14.1 C
London
Saturday, September 23, 2017
Home Tags IMessage

Tag: iMessage

Cheap energy, open land, and tax breaks are making Iowa a go-to for data centers.
Facebook, iMessage, Telegram, and WhatsApp are among the apps the seller is keen to acquire vulnerabilities for.
Exploit broker Zerodium ups the ante with $500,000 to target Signal and WhatsApp.
iOS devices will look and feel a bit different when iOS 11 comes out.
The Samsung Galaxy S8 has taken the tech industry by storm as the best Android smartphone you can buy.

The display is gorgeous, the design is unmatched and the performance is top notch.

The Galaxy S8 finally delivered everything I needed to cut the ...
With users always connected and using multiple devices, data can be in several places at the same time.

For IT and security administrators tasked with securing, tracking, and monitoring that data, startup firm Vera offers policy and access control enforcement, no matter where data is stored or who it's shared with. Today's IT administrators face a problem: They can restrict who has access to their data stored on servers they control, but they're limited when the files move to cloud services or devices they don't manage.
Vera addresses this by applying security rules to a wrapper around the file, so the rules go wherever the files go. Vera's latest offering, Vera for Microsoft, extends this data security approach for Office 365 documents stored locally, on remote SharePoint servers, and in OneDrive for Business cloud storage.
IT and security administrators apply specific security rules, such as who can open documents and what they can do with them, on specific folders, and any Office 365 document placed in that folder automatically inherits those policies and permissions.

The new integrations will be generally available in the beginning of 2017. Microsoft has its own tools for folder-level security, but those protections disappear the second the file leaves the platform.

The Microsoft Azure Information Protection Suite is limited as it only protects static, PDF-based versions of these documents, while Vera supports any file type. Instead of creating and applying a set of security rules for each document individually, Vera for Microsoft lets IT apply file-level permissions in a manner that it is transparent to the user.
Vera's smart policy engine lets IT customize permissions, such as whether users can print or edit the document, the ability to copy/paste elements, or take a screen capture of the file.
Security teams can grant access to Active Directory or SharePoint Groups, as well as to external collaborators. There's also no reason why the file has to stay in Office 365, SharePoint, or OndDrive for Business, as the policies are still in effect even when the file is saved to a third-party platform like Dropbox or Slack, or downloaded onto an unmanaged device.
IT can set an expiration date or revoke access on the fly, at which point the file cannot be opened regardless of where it's stored after that date. Encryption is critical to enterprise security, but it's not as widespread as it should be because it's so difficult from a user standpoint.
If users have to change how they work, then they're less likely to take the extra steps to apply encryption. Consider the example of secure text messaging. Once apps like WhatsApp and iMessage made it really straightforward for users to send encrypted messages, they became much more widely used. User experience is critical to integrating encryption into enterprise data security, and with Vera, it's as simple as saving the file in the right folder. Vera's approach to information rights management reflects the modern reality of how files get moved across different devices and get shared among different users.
IT must have a way to encrypt files, apply policies, and control access, even when they don't have control over the device or server where the document resides.
Enlarge / Unfortunately, it's easier to stick a lock on the Brooklyn Bridge than it is to secure your data. We can at least try to help, though.Andrew Cunningham reader comments 47 Share this story With Thanksgiving behind us, the holiday season in the US is officially underway.
If you're reading Ars, that can only mean one thing: you'll be answering technical questions that your relatives have been saving since the last time you visited home. This year in addition to doing the regular hardware upgrades, virus scans, and printer troubleshooting, consider trying to advise the people in your life about better safeguarding their security and privacy. Keeping your data safe from attackers is one of the most important things you can do, and keeping your communications and browsing habits private can keep that data from being used to track your activities. This is not a comprehensive guide to security, nor should it be considered good enough for professional activists or people who suspect they may be under targeted surveillance.

This is for people who use their phones and computers for work and in their personal lives every single day and who want to reduce the chances that those devices and the accounts used by those devices will be compromised.

And while security often comes at some cost to usability, we've also done our best not to impact the fundamental utility and convenience of your devices. These recommendations simply don't represent the absolute best in security and privacy—the Electronic Frontier Foundation (EFF) has excellent, more in-depth guides on security for activists and protesters that you can read if you want to get even further out into the weeds.

But these are all good, basic best practices you can use if, like so many of us, you want to protect yourself against security breaches and trolls.

Feel free to share it directly with those in your life who insist on doing the computer work themselves. Protecting your devices Install updates, especially for your operating system and your browser This ought to be self-evident, but: install updates for your phones, tablets, and computers as soon as you can when they’re made available.

