Apple Warns iPhone Users, Advises Them To Urgently Turn Off This Feature
Apple has urged millions of its users to update their devices after serious security vulnerabilities were reported in iPhones. The users have been urged to switch off the AirPlay feature due to what has been dubbed the "AirBorne" security flaw.
AirPlay is a feature that allows iPhone users to stream audio and video from their phone onto other smart devices such as TVs.
Tel Aviv-based cybersecurity firm Oligo discovered the major security risks associated with the feature that allows hackers to hijack compatible devices on the same Wi-Fi network, according to a report in New York Post.
"Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch or they will never be patched," Oligo CTO Gal Elbaz explained. "And it's all because of vulnerabilities in one piece of software that affects everything."
As many as 23 vulnerabilities were reported, both in Apple's AirPlay protocol and the AirPlay Software Development Kit (SDK) used by third-party vendors to make devices AirPlay compatible. Once hackers have a way in, they can execute zero-click attacks, which include remotely hacking devices, deploying malware and stealing data without the user ever being on their phone.
To stay safe, users are being told to disable AirPlay receivers in device settings and restrict access to 'Current User'. Installing security software on Apple devices can also reduce risks from AirPlay's constant background broadcasting.
Previous instance
This is not the first instance in recent weeks that Apple has urged its customers to update their devices fearing security breaches. In February, Apple said it had been targeted by "extremely sophisticated" attacks where the USB Restricted Mode might be disabled on a locked device.
"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals," the iPhone maker said.
Notably, Apple's Restricted Mode is a security feature added almost seven years ago in iOS 11.4.1 and included in all later versions of iOS. It prevents locked devices from leaking data to any accessories connected to the USB-C or Lightning port.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Mint
an hour ago
- Mint
Donald Trump reveals ‘true feelings' about fued with Elon Musk: ‘Nothing catches me by surprise'
US President Donald Trump revealed "his true feelings" about his public spat with tech billionaire Elon Musk in an interview with the New York Post. 'Nothing catches me by surprise. Nothing,' the president was quoted as saying when asked about the personal attacks launched at him by Musk, the former chief of the Department of Government Efficiency. Trump reportedly turned his conversation with The Post toward his polling numbers instead of directly addressing the strife with his former top ally. He said, "The numbers are through the roof, the stock market is up, billions are pouring in from tariffs, and my poll numbers are the highest they've ever been. Other than that, what can I tell you, right?" Later, Trump said while addressing reporters aboard Air Force One on Friday that he has no plans to speak with Elon Musk, signaling that the president and his former ally might not resolve their feud over a sweeping tax-cut bill anytime soon. Trump said he wasn't "thinking about" the Tesla CEO. "I hope he does well with Tesla," Trump was quoted by Reuters as saying. However, Trump said a review of Musk's extensive contracts with the federal government was in order. "We'll take look at everything," the president said. "It's a lot of money, He takes a lot of subsidy, so will take a look at that," he said. But Trump added, 'only if it's to be fair for him and for the country.' In a barrage of posts on the X social media platform since June 5, Elon Musk has criticised Trump's 'Big Beautiful Bill', which awaits the Senate's nod. The Bill was narrowly passed the House of Representatives earlier. Musk amped up his attacks on Trump over the tax bill after he stepped down as the head of DOGE late May this year. The Tesla CEO's 130-day mandate as a "special government employee" in the Trump administration was set to expire around May 30. Trump had then bid him farewell. He had credited Musk with 'a colossal change in the old ways of doing business in Washington" and said some of his staff would remain in the administration. Meanwhile, Musk said he expects 'to remain a friend and an adviser and certainly, if there's anything the president wants me to do, I'm at the president's service.' Things turned south for Trump and Musk after the SpaceX owner unleashed an assault on the US President's flagship spending legislation -- the 'Big Beautiful Bill'. He urged Americans to lobby Congress to "KILL the BILL." On June 5, Musk intensified his offensive, cautioning that "America is in the fast lane to debt slavery" while insisting on a comprehensive overhaul of the legislation. "A new spending bill should be drafted that doesn't massively grow the deficit and increase the debt ceiling by 5 TRILLION DOLLARS," Musk demanded. Musk's comments came at a pivotal moment for Trump's self-described "big, beautiful bill", which encompasses sweeping tax reductions and expanded military expenditure. The House of Representatives had approved the measure by the narrowest of margins last month, with only three Republican members dissenting against solid Democratic resistance.
