This week was one of revelations in the security world, most of them centered around nation-states pulling off ambitious hacks. In the wake of reports that Russia had used Kaspersky Lab software to steal NSA secrets, we took a look at the antivirus paradox that applies to every company selling it. And given reports that North Korea had attempted to hack a US energy utility, we looked at when exactly grid-attacks should freak you out.
You know how annoying it is when you’re just futzing along on your iPhone and suddenly a pop-up prompts you to enter your Apple ID password for no good reason? As developer Felix Krause illustrates, that reason might well be “a bad guy wants to steal your info.” Krause says that it’s “shockingly easy” for a shady developer to prompt people to enter their passwords using iOS’s UIAlertController, which lets developers create pop-ups that also happen to mimic the system dialog. How to protect yourself? Don’t download untrusted apps first of all. But you can also hit the home button when a pop-up asks for your password. If the app quits, someone was phishing you. If not, it’s a real-deal iOS request.