passcode
Latest
ITT unveils GhostRider encryption device capable of securing US Army smartphones
That may look like a Motorola Atrix Dell Venue, but it's actually something known as the GhostRider -- a new encryption device that could go a long way toward securing the Army's smartphones. Developed by defense company ITT, this revamped handset would allow military personnel to transmit secure text messages and phone calls over the Army's network, even if they're out on the battlefield. All they'd have to do is place their personal phones next to the GhostRider, tap and hold its touchscreen to activate the security features and begin texting away. When another GhostRider user receives an SMS, he or she would have to enter a pass code before reading it. The phone's security mechanisms, meanwhile, have been certified by the cryptographers at the NSA, which would certainly help justify its $1,500 price tag. The handset's display, meanwhile, looks awfully similar to the Army's Nett Warrior platform -- an Android-based OS that features a host of mapping functions designed explicitly for war zones. Officials unveiled the latest incarnation of Nett Warrior at the recent Association of the US Army gala in DC, though the platform's creators are still looking for the appropriate commercial device to host it -- unless, of course, GhostRider's software replaces it altogether. "We think Nett Warrior should be something like this," ITT vice president Richard Takahashi told Wired. "This can be the smart device." March past the break for more information, in ITT's jargon-laced PR. Update: Thanks to readers who spotted it's a Venue rather than an Atrix. Our eyes must have been temporarily scrambled by the enemy. Just to be clear -- it's not the handset that's different, only the peripheral.
Key pattern analysis software times your typing for improved password protection
The recent pilfering of PlayStation Network passwords and personal info shows that having a strong passcode doesn't always guarantee your online safety. However, key-pattern analysis (KPA) software from researchers at American University of Beirut may be able to keep our logins secure even if they're stolen. You create a unique profile by entering your password a few times while the code tracks the speed and timing of your keystrokes. The software then associates that data to your password as another means of authentication. Henceforth, should the magic word be entered in a different typing tempo, access is denied. We saw a similar solution last year, but that system was meant to prevent multiple users from accessing subscription databases with a single account. This KPA software allows multiple profiles per password so that your significant other can still read all your email -- assuming you and your mate reside in the trust tree, of course.
iOS 4.1 glitch lets you bypass lock screen to access Phone app, photo album (video)
Your iPhone's passcode entry can't block everything, it seems -- at least not with iOS 4.1. We're hearing various reports that simply inputting a random number in the emergency call field, pressing call, and then promptly hitting the hardware lock button will take you to the Phone app, thereby granting you access to the call history, voicemail, and address book. We've tried this with iPhone 3G, 3GS, and 4, all with the same result. We can't get out of the field without trying to place a call, and after that we're still stuck back at the passcode screen. Additionally, selecting "share contact" and then the camera icon will give you access to the photo album. Pay mind that your particularly paranoid pals could probably use this to see if you really did stop calling your ex and delete all his or her pictures. We won't judge, but they will. Video proof of concept after the break. Update: Feel free to hold down the menu button to access voice control and play some locally-stored tunes while you're at it. And if you've got 4.2 beta like some of our staffers do, this "trick" should work just the same. [Thanks to everyone who sent this in]
Inside iPhone 3.0: Fix too-strict passcode lock settings for Exchange users
If your iPhone was connected to an Exchange server for email, contact or calendar synchronization prior to your upgrade to the 3.0 software, you may have run into the same problem that was bugging me for a day or so: the timeout on the passcode lock gets set to "Immediate," forcing you to enter the code almost every time you pick up the phone. Secure, sure, but very annoying. Going to the usual settings location to adjust the timeout shows no choices other than the insta-lock; what to do? A thread on the Apple discussions boards points to the answer. Since the ActiveSync link to the Exchange server controls some security policies on the phone, you need to refresh those controls; the easiest way to do that, short of deleting and recreating the Exchange account, is to turn off all three sync modes and the Push setting. Once that's done, you can go back to the passcode lock screen and disable the lock or adjust the timeout. Put your sync settings back the way they were and your changes to the passcode config should remain in place. While this is an annoying quirk, it's not all gripes and grimaces in the Exchange support department. At long last, users of Exchange calendars can send meeting invitations (hallelujah!); Exchange 2007 users can even view the reply status of attendees. Users can specify additional mail folders for sync, and Exchange 2007 users can search server-side mail from their devices. For a full rundown on the enterprise-friendly features of iPhone OS 3.0, check out the Enterprise Integration guide via Apple's enterprise features page. Thanks to everyone who sent this in.
iPhone 101: Protect your device with a passcode
Are you worried that your iPhone or its data might get stolen? If you are, then this post is for you! Let's take a look at the iPhone's security options, starting in Settings > General > Passcode Lock.If this is your first time visiting the Passcode Lock settings, then you will be prompted to create a 4-digit passcode -- this can be anything, just make it memorable. Once you've entered and confirmed your passcode, you will see a couple options. The first two buttons let you turn the passcode lock off, or change your passcode. The next option, called "Require Passcode," allows you to set the interval between which your iPhone will require you to enter your passcode. For instance, if you set this interval for 5 minutes and you "sleep" your iPhone, you will be able to wake it and start using it again (without entering your passcode) for up-to five minutes after you put it to sleep. After the 5-minute time period has passed, your iPhone will require the passcode upon waking. You also have the ability to turn SMS Preview on/off. By showing the SMS preview, the sender's name (or number) and a few lines of the message will be displayed. If you have this option turned off, you will only see the generic "1 New Text Message" on the wake screen. For more protection, enable the "Erase Data" option. This erases all data from the device if someone tries to enter the wrong passcode more than 10 times. With the passcode lock turned on, you have the peace of mind that comes with knowing your device, and data is safe. When you wake your iPhone by sliding a finger to unlock it, you will be presented with a number pad to enter your 4-digit code on. Upon successfully entering your code, the home screen will be displayed. Note that this works for the iPod touch as well.%Gallery-37434%Want more tips and tricks like this? Visit TUAW's iPhone 101 section today!
Apple acknowledges iPhone passcode flaw, promises fix next month
Apple's taking a pretty lackadaisical attitude toward one of the most easily avoided security flaws in recent memory, calling the iPhone's passcode lock bypass a "minor iPhone security issue" and saying that a fix will be rolled out in September. Thanks, Apple; we suppose it'd be a little too much trouble to ask for a fix sooner, even though you already fixed it once in 1.1.4. For what it's worth, a company spokeswoman is quick to point out that the flaw can easily be hidden by changing the home button double-click functionality to take you to the home screen, but most users don't know that, now do they? Way to show some hustle, guys -- cookies and gold stars all around.
