iTunes Doesn’t Use Encryption
Encryption is one of those words that sends non-nerds running but it’s really very simple. Encryption is like an envelope for snail mail. It hides what’s inside and ensures your mail gets to you without being seen by prying eyes.
There are different types and methods of encryption. To use our mail analogy again, the weakest forms of encryption would be a paper envelope. Most browsers use the equivalent of a steel box.
It might seem like overkill, but it’s much easier on the internet for attackers to view lots of information quickly.
Apple uses encryption for the actual purchase process, but the actual downloads for movies, music, TV, and apps is unencrypted. What this means is, if you download something on a public network, Starbucks for instance, other people on the network can very easily see what you’re downloading.
This isn’t a deal breaker for using iOS, but until Apple fixes this, I recommend only downloading from the Apple stores on networks you trust.
China is Misdirecting Internet Traffic
Tech titan Oracle has confirmed a paper released a couple of months ago that China is misdirecting traffic. This one is fairly technical, but they’re hijacking traffic off the main internet line that connects the US and Asia and routing it through their own equipment, presumably to steal or, at least, analyze the information.
Graphics Memory Hack
A paper released from Georgia Tech has disclosed the potential for recovering web pages that you were looking at, even after the browser has been closed by hacking your video card’s memory. This attack is very possible, but requires physical access to your computer. The threat level on this one is low, but I’d be remiss if I didn’t at least mention it.
Here’s a good rule for situations like this: don’t look at things online you wouldn’t want your mother to catch you looking at.
Highly technical source paper here.
Ransomware Attack on Moscow’s Cable Car
Details are scarce, but two days after the mayor of Moscow, Russia launced the new cable car service, hackers shut the system down with a ransomware attack.
The system is back up and running after two days of downtime.