Mint
an hour ago
- Mint
For Sai Srinivas of Mobile Premier League, the game is always on
It's easy for people to put a value to a loss they've had," says Garimella Sai Srinivas Kiran, the co-founder of gaming company M-League, which runs the Mobile Premier League (MPL). '(But) It's hard to put a value to these intangible gains, right? You only notice them in the long term. In the short term, you only see the pain." Startup founders tend to be philosophical, a by-product of betting big on a non-existent product and making it work, despite the obstacles and the body blows. The seven-year-old skill-gaming platform MPL. which has free and paid components and a portfolio of over 60 games, probably does not qualify as a startup anymore, but tends to fall into the bracket by virtue of being a tech company. M-League, which now has five companies including the Berlin-based GameDuell, has a portfolio that includes skill gaming, free-to-play games, game publishing and AAA game studio (high-budget, high-profile games). With over 220 million users across MPL and GameDuell in 32 countries, a unicorn valuation as of the last fund raise in 2021, presence in Asia, Europe, North America and Africa, and 600-odd employees, the company straddles the challenging business of skill gaming. Its revenue in FY24 was $130 million. Sai was in Mumbai in early May for the World Audio Visual and Entertainment Summit (Waves), a government-sponsored event. In the business centre of the Sofitel Hotel in Bandra Kurla Complex, close to the venue for Waves where MPL had a booth, the 37-year-old, dressed casually in a collared T-shirt, slacks and a cap, orders an Americano. He has an easy-going manner, and a dimpled boyish smile that he uses liberally. Sai is temporarily stationed in Singapore these days, where M-League is headquartered, while his co-founder Shubh Malhotra and Galactus Funware Technology Pvt Ltd, the operating entity for MPL, are based in Bengaluru. Since losing his father last year, Sai says he has started valuing his time more and separating his professional and personal identities. 'One of my core philosophies in life is anonymity. I want to focus on my business," he explains. 'I really enjoy travelling; I can travel literally 60 days with one suitcase, keep moving from one place to the other." Born in Hyderabad—his father was a deputy manager in a bank, mother a teacher in a government school—Sai's academic journey fell into two innings. He was 'not very good" in the beginning, but an inexplicable switch turned after class VI. By the time he reached the board exam stage, he wanted to study aerospace engineering. Also read: What Siddharth Roy Kapur wants: Fresh stories told in unique voices He got into IIT Kanpur which had, among other things, a dedicated leased line for fast (for those times) internet speed. However, he soon became disenchanted with the education system there and his enthusiasm for making aircraft withered away. 'For people coming from a normal background like us, the first important level of freedom we need to attain is mastery of our time," says Sai, who graduated in 2010 as one of the few in his batch without a campus placement. One of his highlights at IIT turned out to be organising the cultural festival, Antaragni, which included the music festival Synchronicity. What this first, quasi-entrepreneurial voluntary role did was to get him access to his first job, which was a brief stint as product manager with a digital company in Delhi. He was soon recruited by Zynga in Bengaluru as a game designer, though he had no such experience. 'I played a lot of games while growing up," he admits. 'My dad and I were always particular about getting new gadgets, like the Nokia 3310 and the (gaming console) Super Nintendo." Zynga, with its popular game Farmville, was going 'absolute gangbusters" at the time, which put Sai in the 'right place, right time". It also helped that he didn't like Delhi too much and moving to Bengaluru was not a challenge. The third benefit, unbeknownst to him at the time, was that the friend's place he temporarily stayed at had another roommate, Malhotra. A year-and-a-half later, Sai and Malhotra got ready with their first venture, CREO Tech. Their first product, Tewee, was a wireless HDMI dongle to stream videos over a Wi-Fi network, like the Amazon Firestick. The idea seemed to fit in at a time when streaming services were making their forays into the country. 'We were foolish enough to say let's make hardware," he says now. 'We used to download these documents in Chinese and spend days translating them and figuring out what they hacked our way to getting the product out." They sold over 50,000 units, but making hardware was challenging. Other similar products were getting into the market; the duo realised they needed to pivot. In the company of some 'smart engineers" they hired through their college network, their next venture was an Android-based operating system and smartphone, which also turned out to be an error in hindsight. 'I'll tell you the problem with making a phone and with hardware in general," he says. 'For example, let's assume I ship software and I left a bug in it. I'm just going to patch the software and I'll fix it. Life is okay, all good. With hardware, even if you make one mistake, the amount of time it's going to take to correct that mistake in the next iteration and then get it right—it's just massive." After several struggles, managing to make only a few thousand of the product Creo Mark 1, they sold the company to messenger service Hike in 2016-17. 