The most important kinds of software updates are those for the operating system itself and for your browser, since Chrome, Firefox, Safari, Edge, and the rest are common points of entry for attackers. Updates for password managers and other apps on your system are also important, though, so don't ignore those update prompts when you see them. Waiting a day or two to make sure these updates don’t break anything major is fine, but don’t ignore update prompts for days or weeks at a time.

By the time an update exists for a security flaw, it is often already being used in attacks, which is why it’s important to install updates as quickly as possible. On this note, also be careful about using Android phones, which often run out-of-date software without current security patches.

Google’s Nexus and Pixel phones, which get software updates promptly and directly from Google, are the best way to make sure you’re up to date; while Samsung’s newer smartphones are also patched relatively promptly, everything else in the Android ecosystem is hit or miss. Use strong passwords and passcodes Having your accounts hacked is what you should be the most worried about—more on this later—but it’s also important to secure the devices you’re using to access those accounts. It goes without saying that you should use a good, strong password to protect every single user account on any PCs or Macs. On smartphones, you should use as strong a PIN or password as you reasonably can.
If your phone uses a fingerprint reader, take advantage of that added convenience by locking your phone with a strong alphanumeric password.

Target a 12- to 14-character minimum, since shorter passwords are more susceptible to brute force attacks. Encrypt your phones and computers If you need an oversimplified but easily understood way to explain "encryption" to someone, think of it as a massively complex decoder ring; when data is encrypted, it can only be accessed and read by a person or device that has the “key” needed to translate it back into its original form.
It’s important to encrypt your communications, and it’s also important to encrypt the devices you use to access any sensitive data since that data can be stored on them locally whether you realize it or not. The basic encryption guide we ran last year is still current; I’ll cover basic guidelines here, but refer to that for fuller details. iPhones and iPads are encrypted by default. Use a strong passcode and you’ll generally be fine. Macs are not encrypted by default, but FileVault disk encryption is fairly easy to enable in the Security section of the System Preferences. Some newer Android phones are encrypted by default, but go to the Settings and check under Security to confirm (this may differ depending on the phone you use).
If the phone isn’t encrypted, it’s fairly easy to turn it on in the Security settings; protect the phone with a strong passcode afterward. Older phones and tablets may suffer a performance hit, but anything made in the last two or so years should have no major problems. Windows PCs tend not to be encrypted by default, and it’s only easy to enable encryption on newer PCs with the more expensive “Pro” versions of Windows. Windows can be encrypted by default, but only by supporting an esoteric list of requirements that few PCs meet. Protecting your accounts Two-factor authentication The most significant thing you can do to protect your e-mail, bank, Apple, Facebook, Twitter, Google, Amazon, Dropbox, and other accounts is still to enable two-factor authentication (sometimes called two-step authentication or 2FA).

This means using a combination of multiple credentials to get into your account, usually a password and a six-digit code sent to your phone or generated by an authenticator app. There are three primary types of authentication: something you know (i.e. a password), something you have (i.e. your phone or a secure key), or something you are (i.e. your fingerprint or face).

To be considered “true” two-factor authentication, each factor needs to be from a different one of those three categories.
So, for instance, something that requires a password plus your phone is two-factor authentication.
Something that just asks you for two passwords is not, since they’re both something you know. SMS texts sent to your phone are relatively easy to hijack for determined attackers, so you should definitely use an authenticator app whenever possible.
I prefer Authy, but Google Authenticator is also widely used. When you enable two-factor authentication on an account, the first time you log in to an account on a new phone or computer, you’ll generally be asked to enter a special code after you enter your password.

Anyone who has your password but doesn’t have the code can’t get into your accounts. You may also need to sign back in on all of your other devices before you can use them with your account again. Here are instructions for setting up two-factor authentication for a variety of services; if you can’t find yours on this list, Google is your friend; twofactorauth.org is also a helpful resource. Apple Google Microsoft Twitter Facebook Dropbox Slack Amazon Paypal Venmo Stripe Using a password manager (and good password practices) Two-factor authentication is great, but it’s only extra protection on top of good, strong passwords and password practices.
Security researcher Brian Krebs has a good primer on password security here, but the most important things to remember are: Don’t use the same password for multiple sites/services, especially if you use those sites/services to store personal data. Change your password regularly, and change it immediately if you suspect that the service has been hacked or that someone else has tried to use your account. Use the strongest passwords you can. Using various characters (capital and lowercase letters, numbers, punctuation) is important, but password length is also important.

Consider a 12-to-14-character password to be a useful minimum, depending on the site’s password policies. Remembering passwords is annoying, especially if you’re changing them all the time. One solution to this problem is to use a password manager.

