An anonymous reader writes Apple bought Siri in 2010, but its core technology is owned by Nuance, maker of Dragon NaturallySpeaking. Now Samsung is looking to buy Nuance. From the article: "This past June, Nuance and Samsung began merger talks, but nothing came of it. At the time, the two companies said talks had 'slowed' due to 'complexities.' But they didn't say it was dead. Guess what? The talks are back on. The first hint came in June, after the company missed the quarterly projections. The Wall Street Journal then brought up the talks with Samsung and also noted the company had taken financial steps that could indicate a buyout was imminent. The company’s earnings report for June stated that Nuance was redeeming $250 million in 2027 convertible notes. By calling back the debt, that would save the future acquirer around $50 million from a debt-to-share conversion."
Please create an account to participate in the Slashdot moderation system
An anonymous reader writes New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has been spotted. The malware, dubbed Mac.BackDoor.iWorm, targets computers running OS X and makes extensive use of encryption in its routines, Dr. Web researchers noted. What's even more interesting is that it gets the IP address of a valid command and control (C&C) server from a post on popular news site Reddit. The malware is capable of discovering what other software is installed on the machine, opening a port on it, and sending a query to a web server to acquire the addresses of the C&C servers.
First time accepted submitter Kexel writes Security researchers have claimed to discover the first Apple iOS Trojan attack in a move to thwart the communications of pro-democracy Hong Kong activists. From the article: "The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday. They uncovered the spyware while investigating similar malware for Google Inc's Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon. It is unclear how iOS devices get infected with Xsser, which is not disguised as an app."
jones_supa (887896) writes Apple has released the OS X Bash Update 1.0 for OS X Mavericks, Mountain Lion, and Lion, a patch that fixes the "Shellshock" bug in the Bash shell. Bash, which is the default shell for many Linux-based operating systems, has been updated two times to fix the bug, and many Linux distributions have already issued updates to their users. When installed on an OS X Mavericks system, the patch upgrades the Bash shell from version 3.2.51 to version 3.2.53. The update requires the OS X 10.9.5, 10.8.5, or 10.7.5 updates to be installed on the system first. An Apple representative told Ars Technica that OS X Yosemite, the upcoming version of OS X, will receive the patch later.
Nerval's Lobster writes Apple touts the Swift programming language as easy to use, thanks in large part to features such as Interface Builder, a visual designer provided in Xcode that allows a developer to visually design storyboards. In theory, this simplifies the process of designing both screens and the connections between screens, as it needs no code and offers an easy-to-read visual map of an app's navigation. But is Swift really so easy (or at least as easy as anything else in a developer's workflow)? This new walkthrough of Interface Builder (via Dice) shows that it's indeed simple to build an app with these custom tools... so long as the app itself is simple. Development novices who were hoping that Apple had created a way to build complex apps with a limited amount of actual coding might have to spend a bit more time learning the basics before embarking on the big project of their dreams.
First time accepted submitter chasm22 writes EU Regulators are apparently set to accuse Apple and the Irish government of entering into several sweetheart deals that left Apple with lower taxes than what it legally owed. If the ruling is upheld, Apple could owe billions in back taxes. Interestingly, it seems that the Irish government would actually get the extra money and suffer little for its part in the scheme.
An anonymous reader writes: Over the past several days, we've been hearing reports about some amount of users noticing that their brand new iPhone 6 Plus is bending in their pockets. The pictures and videos shown so far have kicked off an investigation, and Consumer Reports has done one of the more scientific tests so far. They found that the iPhone 6 Plus takes 90 pounds of pressure before it permanently deforms. The normal iPhone 6 took even less: 70 lbs. They tested other phones as well: HTC One (M8): 70 lbs, LG G3: 130 lbs, iPhone 5: 130 lbs, Samsung Galaxy Note 3: 150 lbs. The Verge also did a report on how Apple torture-tests its devices before shipping them. Apple's standard is about 55 lbs of pressure, though it does so thousands of times before looking for bends. One analysis suggests that Apple's testing procedure only puts pressure on the middle of the phone, which doesn't sufficiently evaluate the weakened area where holes have been created for volume buttons. Consumer Reports' test presses on the middle of the device as well.
An anonymous reader writes "Open source operating systems vulnerable to the Shellshock bug have already pushed two patches to fix the vulnerability, but Apple has yet to issue one for Mac OS X. Ars Technica speculates that licensing issues may be giving Apple pause: "[T]he current [bash] version is released under the GNU Public License version 3 (GPLv3). Apple has avoided bundling GPLv3-licensed software because of its stricter license terms....Apple executives may feel they have to have their own developers make modifications to the bash code."" It's also worth noting that there are still flaws with the patches issued so far. Meanwhile, Fedora Magazine has published an easy-to-follow description of how Shellshock actually works. The Free Software Foundation has also issued a statement about Shellshock.