'If a river is flowing downstream and you're standing on the bank and you see this guy on a boat going really fast, you tend to assume that it's the person rowing. But it's actually the underlying river. That's the market: If you're in the right place, right time, right market, even if you are really stupid, you'll be okay," says Sai. After going through a period of angst, when they felt like they would never work together again, Malhotra and Sai made a deal not to have friends as employees, and that 'the outcome is always more important than output". Having decided that their next turn would be in the field of online gaming, because of his experience in the field, the newly formed Galactus Funware went live with the MPL in September 2018. With about $5.5 million ( ₹36.5 crore at the time) at the get-go, a fairly large seed round, from Sequoia Capital, their ascent was rapid—a term sheet in April, an early team by May and the first prototype by July. A friends and family round by end of August leading up to the launch. By December, MPL had a million daily active users. But the challenges were continuous and constant. In May 2019, MPL was kicked out of the Play Store due to Google's developer policy (it relaxed its policy on real-money gaming last year), along with other gaming platforms like Dream11. 'We would be the only company in India's ecosystem that started, raised a lot of money, got to a million daily active users and shut its doors within the year," Sai says grinning. Then by the second half of 2019 they almost ran out of money, looking to raise a bridge round which came in the form of $90m led by Susquehanna Asia Venture Capital. '2019 for me was the most foundationally painful year. If Creo was tough from a different standpoint, this was toughness induced by my own stupidity," he says. Cricketer Virat Kohli came on board as their brand ambassador. The following year, MPL signed on with the Board of Control for Cricket in India to be the kit sponsor for the Indian team. With the pandemic, the founders had to navigate working remotely, and between 2020-21, the company went from 120 employees to 1,200, perhaps hiring too many people too fast. 'In my 10 years of doing start-ups, I believe, that is the most unpardonable mistake," he admits. As MPL went global, especially into the US in July 2021, and acquired European company GameDuell in early 2022, 'one of the smartest things to have done", it also laid off 10% of its force and shut down its Indonesia office. But the business, on the back of the pandemic-induced lockdown that catalysed the online gaming industry, grew by 50%. Just when 2023 seemed on the up, hitting 200 million users and a foray into Africa, the government in August announced a 28% GST on funds online gaming companies collect from customers. Mint had in November quoted a report by gaming-focused venture capital firm Lumikai, which had India's gaming market growing 23% year-on-year by revenue to $3.8 billion in 2023-24 despite 28% GST on online gaming. Propelled by the pandemic-induced lockdowns, online gaming is booming, despite some amount of social stigma, and some legal battles, most of which have been dismissed by the courts. 'We looked at this entire GST thing and said this is essentially the start line being redrawn," remembers Sai. MPL laid off 350 employees—half of its force—to survive the tax burden in 2023. Recovery was aided by GameDuell, which helped grow revenue more than three times. MPL started to take off in the US and Brazil, with 40% of its current revenues coming from abroad. 'It's a personal ambition that we want to build a product that stands globally," Sai explains. 'The professional ambition is that things are evolving in a developing country, so there is no certainty for a business to thrive." While MPL as a business competes with platforms like WinZO and Zupee among others, it is more comparable to Nazara Technologies, which is publicly listed. Sai, though, prefers to see his competition coming from Chinese gaming conglomerate Tencent. As he gets ready to head back to Waves, he talks about reading, spending a lot of time just being idle, really enjoying the mundane. 'One of the reasons why I enjoy living in Singapore," he says thoughtfully, 'or spending time with my partner in Dubai, is that in India, these amazing pleasures of doing your own domestic chores have been taken away thanks to the massive amount of help, which is great. But I really enjoy doing my breakfast, putting my clothes in these daily rituals." Also read: Vaibhav Kala of Aquaterra Adventures: The outdoors man
&w=3840&q=100)
Business Standard
2 hours ago
- Business Standard
US Supreme Court gives DOGE access to sensitive social security data
