The company recommended that application developers migrate directly to TLS 1.3.
Apple refused from insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in recently released versions of iOS and macOS and plans to end support for them in all future releases.
TLS is a cryptographic protocol for secure data transmission over the Internet. The original TLS 1.0 specification and its successor TLS 1.1 have been in use for over twenty years (TLS 1.0 was first introduced in 1999 and TLS 1.1 in 2006). The Internet Engineering Task Force (IETF) officially declared them obsolete in March this year. The next major version of the TLS 1.3 protocol was approved by the IETF in March 2018 – after four years of discussions and 28 drafts.
Apple has deprecated TLS 1.0 and 1.1 in iOS 15, iPadOS 15, macOS 12, watchOS 8, and tvOS 15, and all future releases. The company recommended that developers of applications using outdated versions of the protocol start migrating to TLS 1.2 or newer versions.
For apps that use the App Transport Security (ATS) network security feature on all connections (enabled by default for apps linked to the iOS 9.0 SDK and macOS 10.11 or later), requiring all connections to be secured with secure TLS- certificates and encryption, no action is required.
Apple recommends switching immediately to TLS 1.3, as this version of the protocol is much faster and more secure than TLS 1.2. Developers should add support for the latest version of TLS and remove deprecated Security.framework symbols from applications:
In October 2018, Apple, Microsoft, Google and Mozilla announced their intention to phase out insecure versions of TLS from the first half of 2020. In August 2020, Microsoft activated TLS 1.3 by default in the latest Windows 10 Insider builds.
Hacker Hacked Fast Company’s Apple News Account and Spread Racist Messages
An unknown hacker was able to access the business publication Fast Company’s Apple News account and sent out a series of obscene and racist messages via push notifications. Subscribers are the victims.
Fast Company confirmed the hack, and so did Apple. The incident is currently under investigation.
“Fast Company’s Apple News account was hacked Tuesday night. After that, two push notifications with obscene and racist content were sent with a minute interval. The messages are disgusting and do not match Fast Company content. We are investigating the incident and have also paused feed updates and closed FastCompany.com until we are confident the situation has been resolved.“, – noted in the publication.
Shortly before the shutdown, the hacker himself posted an entire article on the Fast Company website, where he described in detail how he managed to bypass the protection. It turned out that the accounts on the site were protected by the same password, this also applies to the account of the site administrator. Having gained access to them, the hacker was able to get to the authentication tokens and log in to Apple News.
At the same time, in addition to hooliganism, no financial losses or manipulations were recorded.
Young hacker who leaked GTA 6 material denies his guilt
The 17-year-old hacker, who was previously arrested in the UK on suspicion of hacking Rockstar Games and Uber, has pleaded not guilty. According to police, he appeared in court over the weekend, but refused to plead guilty to PC misuse. At the same time, he admitted that he violated the conditions of release on bail. Now he is being held in a juvenile detention center.
According to investigators, the 17-year-old is part of the Lapsus$ hacker group and is behind the recent leak of videos and other details of the $2 billion GTA 6 game.
Earlier, a hacker under the nickname teapotuberhacker published an archive with video and source code from an early version of GTA 6, which has already gone viral. Take-Two tried to stop the spread of the leak, but it was only partially successful.
The hacker also said that it was he who attacked the Uber computer system, gaining access to correspondence, email addresses, and so on.
At the moment, the investigation is ongoing, so it is not yet clear how this story will end.
Cloudflare introduces world’s first eSIM with better security than VPN
Cloudflare has introduced a new solution that may be suitable for smartphone and mobile Internet users. We are talking about an eSIM card called Zero Trust SIM. Its peculiarity is that it provides an increased level of security, reducing the risk of number substitution.
In technical terms, we are talking about the transfer of DNS requests through the Cloudflare gateway, which allows you to protect them from interception and spoofing. Also promised is a check of all intermediate nodes through which the device accesses the Internet.
According to Cloudflare CTO John Graham-Cumming, Zero Trust SIM technology can outperform VPNs and other security systems as it provides cell-level protection.
Zero Trust SIM will launch first in the US, where only a virtual card for iOS and Android will be available at first. When activated, it will bind to a specific device and allow you to protect it. Physical maps are also expected in the future.
The company is also launching Zero Trust for Mobile Operators, an affiliate program for telecom operators that will enable them to offer subscriptions to the services and tools of the Zero Trust platform. In addition, a similar project is expected for the Internet of Things.
1.47-inch AMOLED screen, heart rate and SpO2 sensors, up to 14 days of battery life for $30. Fitness bracelets Huawei Band 7 fell in price in China
The Huawei brand store on the popular Chinese site TMall has reduced the cost of the Huawei Band 7 fitness...
Firefly Aerospace, a private space company, successfully launched a rocket and put several mini-satellites into orbit.
Firefly Aerospace has successfully launched an Alpha rocket and placed seven research mini-satellites into orbit. Some of them were launched...
Meta* allows Facebook and Instagram users to connect their wallets and exchange NFTs
Meta Corporation has made non-fungible token (NFT) related features available to all US Instagram and Facebook users. The ability to...
Astronomers use the James Webb telescope to discover the oldest star cluster in the universe
Using the James Webb Space Telescope, astronomers at the University of Toronto have identified the most distant globular clusters ever...
Electric Cars7 days ago
Powerful sedan from Geely and Volvo on the Geely Tugella platform with 25 sensors. Lynk & Co 03 entered the Chinese market
Components7 days ago
Ryzen 9 7950X at 6.5 GHz consumes as much as a non-overclocked Core i9-12900K
Headphones6 days ago
The main innovation of AirPods Pro 2 is now offered to be turned off: touch volume control was not to everyone’s liking
Gaming6 days ago
The last secret of the “lightweight” PlayStation 5. The console received an updated AMD Oberon Plus platform