These are apps that generate long, random, complex passwords and store them for you in encrypted form either on your device or in the cloud. You have to set and remember one strong master password (we recommend perhaps writing this down and putting it in a safe and secure place), but the app does the rest. There are lots of password managers available, but 1Password is probably the best known and best supported.
It costs $2.99 a month for one person and $4.99 a month for a family of up to five people, and there’s a 30-day free trial available as well. LastPass is also an OK free alternative, though this sort of protection is worth the cost.
It’s also generally a good idea to support companies that do security- and privacy-related work going forward. Protecting your communications and Internet use Enlarge / WhatsApp is one messaging service that features end-to-end encryption, though it's no longer your best option. Andrew Cunningham Using Signal for SMS and voice calls Protecting your communications from being intercepted and read is one of the most important things you can do, but it’s also more difficult than other security measures we've discussed so far. Using an encrypted messaging service is the best way to protect your texts from prying eyes.
If you’re using Apple’s iMessage service (i.e. blue bubbles), you’re already using an encrypted service, but the downside is that it only works between two Apple devices and that Apple may still be able to hand out your data if asked. For communications between an iPhone and an Android phone or between two Android phones, your best option is Signal, a secure SMS app by Open Whisper Systems that provides encryption for both texting and voice calls.

Both you and your recipient will need to have Signal installed for it to work, but the app makes it easy to send out download links to your recipients and it’s easy to set up and use.

The EFF has detailed installation instructions for iOS and for Android. Another encrypted messaging service you may have heard of is WhatsApp, but the company’s acquisition by Facebook in early 2014 has given rise to some concerns among security and privacy advocates.
Still, depending on what the people you know already use, it could be better than just plain SMS or other chat services. Using VPNs, especially on public Wi-Fi You know those unsecured public networks that you log into when you’re at the cafe or coffee shop? Not only can anyone also get on that network and potentially exploit it, but attackers with relatively simple, inexpensive tools can see all of the data that travels between your phone or laptop and the wireless router.

Even networks with passwords (like those you’d use at work or in a hotel, for instance) can expose your data to other people who have the network password. The answer here is to use a Virtual Private Network, or VPN.
If you think of the streams of data going between a router and everything connected to it as an actual stream, then a VPN is a sort of straw or tube that keeps your stream separate from everyone else’s.
VPN services can also hide your browsing data from your Internet service provider, and they can give you some degree of protection from trackers used by websites and ad networks. (Again, like most measures, this is not a guaranteed way to achieve perfect security.) Subscribing to a VPN does cost money, but there are many options that will run $10 or less per month. Private Internet Access offers support for Windows, macOS, iOS, Android, and Linux; will let you use the service on up to five devices simultaneously; and costs a relatively inexpensive $6.95 a month or $39.95 a year (which breaks down to $3.33 a month).
If you use public wireless networks with any frequency at all, a VPN is a must-have and well worth the cost. VPNs aren't cure-alls, since some public networks are set up to keep them from working—sometimes on purpose so they can show you ads, sometimes by accident because they want to keep the networks from being used for anything other than basic Internet. Using a Mi-Fi hotspot or your phone's tethering features when you're in public can be expensive, but it can also provide some peace of mind when you're having trouble getting your VPN to work on a public network. E-mail security (is hard to do) E-mail security is difficult, and both of our security experts on staff have described it to me as a "lost cause" and "fundamentally broken." The primary problem is that even if you take precautions to protect your end of the conversation, you can do little to secure the servers and clients in between and on the receiving end.
Some services like Gmail offer enabled-by-default encryption between your computer and their servers, but sending a message from one server to another is still often unencrypted. Paid services like ProtonMail are promising—it promises enhanced security and privacy and they won't read your messages or scrape data from them so they can sell ads to you—but it hasn't been thoroughly audited, and it only really works as intended when sending mail between ProtonMail accounts. And longstanding e-mail encryption tools like PGP ("Pretty Good Privacy") are notoriously difficult to set up and use. You should definitely do what you can to secure your e-mail from casual snooping, and you should protect your account with the tools we've already mentioned—using an account from a major provider like Google, Microsoft, or Yahoo with a strong password and two-factor authentication enabled is a good way to start.

But for truly sensitive communications that you want to keep private, using Signal or WhatsApp or even Facebook Messenger's "Secret Conversations" feature is a better way to do it. Deleting old e-mails Another mitigating factor for the e-mail problem is message retention—someone with ten years' worth of data to dig through is naturally going to reveal more about themselves than someone who only has six months of messages. Even free e-mail providers often give you so much storage space that it can be tempting to be a digital packrat and just keep everything, both for nostalgic reasons and just in case you ever need it for something.

