467 matches found
Congress to Apple: You Got Some Splainin to do
In a letter to the chairman of the Federal Trade Commission, Jay Inslee D-Wash. expressed concerns regarding recent revelations that Apple products have been continuously tracking and recording user location information with questionable consent and without an easy way to opt out of such tracking...
Users File Suit Against Apple Over iPhone Tracking
A pair of Apple customers has filed a lawsuit against the company, alleging that Apple is invading their privacy by collecting location data about iPhone and iPad users without their knowledge. The suit follows the revelation last week by security researchers that Apple is collecting and storing...
Congressman Calls on Apple to Explain iPhone Tracking
Congress stepped into the brewing controversy over a recently disclosed tracking feature in most versions of Apple’s popular iPhone. Representative Ed Markey D-Mass has written a letter to Apple CEO Steve Jobs asking for more information about the feature PDF, suggesting that it may run afoul of...
A Soldier's Hacked Smartphone Is Risky
Hacked smartphones could endanger troops by sending location data to the enemy using mechanisms similar to those employed by recently discovered Android malware, experts say. Read the full article. Network World...
Google Street View Hack Stalks Victims
A security researcher has devised an attack suitable for stalking and similarly creepy endeavors that uses JavaScript and geo location data from Google to pinpoint a victim’s precise location. Read the full article. The Register...
PT-2010-3389 · Apple · Ios
Name of the Vulnerable Software and Affected Versions: Apple iOS versions prior to 4 Description: The issue allows remote attackers to obtain location information via unspecified vectors because the Application Sandbox in Apple iOS does not prevent photo-library access. Recommendations: For Apple...
Oracle Database Server MD2 package VALIDATE_GEOM procedure Buffer Overflow (CVE-2004-1364)
Oracle database can natively manage geographic and location data. MD2 is one of the packages installed to provide the location and spatial data operations. This package is owned by user MDSYS and granted public execution permission by default. An input validation vulnerability exists within a...