The servers are designed in the US by an American company called Super Micro, and do not include the chip in their designs. It is thought the chip must have been added in China, during the manufacturing process for the servers. The chip is an example of a “hardware hack” where hardware is modified to perform functions that wasn’t originally intended in the design. It is suspected the purpose of the chip is to spy on American companies and their users.

The lengthy publication by Bloomberg reports that Apple and Amazon were among those companies affected, but both companies refute the claim. An Apple spokesperson told Bloomberg that they had no history of finding malicious chips or hardware manipulations in any of its servers. Apple no longer used Super Micro servers after ending their contract with them in 2016.

Amazon also disputes the claims about their servers containing malicious chips and says they have not worked with the FBI to investigate malicious hardware within the company. Super Micro join Apple and Amazon in denying the claims about its servers.

In response to the allegations, China’s Ministry of Foreign Affairs released a statement saying “China is a resolute defender of cybersecurity. It advocates for the international community to work together on tackling cybersecurity threats through dialogue on the basis of mutual respect, equality and mutual benefit. Supply chain safety in cyberspace is an issue of common concern, and China is also a victim. China, Russia, and other member states of the Shanghai Cooperation Organization proposed an “International code of conduct for information security” to the United Nations as early as 2011. It included a pledge to ensure the supply chain security of information and communications technology products and services, in order to prevent other states from using their advantages in resources and technologies to undermine the interest of other countries. We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.

[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]

The post Chinese Spying Chips Found Hidden on US companies’ servers appeared first on Hack Ware News.

The teen told the court he hacked into Apple’s server’s multiple times, over the course of a year, between 2015 and 2017. His presence was eventually detected on the servers, leading to him being blocked and the Federal Bureau of Investigation (FBI) contacted to conduct an investigation. The FBI enlisted the help of the Australian Federal Police (AFP), who located the teen and raided his home to arrest him. The AFP seized several Apple products from his home, including 2 laptops, a mobile phone, and a hard drive harbouring a suspicious file, aptly name “Hacky Hack Hack Methods Exclude”. The data they seized was found to be sensitive from a commercial point of view.

The court heard that the teen used a virtual private network (VPN) in order to remotely connect to Apple’s systems and steal data. He did this by installing a malicious script, designed to access the systems and bypass the security and firewall features, eventually leading them to the right places, where they could download the data.

In response to this attack, Apple has released a statement assuring customers that no personal information was gained from the attack. The lenient sentence has meant that the unnamed boy can now move on with this life and go to university, where he intends to study criminology and cyber safety.

[stackCommerce layout=”2″ count=”5″ sort=”best_sellers”][/stackCommerce]

The post Teen who hacked Apple gets no Jail Time appeared first on Hack Ware News.

Yes, the Onavo VPN app is owned by Facebook. VPNs are supposed to keep one’s activities hidden from prying eyes but if you got you’re VPN from Facebook, you probably have it coming. Well, Apple has put a stop on this activity and will keep more iOS users from falling victim, but Android users are still open.

Why download Onavo in the first place? The premise of the app is to offer a secure VPN service for mobile internet users. As per the Onavo website, Onavo Protect keeps users safe by blocking potentially harmful websites from acquiring personal information.

The app also monitors how much mobile data is used by other mobile apps to protect users from overconsumption, which is a very bad thing especially when international roaming. The problem is, that to in order to count how much data is being consumed by other apps, the data is actually collected, by Facebook who has owned the Israeli startup Onavo since 2013.

What Onavo does:

• Add an extra layer of security
• Secure personal information while on public Wi-Fi
• Provide a fast, free and secure VPN
• Alerts when apps use too much data
• Blocks apps from using data in the background
• Limits apps to use Wi-Fi only
• Notifies user when an app reaches a certain amount of data

Onavo Protect officially collects measures:

• Mobile network name
• Mobile network code
• Mobile country code
• Locale/language
• iOS version
• Onavo app version.
• Also when the mobile device screen is on/off
• Tracks daily data usage on Wi-Fi and mobile data
• DNS request to measure latency.

Onavo is apparently open to saying that they will be collecting mobile data traffic in order to perform its tasks as stated in the Google Play Store app description. But, much like EULAs, many users pretty much ignore these notices and/or messages that apps will be needing access to a bunch of things from their phones including private pics from their photo gallery.

Onavo App description on Google Play:

As part of providing these features, Onavo may collect your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we’re part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value and build better experiences.

The previous statement sounds somewhat changed that it now justifies Facebook’s data collection as well as its ownership. This data collection however has led to the acquisition of WhatsApp, apparently because it’s so popular and that Onavo now bombards users with targeted advertising.

But the whole thing doesn’t sit well with Apple’s new policies which went in effect last June and the company told Facebook to voluntarily remove Onavo from the App Store.

We work hard to protect user privacy and data security throughout the Apple Ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing…

–Apple

Onavo iOS users who don’t mind the data collection can still use their existing apps and continue to download them when upgrading or changing devices, however, they can’t expect any more updates.

The post Apple Stops Facebook from Spying appeared first on Hack Ware News.