But the more communications you store, the more information that companies, law enforcement, and hackers have to track your wheelings and dealings. Consider how important or sensitive your communications are, and consider how often you actually need old e-mails.

Consider deleting e-mails at regular intervals—deleting things after one year or even six months can be a good way to start if this is something you’re worried about, and think about deleting unimportant messages even more frequently. Next steps If you’ve done all of these things and you’re looking to do more, the EFF’s Surveillance Self-Defense page is a good resource.
It has more in-depth technical explanations for many of the concepts discussed here, as well as further recommendations.

The EFF also offers Chrome and Firefox plugins like Privacy Badger and HTTPS Everywhere, which (respectively) attempt to keep ads from tracking you across multiple sties and load content over an encrypted HTTPS connection rather than a standard HTTP connection whenever HTTPS is available. You could also look into things like the Tor project, which goes to greater lengths to obstruct surveillance and ensure privacy.
In all the discussion about using encryption, a critical point keeps getting lost: It's difficult to work with, and it's even harder to deploy it at scale. Nowhere is the challenge more evident than in sending secure email. There are many ways to interact and collaborate -- instant messaging, Slack, and so on -- but email still dominates in enterprises.

Even as encryption goes mainstream with secure messaging tools, more websites adopting HTTPS by default, and cloud storage services allowing easier file encryption, sending an encrypted email message is still a challenge. While GPG Sync, a new open source project from First Look Code, doesn't simplify the process of sending encrypted messages, it does "make using encrypted email within an organization less obnoxious for everyone," wrote Micah Lee, a technologist with First Look Code, the software arm of First Look Media. GPG Sync is designed for organizations already doing the heavy lifting by using the public key cryptography implementation GPG (Gnu Privacy Guard) to encrypt email messages. Using GPG is a multistep affair, first creating the user's key, then regularly importing the keys of other users, and verifying the keys actually belong to the correct person. Making sure everyone has the most current key for everyone else is an unwieldy task. New keys are issued to new users as they join, so they need to be imported.
If existing users revoke keys and transition to new keys, other users need to refresh the keys to make sure they are not accidentally using the older keys.

This is the problem GPG Sync solves, by making sure each of the users have up-to-date public keys as defined by a centrally managed list. The project takes a very straightforward approach.

A single trusted person maintains a list of GPG fingerprints used by the organization, which is digitally signed by an "authority key." Each user's copy of GPG Sync recognizes the authority key's fingerprint and knows the URL of where the signed list is stored.

The software automatically makes sure the user has the most current list and references it to refresh all of the nonrevoked keys from a key server.  "Now each member of your organization will have up-to-date public keys for each other member, and key changes will be transitioned smoothly without any further work or interaction," Lee wrote on the project's GitHub page. GPG Sync plays a similar role as S/MIME or certificate authorities in many organizations and is a simpler alternative for organizations that don't want to set up a central authority. It's hard enough using GPG for encrypting emails, so simplifying key management is a real benefit. The caveat is that organizations must already have users set up to encrypt messages with PGP. While there are teams using open source security implementations like OpenPGP, many organizations concerned about encrypted email often prefer commercial offerings, such as Virtru.

The platform sits on top of the organization's existing email system, making it possible for users to send and receive encrypted messages without changing their workflow.
Virtru also provides a secure process for non-Virtru users to access encrypted messages. Projects like GPG Sync are beneficial for the overall open source security ecosystem because they simplify parts of an existing workflow. Making it easier to handle different steps makes the prospect of adopting GPG less daunting. Secure communications suffer from the chicken-and-egg problem. Users like the idea of sending secure messages, but they need to make sure the people they are communicating with are on the same service.
In the world of secure text messaging, users wind up with multiple apps on their mobile devices and have to remember which contact is on which platform to be able to communicate.

Apple encrypting iMessage end-to-end solved that problem for a lot of iOS users, and services like ProtonMail offers free encrypted webmail, but there's still a lot left to do to bring encryption to the masses. 
Implementation a bit slack British developer Ross McKillop says Apple's implementation of URL previews leaks users' IP address and operating system information to websites. The leakage might be a boon to spammers, who could use the operating system information and IP address data to better hone their attacks. Links subject to previews, which displays an image of a website along with some text, are used across applications and services including Slack and Facebook. Those properties send requests originating from their servers to websites linked within URL previews, safeguarding users. Any Apple user merely receiving an iMessage URL preview will have their IP address, operating system, and device type. McKillop considering attack vectors goes further and suggests exploits could be built to exploit when the URL is opened as a preview. "As this request is clearly being made, and parsed, by Safari from the user-agent string it's reasonable to believe that there is potential that an exploit found in Safari could be triggered without the target even browsing to the site, simply by sending them an iMessage containing that URL," McKillop says. "There is no way to switch off this automatic request behaviour, therefore no way to disable this. "Hopefully Apple will either change this or make it an option to request via a proxy enabled by default." ®
iOS 10.2  iOS 10.2 introduces new features including the TV app (US Only), a new and unified experience for accessing your TV shows and movies across multiple video apps.