The decision allows DOGE, once led by Elon Musk, full access to personal data in the Social Security database while the case moves forward on appeal Bloomberg By Greg Stohr and Zoe Tillman The US Supreme Court gave the Department of Government Efficiency access to sensitive Social Security information, lifting restrictions a judge said were needed to protect the privacy of millions of Americans. Over three dissents, the high court on Friday granted a Trump administration request to put US District Judge Ellen Lipton Hollander's order on hold. The decision lets DOGE, the office once led by Elon Musk, have full access to personally identifiable information in the Social Security Administration database while the case proceeds on appeal. 'Under the present circumstances, SSA may proceed to afford members of the SSA DOGE Team access to the agency records in question in order for those members to do their work,' the court said in a three-paragraph order, which didn't lay out the majority's reasoning. The court's three liberals — Justices Elena Kagan, Sonia Sotomayor and Ketanji Brown Jackson — dissented. In an opinion joined by Sotomayor, Jackson said the court was 'creating grave privacy risks for millions of Americans.' In a separate decision, the high court said a different judge went too far by requiring DOGE officials to testify and produce records to a watchdog group. The order came in a case about whether the DOGE office is covered by US public records laws. The Supreme Court liberals dissented from that decision as well. The cases are the first Supreme Court clashes involving DOGE, the office set up by President Donald Trump to weed out what he says is wasteful spending across the federal government. Sensitive Data Musk recently left his formal government position within the administration and is now publicly feuding with Trump. In the SSA case, US Solicitor General D. John Sauer told the Supreme Court that 'the government cannot eliminate waste and fraud if district courts bar the very agency personnel with expertise and the designated mission of curtailing such waste and fraud from performing their jobs.' The disputed data includes Social Security numbers, addresses, birth and marriage certificates, tax and earnings records, employment history, and bank and credit card information. Hollander said two labor unions and an advocacy group for retired people were likely to succeed on their claims that unfettered access would violate the 1974 Privacy Act. 'For some 90 years, SSA has been guided by the foundational principle of an expectation of privacy with respect to its records,' the Baltimore-based judge wrote. 'This case exposes a wide fissure in the foundation.' Hollander's order allowed DOGE team members access to anonymized data only after completing the type of training and background checks required for SSA employees. She said DOGE employees could get 'discrete, particularized and non-anonymized' information if they submitted a written statement explaining why the information was needed and why anonymous data was insufficient. Hollander also ordered people affiliated with DOGE to delete data they've already acquired. The 4th US Circuit Court of Appeals kept Hollander's order in place on a 9-6 vote. In her dissent, Jackson said the lower courts had crafted an order 'tailored to the needs of the moment.' She said the Supreme Court had 'truly lost its moorings' by granting the government's request without requiring it to show that it was suffering any harm. 'The 'urgency' underlying the government's stay application is the mere fact that it cannot be bothered to wait for the litigation process to play out before proceeding as it wishes,' she wrote. Democracy Forward, the legal-advocacy group that represented the challengers, said it was a 'sad day for our democracy and a scary day for millions of people.' White House spokesperson Liz Huston hailed the decision. 'The Supreme Court allowing the Trump administration to carry out commonsense efforts to eliminate waste, fraud, and abuse and modernize government information systems is a huge victory for the rule of law,' she said in an email. The case is Social Security Administration v. American Federation of State, County and Municipal Employees, AFL-CIO, 24A1063. DOGE Records The Supreme Court's action in the records case blocks a Washington federal judge's order for the administration to answer questions, produce documents and make DOGE administrator Amy Gleason available to testify at a deposition. US District Judge Christopher Cooper had authorized the group that brought the public records case, Citizens for Responsibility and Ethics in Washington, or CREW, to gather evidence about DOGE's activities as it fights with the Justice Department over the office's legal status. The Supreme Court majority faulted Cooper for requiring the government to disclose internal DOGE recommendations and to say whether those suggestions were followed. 'Separation of powers concerns counsel judicial deference and restraint in the context of discovery regarding internal executive branch communications,' the Supreme Court said in its two-page order. Sotomayor, Kagan and Jackson didn't explain their reasons for dissenting. CREW has argued that the DOGE Service should be considered an agency under the federal Freedom of Information Act, which empowers the public to see a wide range of government records. The Trump administration disagrees, arguing that DOGE plays a purely advisory role within the White House and is exempt from the law. Musk served as the public face of DOGE, but government lawyers stressed in court that Gleason is the formal head of the DOGE office. CREW's underlying public records request seeks to pry loose new information about the Tesla Inc. chief executive's role in dramatic cuts to federal spending and the workforce. The lawsuit also aims to reveal more broadly what DOGE-affiliated staff have been doing and the structure of that effort across US agencies. The case is US DOGE Service v. CREW, 24A1122.
