Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Question:

Question: Security below iOS 11

Q - What is the best possible defense, selection of settings, or counter measures towards actual hacking ? Changing passwords may indeed, bear success if one suspects, yet I chose Developer forums in hopes of catching a seasoned eye to read the following... The iPad features/programs become shared if lucky, upon an incident. Email, sound, cloud, basic settings, Safari, auto download updates to Books, your blinking cursor while typing are all lost. Every word typed is seen and Communication is possible. To receive it, I open a fresh email draft. Tap the space bar as letters appear forming a sentence. My hacker (no longer foe) opens safari, brings up/logs into sites as I do to illustrate points in conversation. One can change settings to allow himself free will with a certificate every company accepts as trusted. Just a few details for Developers, surely this isn't fiction to everyone... **Q - How can one combat that ? ** Any ideas or advice ?




null-OTHER, iOS 10.3.3, Any iPad with iOS under 11

Posted on

Reply

Nov 17, 2017 9:13 AM in response to Philosophicojuristic In response to Philosophicojuristic

Do you have a backup? Assuming yes, restore your iPad via iTunes, set it back up as new, and make sure two factor authentication is enabled on your Apple ID. Do not install profile on the iPad unless it is company policy (?).

Nov 17, 2017 9:13 AM

Reply Helpful

Nov 17, 2017 9:18 AM in response to Philosophicojuristic In response to Philosophicojuristic

the SDK for developing iOS software removes most if not all this functionality away from the developers so unless your device is jailbroken there is no malware reported on iOS devices by any credible securities lab in the world.

Older devices are not under obligation by any developer to support indefinitely, and if you are concerned the developers are not doing enough for legacy support you need to progress with what newer technology allows rather than rest on the laurels of outdated platforms.


these forums are not developer forums and the developers (or Apple) do not read posts here

go here if you wish to let developers know.

developer.apple.com

Nov 17, 2017 9:18 AM

Reply Helpful

Nov 17, 2017 1:12 PM in response to JimmyCMPIT In response to JimmyCMPIT

Hello, no concern for legacy support, jailbroken I have only heard about, and using Apple less than a year. But see, Apple (an employee) stated malware is the only threat and can only hide in Safari history/data, frequent clearing makes me free. Malware or not here's the scoop because it's turned into a test. iOS 11 is up Sunday, and again after upgrade to 11.1. (10.3.3 - 9.3.5 not good) The individual(s) who ruined a desktop, can access all of 3 generations of iPads. A Larkana school teacher signs me into .edu sites in Safari while teaching me Hindi Arabic numerals while we chat on an email draft, all on my iPad. Even she can do it. A month prior, Google contacted me wondering why X,Y,Z...I said A,B,C, then watched two techs lose, erase my accounts (home/work) and apologize. Told me the next day, certificates they issue/create/trust can be used to gain access to many things, he probably uses them on my desktop. Certificate allowing access, you probably know the term, I did not. Best advice, an apple guy said change IP or get a disguised VPN (Slows Internet and inexpensive). But it's a ordeal... Pakastani guys who run those tech support centers in U.A.E, India, Lahore. Microsoft, Facebook, Google, Yahoo, now Apple. Not much in help. Privacy and my desktop are my only casualties, was and now again friends, but wondering how to combat that.

Nov 17, 2017 1:12 PM

Reply Helpful

Nov 17, 2017 1:32 PM in response to Philosophicojuristic In response to Philosophicojuristic

if an Apple employee is telling you malware for iOS is a problem they should not be employed by Apple or should have the iOS SDK model explained to them before they are allowed to return to work.


I would be far more concerned with using someone else's VPN just because they say it's disguised then I would anything else in this scenario.


you are claiming results to tests where you do not explain how you tested or what you tested. If you can make a coherent argument then you should let the developers know if you feel compelled to do so, but all you have stated so far are findings that has no discernible source information or evidence to support those claims.


any company profile has to be installed by the owner of the device, there is no "back door" for this. either you (or whoever the owner of the device is) can facilitate it or deny it, and if you have no recollection of allowing this and find such a profile on you device can delete it and its functionality is removed entirely. No one can "hack" you un-jailbroken iOS device and force this on you without the person at the device allowing it.

Nov 17, 2017 1:32 PM

Reply Helpful

Nov 17, 2017 5:06 PM in response to JimmyCMPIT In response to JimmyCMPIT

-The Apple Rep - Said in order to hack, they must hack Apple, so to speak. DID say it's possible to get malware, BUT the only place it could reside would be in your Safari history, clean that and there's nowhere for it to go.

-The VPN deal, There are various services that, for $2.99 or $3.99 a month, provide you with multiple IP addresses, guessing like the public library, sanitation department, so you don't have to use your now exposed address. It DOES slow internet speed. I briefly looked at one service, just a couple dollars per month, gives you Ten numbers and instructs to plug in to VPN section in options. From what I read journalists are big consumers of it, however, so are criminals.

-15 years Marine Corps/Army, tech is not my specialty, Jailbreak is a football play to me, have heard of it and read do NOT pursue it. Email is the gate inside I'll wager, from there photos, options, book/music, Safari all was brought up. Skwirk.com was brought up, signed into by a teacher, and numerals show.

-Tests were more like capability, speed, accuracy, etc. i.e. At any given moment I'm bringing up a fresh draft in email I'm curious you can get there and stop me. Less than 5 seconds every time. Restrictions w/ passcode. I "allow changes" under accounts to open mail options, select S/MIME. Not mention it... time passes I'm informed what I did and S/MIME is no longer selected. Things like that, Checking capabilities. Line, Skype, Viber (100 contacts kept while deployed) those apps they cannot touch. The actual passcode into restrictions cannot be read or changed, contacts I shut off and couldn't be turned on, there are things out of reach. Which beats Windows and Google/YouTube by miles. After realizing I was out skilled, I sat back and took screenshots. Told him any bank/financial nonsense, there's an FBI field office in Pakistan. Nothing like that occurred, just trespassing and ruined something in c:\ on my desktop. Hit with a virus 4 times called Shootsama. Can't find a thing on it, have screenshots, it pops up and informs you it's now uploaded and is in your add-ons or extensions in Internet options. Delete it and it hits recycle bin and bounces back. My error on that, got it from mail, Facebook, messenger apps, point being answering from people I didn't know very well. 250-300 people from the region on your list, makes it easy. That list has been consolidated.

Nov 17, 2017 5:06 PM

Reply Helpful

Nov 17, 2017 5:23 PM in response to Philosophicojuristic In response to Philosophicojuristic

Called a shooting game extension. I haven't played a shooting game since Herbert Walker Bush was in office. Nonetheless it pops up in your upper right corner, you've got a problem. On the 4th time I unplugged DSL cable, and hunted until I found what you see in that photograph.

Nov 17, 2017 5:23 PM

Reply Helpful
User profile for user: Philosophicojuristic

Question: Security below iOS 11