prohibiting the FCC from stopping the activity, there’s a lot of talk about VPNs, or Virtual Private Networks. With so many VPN services to choose from it’s hard to decide which is best for you, so I asked the TMO staff what they rely on.

What Is A VPN, And How Can It Help You?

Now that Congress have chosen to allow ISPs to sell your data, many people are turning to VPNs to help. But you may not know how VPNs work, or how a VPN can help you browse the web safely. In this article Andrew Orr explores the technical details and gives you our VPN recommendations.

macOS: Creating an App-Specific Password for iCloud

When you first enable two-factor authentication in iCloud, you might notice some of your apps appear broken. This is because those apps don’t support 2FA, and require app-specific passwords. Follow along with Jeff Butts as he demonstrates how to generate and manage your app-specific passwords.

UK Anti-encryption Push, Woz at Startup World Cup - TMO Daily Observations 2017-03-27

There’s a new government call to for tech companies to let law enforcement bypass our security and encryption, but this time it’s from the United Kingdom. Bryan Chaffin and Jeff Butts join Jeff Gamet to look at the ramifications if the U.K. forces the issue, plus Bryan fills us in on Steve Wozniak’s presentation at Startup World Cup.

Pwn2Own Hackers Found Two Safari Zero Day Exploits

Yesterday was the annual Pwn2Own hacking contest, and also marks the contest’s 10th anniversary. Hackers compete in challenges to find security holes in popular software and mobile devices. This year, two Safari zero days were found by the white-hat hackers.

Android Insecurity, Messaging Anachronisms, and Legacy Apple Auctions - ACM 402

Bryan and Jeff try and wrap their heads around a world where malware is being installed on Android devices in the supply chain, before customers even get the devices. They also take a trip into the anachronistic world of sealing wax and sealing wax stamps, as well as the fascinating world where 40 year-old Apple I computers are auctioned for hundreds of thousands of dollars.

WIN an iPhone 16 Pro Max!