Emoji have been beautifully redesigned to reveal even more detail and over 100 new emoji have been added including new faces, food, animals, sports, and professions.

This update also includes stability improvements and bug fixes.   TV Use Up Next to see the movies and shows you’re currently watching and pick up where you left off Get recommendations for new movies and TV shows in Watch Now  Discover new apps and the latest iTunes releases in the Store  Access the Library for your iTunes purchases and rentals   Emoji Beautifully redesigned emoji that reveal even more detail Over 100 new emoji including new faces, food, animals, sports, and professions   Photos Improves stabilization and delivers faster frame rate for Live Photos Improves accuracy of groupings of similar photos of the same person in the People album Fixes an issue where Memories might generate a memory from photos of screenshots, whiteboards or receipts Fixes an issue where the camera would stay zoomed in after switching back from the Camera Roll on iPhone 7 Plus Additional support for RAW digital cameras   Messages Adds new love and celebration full screen effects in Messages Fixes an issue that sometimes prevented the keyboard from displaying in Messages   Music Swipe up the Now Playing screen to more easily access Shuffle, Repeat and Up Next Choose how to sort Playlists, Albums, and Songs in Library   News Stories you’ve saved for later now appear in the new Saved section The best paid stories from channels you subscribe to will now appear in a dedicated section in For You It’s now easier than ever to get to the next story, just swipe left or tap Next Story while reading   Mail Fixes an issue that caused the Move sheet to persist after filing a Mail message Addresses an issue with long press activating copy and paste in Mail Fixes an issue in which the wrong message would be selected after deleting a Mail conversation   Accessibility Adds BraillePen14 support to VoiceOver Fixes an issue where the braille table could switch unexpectedly with VoiceOver Fixes an issue where sometimes Siri enhanced voices were unavailable to VoiceOver Fixes an issue where VoiceOver users could not re-order items in lists Fixes an issue where Switch Control was sometimes unable to delete Voicemails   Other improvements and fixes Adds notification support for HomeKit accessories including window coverings, occupancy, motion, door/window, smoke, carbon monoxide, and water leak sensors Adds notification support for HomeKit accessories when software updates are available to HomeKit accessories  Improves Bluetooth performance and connectivity with 3rd party accessories Fixes an issue that could cause FaceTime participants to appear out of focus Fixes an issue that could cause FaceTime calls to appear with incorrect aspect ratio and orientation Fixes an issue that prevented some Visual Voicemail from completing playback Fixes a Safari Reader issue that could cause articles to open as empty pages Fixes an issue that could cause Safari to quit unexpectedly after marking an item as read in Reading List   For information on the security content of Apple software updates, please visit this website: https://support.apple.com/HT201222 iOS 10.1.1 This update fixes bugs including an issue where Health data could not be viewed for some users. For information on the security content of Apple software updates, please visit this website:  https://support.apple.com/kb/HT201222 iOS 10.1 This update includes Portrait Camera for iPhone 7 Plus (beta), transit directions for Japan, stability improvements and bug fixes. Camera and Photos Introduces Portrait Camera for iPhone 7 Plus that creates a depth effect that keeps your subject sharp while creating a beautifully blurred background (beta) People names in the Photos app are saved in iCloud backups Improved the display of wide color gamut photos in the grid views of the Photos app Fixes an issue where opening the Camera app would show a blurred or flashing screen for some users Fixes an issue that caused Photos to quit for some users when turning on iCloud Photo Library Maps Transit support for every major train, subway, ferry, and national bus line, as well as local bus systems for Tokyo, Osaka, and Nagoya Sign-based transit navigation including layouts of all underground structures and walkways that connect large transit stations Transit fare comparison when viewing alternative transit routes Messages New option to replay bubble and full screen effects Messages effects can play with Reduce Motion enabled Fixes an issue that could lead to contact names appearing incorrectly in Messages Addresses an issue where Messages could open to a white screen Addresses an issue that could prevent the report junk option from displaying with unknown senders Fixes an issue where videos captured and sent in the Messages app could be missing audio Apple Watch Adds distance and average pace to workout summaries in the Activity app for outdoor wheelchair run pace and outdoor wheelchair walk pace Fixes issues that may have prevented Music playlists from syncing to Apple Watch Addresses an issue that was preventing invitations and data to appear in Activity Sharing Fixes an issue that was allowing Activity Sharing to update over cellular when manually disabled Resolves an issue that was causing some third-party apps to crash when inputting text Other improvements and fixes Improves Bluetooth connectivity with 3rd party accessories Improves AirPlay Mirroring performance when waking a device from sleep Fixes an issue where playback would not work for iTunes purchased content when the “Show iTunes Purchases” setting is turned off Fixes an issue where certain selfie apps and face filters used with the FaceTime HD Camera on iPhone 7 and iPhone 7 Plus did not display a live preview Fixes an issue in Health where individual strokes are converted to separate characters when using the Chinese handwriting keyboard Improves performance of sharing websites from Safari to Messages Fixes an issue in Safari that caused web previews in tab view to not display correctly Fixes an issue that caused certain Mail messages to be reformatted with very small text Fixes an issue that caused some HTML email to be formatted incorrectly Fixes an issue that in some cases caused the search field to disappear in Mail Fixes an issue that could prevent Today View Widgets from updating when launched Fixes an issue where Weather widget sometimes failed to load data Fixes an issue on iPhone 7 where Home Button click settings would not appear in search results Fixes an issue that prevented spam alert extensions from blocking calls Resolves an issue that could prevent alarm sounds from going off Fixes an issue where audio playback via Bluetooth would cause the Taptic engine to stop providing feedback for some users Resolves an issue preventing some users from restoring from iCloud Backup For information on the security content of this update, please visit this website: https://support.apple.com/HT201222 iOS 10.0.3 iOS 10.0.3 fixes bugs including an issue where some users could temporarily lose cellular connectivity.  For information on the security content of this update, please visit this website: https://support.apple.com/kb/HT201222     iOS 10.0.2 iOS 10.0.2 fixes bugs and improves the stability of your iPhone or iPad.