CowboyRobot writes: HTTPS has evolved into the de facto standard for secure Web browsing. Through the certificate-based authentication protocol, Web services and Internet users first authenticate one another ("shake hands") using a TLS/SSL certificate, encrypt Web communications end-to-end, and show a padlock in the browser to signal that a communication is secure. In recent years, HTTPS has become an essential technology to protect social, political, and economic activities online. At the same time, widely reported security incidents (such as DigiNotar's breach, Apple's #gotofail, and OpenSSL's Heartbleed) have exposed systemic security vulnerabilities of HTTPS to a global audience. The Edward Snowden revelations (notably around operation BULLRUN, MUSCULAR, and the lesser-known FLYING PIG program to query certificate metadata on a dragnet scale) have driven the point home that HTTPS is both a major target of government hacking and eavesdropping, as well as an effective measure against dragnet content surveillance when Internet traffic traverses global networks. HTTPS, in short, is an absolutely critical but fundamentally flawed cybersecurity technology.
An anonymous reader writes The FBI is concerned about moves by Apple and Google to include encryption on smartphones. "I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the contents," FBI Director James Comey told reporters. "What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law." From the article: "Comey cited child-kidnapping and terrorism cases as two examples of situations where quick access by authorities to information on cellphones can save lives. Comey did not cite specific past cases that would have been more difficult for the FBI to investigate under the new policies, which only involve physical access to a suspect's or victim's phone when the owner is unable or unwilling to unlock it for authorities."
The recently disclosed bug in bash was bad enough as a theoretical exploit; now, reports Ars Technica, it could already be being used to launch real attacks. In a blog post yesterday, Robert Graham of Errata Security noted that someone is already using a massive Internet scan to locate vulnerable servers for attack. In a brief scan, he found over 3,000 servers that were vulnerable "just on port 80"—the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. And his scan broke after a short period, meaning that there could be vast numbers of other servers vulnerable. A Google search by Ars using advanced search parameters yielded over two billion web pages that at least partially fit the profile for the Shellshock exploit. More bad news: "[T]he initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry." And CNET is not the only one to say that Shellshock, which can affect Macs running OS X as well as Linux and Unix systems, could be worse than Heartbleed.
blottsie writes Apple knew as early as March 2014 of a security hole that left the personal data of iCloud users vulnerable, according to leaked emails between the company and a noted security researcher. In a March 26 email, security researcher Ibrahim Balic tells an Apple official that he's successfully bypassed a security feature designed to prevent "brute-force" attacks. Balic goes on to explain to Apple that he was able to try over 20,000 passwords combinations on any account.
alphadogg writes Within hours of releasing an iOS 8 update to address assorted bugs in the new iPhone and iPad operating system Apple has been forced to pull the patch, which itself was causing iPhone 6 and 6 Plus users grief. Reports filled Apple support forums that the iOS 8 update was cutting off users' cell service and making Touch ID inoperable. The Wall Street Journal received this statement from Apple: "We have received reports of an issue with the iOS 8.0.1 update. We are actively investigating these reports and will provide information as quickly as we can. In the meantime we have pulled back the iOS 8.0.1 update."
MojoKid writes: Apple's iPhone 6 Plus weighs six ounces, and it's a scant 7.1mm thick. As an added bonus, according to a number of users, it has a hidden feature — it bends! And no, we don't mean it bends in a "Hey, what an awesome feature!" sort of way. More like a "Hey, the entire phone is near to snapping" kind of way. What's even more troubling is that many of the users who are reporting bent devices also claim that they were carrying it in front pockets or in a normal fashion as opposed to sitting on it directly. Either some of the iPhone 6 Plus hardware is defective (the vastly preferable option) or it's because the tests run by other venues are putting different kinds of stress on the chassis. It's not clear what the story is. Hopefully Apple will clarify it soon.
electronic convict writes: A year ago, security researcher Marc Rogers demonstrated how to spoof the TouchID sensor in the iPhone 5S using some Elmer's glue and glycerol — oh, and a high resolution camera and a laser printer. Has TouchID security improved at all on the iPhone 6? Not really, Rogers reports in his latest post, in which he again hacks the iPhone 6's TouchID sensors using the same method as before. "Fake fingerprints created using my previous technique were able to readily fool both devices [the 6 and the 5S]," he reports. Rogers, however, says there's no reason to panic, as the attack requires substantial skill, patience and a good clear fingerprint. As he writes: "We use locks on our doors to keep criminals out not because they are perfect, but because they are both convenient and effective enough to meet most traditional threats."