The COVID-19 pandemic is creating an urgent need for technical solutions to assist in the critical process of digital contact tracing. Apple has now released iOS 13.5 to the general public, including the exposure notification API framework it developed with Google. In this blog, I’m going to take a deeper look at how these solutions work from a technical perspective and the potential security considerations.
Yes, there’s really a World Password Day. Celebrated on the first Thursday of May, the event was started by Intel in 2013 to raise awareness of the need for secure passwords. As a security professional, I must admit that 7 years later, I question the need to continue to observe this event. Do we, in the year 2020, really still need to be told that passwords are important? Sadly, yes. We still need a reminder that secure passwords are incredibly important. While I imagine most people would say they know that, it’s one thing to know it and quite another to put it into practice. In 2020, issues associated with passwords still abound.
Digital contact tracing is an emerging technology in response to the COVID-19 pandemic. While innovative, intriguing and necessary, it raises some interesting privacy and employment law concerns. My co-author Dan Schwartz and I share our initial thoughts on this evolving issue.
Reports of a bug being actively exploited affecting the Apple Mail iOS application are making news. This bug may have been leveraged in the wild as early as January of 2018, according to sources. Apple has not confirmed that they have seen this attack being exploited against customers. However, it has confirmed that the bug isn’t happening in the beta of the latest (unreleased) iOS. Other security researchers have confirmed the “likelihood” of the legitimacy of this attack being used in the wild. If the vulnerability is truly being exploited, the risks are very real.
ADNET proudly partners with leading technology and business solution providers to help our clients find the best possible fit for their needs. We encourage you to visit our partners’ websites to learn more about their services.