This update:   Addresses an issue that could prevent headphone audio controls from temporarily not working Resolves an issue that caused Photos to quit for some users when turning on iCloud Photo Library Fixes an issue that prevented enabling some app extensions   For information on the security content of this update, please visit this website: https://support.apple.com/kb/HT201222   iOS 10.0 - iOS 10.0.1 Messages Expressive Messaging Bubble effects let you send messages loudly, gently, slam or with invisible ink Full-screen effects to celebrate special moments Tapback for quick replies to messages, links, and photos Handwritten messages animate like ink on paper Digital Touch lets you send sketches, taps, and heartbeats Tap to replace can emojify your text with just a tap Rich links show a preview of web pages you share iMessage apps New App Store for iMessage Use the power of apps in Messages to share and collaborate with friends Download stickers to send and place on text bubbles and photos   Siri Siri now works with the following types of apps Messaging apps to send, search and read back text messages VoIP apps to place phone calls Photos apps to search for images and photos Ride service apps to book rides Payment apps to make personal payments Fitness apps to start, stop, and pause workouts CarPlay automaker apps to adjust climate, radio, seat, and personal settings   Maps All new look Proactive suggestions for places you’re likely to go next, based on your routine or appointments in Calendar Improved search with new callout design, clustered results and category filters Home, work, favorite locations, and locations from upcoming Calendar events are displayed on the map Displays where your car is parked via CarPlay or Bluetooth Weather for the currently viewed area Extensions Make a reservation within Maps using extensions from participating reservations apps Book a ride to a destination within Maps using extensions from participating ride service apps Turn-by-turn navigation improvements Search along route for gas stations, food, and coffee shops Automatic view adjustment of the road ahead Use pan and zoom during navigation Option to avoid tolls and highways   Photos Advanced face recognition designed with deep learning to automatically group similar faces together Object and scene recognition to intelligently search for photos by what’s in them using advanced computer vision that scans your library locally on device Places album to see all your photos, videos and Live Photos on a map Memories Intelligently highlights forgotten events, trips, and people, and presents them in a beautiful collection Memory movies automatically edited with theme music, titles, and cinematic transitions Related memories make it easy to rediscover even more photos in your collection, based on location, time, people, scenes and objects Easily share with family and friends Brilliance control applies region-specific adjustments to brightness, highlights and contrast   Home New Home app to securely manage and control HomeKit enabled accessories Scenes to control groups of accessories with just a tap Rich Notifications with quick actions to control accessories Optionally share home access with family and friends Remote access and automation of accessories with Apple TV or iPad   Apple Music An all-new design for Apple Music brings greater clarity and simplicity to every aspect of the experience Navigate your Library with an improved menu and see all of the Downloaded Music that you can play on your device while offline See recommendations in For You that highlight mixes, playlists, albums, and Connect posts—selected for you based on the music and artists you love Visit Browse to more easily see exclusive releases, find curated playlists, and discover the most important new releases—picked by our editors each week Listen to Radio more easily—clearly see what’s live on Beats 1, hear your favorite shows on-demand, or choose a curated station for any genre of music Play music with an improved Now Playing experience—swipe up to view available lyrics and quickly see or edit songs that are coming up next   Apple News An all-new design in For You adds bold typography, vibrant color, and distinct sections that make it easier to find stories on specific topics See the most important stories of the day within Top Stories—updated by our editors throughout the day Find the most popular stories right now within Trending Stories—selected based on what others are reading See all of your stories grouped into easy-to-understand sections on the topics you follow or read Discover the best and most interesting stories of the week within Featured Stories—selected by our editors Share stories