• Sc chevron_right

    Apple’s Lockdown Mode / Schneier · Sunday, 31 July - 18:21 · 1 minute

I haven’t written about Apple’s Lockdown Mode yet, mostly because I haven’t delved into the details. This is how Apple describes it:

Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware. Turning on Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.

At launch, Lockdown Mode includes the following protections:

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
  • Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
  • Wired connections with a computer or accessory are blocked when iPhone is locked.
  • Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

What Apple has done here is really interesting. It’s common to trade security off for usability, and the results of that are all over Apple’s operating systems—and everywhere else on the Internet. What they’re doing with Lockdown Mode is the reverse: they’re trading usability for security. The result is a user experience with fewer features, but a much smaller attack surface. And they aren’t just removing random features; they’re removing features that are common attack vectors.

There aren’t a lot of people who need Lockdown Mode, but it’s an excellent option for those who do.

News article .

EDITED TO ADD (7/31): An analysis of the effect of Lockdown Mode on Safari.

Collabora Office (
  • Be chevron_right

    Modern XMPP — A story based on Monal / berlin-xmpp-meetup · Saturday, 9 April, 2022 - 18:31 edit

Modern XMPP — A story based on Monal

When? Wednesday, 2022-04-13 18:00 CEST (always 2ⁿᵈ Wednesday of every month)

Where? Hybrid in xHain hack+makespace, Grünberger Str. 16, 10243 Berlin and at the Live Stream. In our virtual room you can ask questions.

#jabber #xmpp #community #xhain #freesoftware #berlin #meetup #federation #ios #monal #apple #livestream

  • Be chevron_right

    Diving deep into Briar (and Monal) / berlin-xmpp-meetup · Friday, 8 October, 2021 - 18:05 edit

Diving deep into Briar (and Monal)

We are very happy to have Nico Alt from The Briar Project with us, who will give a talk Diving deep into Briar: a closer look at its internals If everything works well, the talk will be streamed over Briar is a secure messaging technology based on peer-to-peer communications with no centralized servers.

Also we will welcome a special guest, Thilo Molitor‎ from Monal, who will explain how Monal works and can answer questions. Monal is a "fast, friendly and free" Jabber/XMPP client for iOS and MacOS.

When? Wednesday, 2021-10-13 18:00 CEST (always 2ⁿᵈ Wednesday of every month)

Where?xHain hack+makespace, Grünberger Str. 16, 10243 Berlin (as formerly)

See you then!

If you watch the live stream, you may ask questions in our non-physical room ( Streaming URL and other information will also be passed there.

#jabber #xmpp #community #xhain #freesoftware #berlin #meetup #federation #briar #securemessaging #monal #ios #macos

UPDATED COVID-19 RULES: To enter xHain, you must be fully vaccinated against Covid-19 or recovered ("2G"), with certificate. See Hygiene concept xHain.

  • Nu chevron_right

    L’éditeur de Fortnite demande l’aide de la Commission européenne face à Apple / Numerama · Wednesday, 17 February, 2021 - 15:41

La bataille entre Epic Games et Apple s'étend. Désormais, une plainte est déposée devant la Commission européenne, sur fond d'accusations anticoncurrentielles. [Lire la suite]

Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom !

L'article L’éditeur de Fortnite demande l’aide de la Commission européenne face à Apple est apparu en premier sur Numerama .

  • Ar chevron_right

    Not just Facebook: Snap, Unity warn Apple’s tracking change threatens business / ArsTechnica · Friday, 5 February, 2021 - 18:11

Snapchat on an iPhone.

Snapchat on an iPhone. (credit: Maurizio Pesce )

Social media company Snap (which runs Snapchat) and game development software company Unity have joined Facebook in warning their investors that Apple's imminent ad-tracking change will negatively impact their businesses.

As previously reported, Apple plans to use the next iOS update (iOS 14.5, due out in early spring) to implement a requirement that all apps on the platform gain user opt-in to track users with IDFA (ID for Advertisers) tags. IDFA tags are used to track what users do across multiple apps in order to target advertising more effectively.

Social media giant Facebook has told its own investors that the coming change to Apple's operating system could very negatively impact its advertising revenue, because this kind of tracking-based ad targeting is one of Facebook's main ingredients for success.

Read 7 remaining paragraphs | Comments

  • Ko chevron_right

    Un kext vulnérable pour apprendre à exploiter les OS d’Apple / Korben · Sunday, 31 January, 2021 - 08:00 · 1 minute

Connaissez-vous les kext sous macOS ? Il s’agit des Kernel Extensions… Si je devais prendre un GROS raccourci (On se calme les pinailleurs psychorigides !), je dirais que c’est un peu comme les drivers Windows ou les modules de noyau sous Linux.

Ça se charge avant le chargement complet de l’OS et ça permet d’agir de manière assez bas niveau sur le système. Bref, pour les adeptes du reverse engineering et de l’exploitation de macOS, le kext, c’est le nerf de la guerre.

C’est pourquoi le développeur ant4gonist a mis au point un kext pour iOS / macOS qui contient des vulnérabilités et permet ainsi d’apprendre à exploiter le noyau de macOS / iOS.

Voici les types de vulnérabilités proposées :

#define CRASH             0x1#define HEAP_OVERFLOW     0x2#define INFO_LEAK         0x3#define BUFFER_OVERFLOW   0x4#define USE_AFTER_FREE    0x5   //todo#define INTEGER_OVERFLOW  0x6   //todo#define DOUBLE_FETCH      0x7

La mise en place peut se faire simplement sous macOS, mais également sous iOS en utilisant checkra1n qui permet de jailbreaker l’appareil iOS.

Ensuite, y’a plus qu’à suivre la documentation se trouvant ici pour apprendre à exploiter l’OS proprement.

Une banque qui s’adapte à vous, ça change tout

La Pour vos Cartes VISA Classic et Premier
toujours gratuites

Des process simples, 100 % en ligne, sécurisés et toute la gamme de produits dont vous avez besoin au meilleur prix !

Puisqu’une question ne peut rester sans réponse :

Nos conseillers clients sont disponibles par email ou par téléphone du lundi au vendredi de 8h à 19h et le samedi de 8h45 à 16h30.

Retrouvez également toutes les réponses à vos questions directement en ligne 24h/24.

Des questions pour ouvrir votre compte, joignez nos conseillers commerciaux par tchat.

eprenez la main sur la gestion de vos finances. Retrouvez tous vos services en ligne 7j/7, 24h/24 et même à partir de votre mobile :

Ouverture de vos comptes simple, rapide et 100 % en ligne.
Augmentation instantanée des plafonds de votre Carte Bancaire. (Réservé aux clients de plus de 3 mois. Sous réserve d’éligibilité)
Personnalisation de vos notifications pour suivre en temps réel les opérations sur votre compte.

En savoir plus