more easily—just tap the icon on any story to send it to a friend right from For You Receive breaking news notifications from some of your most trusted sources Subscribe to your favorite magazines and newspapers directly in News New personalized Today View widget lets you keep up with the latest stories throughout the day   Experience Raise to Wake automatically wakes the screen as you raise your iPhone Rich notifications that support real time information, audio, photos and videos Today view is redesigned and supports all new widgets for apps like Weather, Up Next, Maps, Stocks and more Control Center is redesigned with easier to access controls including dedicated cards for music playback and Home Expanded use of 3D Touch Lock screen notifications to support an expanded view and access to quick actions New quick actions for built in apps like Weather, Stocks, Reminders, Health, Home, FaceTime, iCloud Drive and Settings Home Screen widgets Control Center for access to quick actions for Flashlight, Timer, Calculator and Camera Clear all in Notification Center   QuickType New emoji, including gender diverse options to existing characters, single parent family variations, rainbow flag and beautiful redesigns of popular emoji Contextual predictions for current location, recent addresses, contact information and calendar availability using deep neural network technology Emoji predictions Calendar events are intelligently populated using deep learning technology with information from your conversations in Mail and Messages Multi-lingual typing now lets you type in two languages at once without having to switch keyboards Rest & Type on iPad intelligently adapts to your unique typing patterns Predictive typing now uses deep neural network technology for greater prediction accuracy   Phone Voicemail transcription (beta) Spam call alerts with spam call identification apps Support for third party VoIP apps receiving calls on the Lock screen, including support for Call Waiting, Mute and Do Not Disturb   Other improvements Apple Pay in Safari View two pages at once using Split View in Safari on iPad Notes collaboration lets you invite people to work on your notes together Markup support in Messages, Photos and PDFs stored in Notes Bedtime Alarm in the Clock app lets you set a regular sleep schedule and receive bedtime reminders Health adds support for health records and organ donation (US Only) Stabilization support for Live Photos for improved camera capture Live Filters support when capturing Live Photos iCloud Drive now supports Desktop and Documents folders from macOS Live search results in Spotlight for Chinese and Japanese Siri support for Spanish (Chile), Chinese (Cantonese - China), English (Ireland), English (South Africa) Ling Wai and Kaiti Black document fonts for Chinese Yu Kyokasho and Toppan Bunkyu fonts for Japanese New definition dictionaries in Traditional Chinese and Danish and bilingual dictionaries in Dutch and Italian New keyboard for Spanish (Latin America)   Accessibility Magnifier now uses the camera on your iPhone or iPad like a digital magnifying glass for real-life objects New range of display color filters to support different forms of color blindness or other vision challenges VoiceOver adds a Pronunciation Editor to customize the way words are pronounced, additional voices, and support for multiple audio sources Additional text highlighting options in Speak Screen and Speak Selection, as well as the ability to speak keyboard letters and predictive typing suggestions to support multi-modal learning Switch control now lets you control iOS, macOS and tvOS all from the same iPhone or iPad, so you don’t need to configure switches for the secondary device Software TTY allows you to place and receive TTY calls without the need for traditional hardware teletypewriter accessories Some features may not be available for all countries or all areas, for more information visit:    http://www.apple.com/ios/feature-availability and http://www.apple.com/ios/whats-new For information on the security content of this update, please visit this website:       http://support.apple.com/kb/HT1222
No phone taps on WhatsApp is whack, moan spymasters European ministers are debating a clampdown on encryption and a further increase in surveillance in response to mounting terrorist threats. Bernard Cazeneuve, France’s interior minister is due to meet his German counterpart, Thomas de Maizere, to discuss possible regulations to limit the use of encrypted communications across the EU. “It’s a central issue in the fight against terrorism,” Cazeneuve told reporters, the FT reports. France has tabled surveillance laws that incurred the wrath of privacy campaigners.

Germany has been a bulwark in favour of privacy but there is a sense this may change - or at least be up for debate in the wake of recent terrorist incidents in the country.

This is despite the fact that encrypted communications failed to feature as an element in what have essentially been lone wolf attacks. The Isis terror cells that plotted bloody attacks in Paris and Brussels communicated with each other, but how much, if at all, they relied on encrypted comms is far from clear.
Some members reportedly used WhatsApp and Telegram. Patrick Calvar, French homeland security chief, told the FT that gigabytes of data were collected after November’s Paris attack but “it is often encrypted, and impossible to decipher”. Western governments (or more particularly law enforcement) view apps that come with end-to-end encryption – such as Facebook’s WhatsApp and Apple’s iMessage – as a potential barrier in investigations. Over-the-top mobile services such as WhatsApp are currently outside the scope of the EU’s e-privacy directive, which covers how customer data is handled, including in response to law enforcement requests.

This provision may change, although a shift is far from certain. Technologists, in general, remain opposed to golden keys for governments or other measures that would weaken the protection encryption offers. Jacob Ginsberg, senior director at encryption company Echoworx, argued that existing wiretap laws are adequate and that governments ought to be obliged to get judicial approval for surveillance ops. "No one can argue with the fact that if intelligence agencies and the police were able to access and look inside all houses, they would catch more criminals," Ginsberg said. "But is this going too far? We also have to consider how this may be putting the majority of law-abiding citizens at risk.

European lawmakers need to remember that cyber-surveillance is no different than old school wire-tapping." He adds: "However, the government requires court approval for a wiretap and only after they have demonstrated evidence of reasonable suspicion.

They should not be allowed to circumvent existing laws based on type of media being surveilled.

These laws were put in place to protect the average person from this kind of intrusion. "The same rules should apply regardless of whether it's phone conversations or web and social media use being tapped.

There is a balance that needs to be struck but it is absolutely vital that there is appropriate judicial oversight dictating the use of these powers,” he concluded. ® Sponsored: 2016 Cyberthreat defense report
The EU wants to force WhatsApp, iMessage and other internet-based tools to abide by tougher data-protection rules, leaked documents say. By Matthew BroersmaThe European Union is looking to extend some of the privacy rules that currently apply to telecommunications companies to cover internet-based services such as Skype and WhatsApp in a way that could restrict their use of encryption, according to reports.The EU's plans could also oblige digital services to allow users to take content, such as copies of emails, with them when they change providers, according to reports from media outlets including The Financial Times and Reuters, all of which cited internal EU documents.New Privacy Obligations The privacy and confidentiality obligations for internet firms remain to be defined, according to the EU documents. Currently 2002's Privacy and Electronic Communications Directive, known as the ePrivacy Directive, applies only to telecoms providers such as Vodafone or Orange, and those providers have argued the rules place them at a disadvantage to web-based competitors.Facebook's WhatsApp, for instance, protects its communications with end-to-end encryption, while telecoms companies are barred from doing so, being subject to wiretapping and "lawful interception" demands by governments.Apple's mobile iMessage service also claims to offer end-to-end encryption, while Microsoft's Skype encrypts communications but also says it monitors message content for the purposes of blocking fraud and other illegal activity. ePrivacy Review The possible changes are part of a review to the ePrivacy rules announced by the EU in April, when it launched a public consultation seeking the views of stakeholders.The EU said the review was motivated in part by the introduction of the General Data Protection Regulation this year, which is set to broadly alter Europe's data protection environment.While organizations including national data protection regulators, telecoms companies and internet firms have published their responses to the consultation, the EU's own views have not previously been made public.Orange pointed out in its response that internet-based services are "allowed to commercially exploit the traffic data and the location data they collect", while telecoms firms are restricted in how they use such information.In its response, Facebook argued against any extension of the ePrivacy rules, saying new restrictions could mean it would "no longer be able to guarantee the security and confidentiality of the communication through encryption" and therefore could "have the undesired consequence of undermining the very privacy it is seeking to protect".The European Commission has said it does not necessarily plan to treat all communications services the same for all purposes. Spectrum Changes A broader reform of the EU's telecoms rules is set to begin next month, and the Commission is proposing to take the opportunity to increase the term of spectrum licenses from 10 to 25 years, according to internal documents cited by Reuters.That move, intended to introduce a more stable market for operators and encourage them to boost their investments, could face opposition from national governments, for whom spectrum license auctions have proven a lucrative source of income.Under the results of a June referendum, the UK is set to exit the European Union, but EU laws are likely nevertheless to continue to influence British policies.