Search the Community
Showing results for tags 'apps'.
-
Keychains raided, sandboxes busted, passwords p0wned, but Apple silent for six months Six university researchers have revealed deadly zero-day flaws in Apple's iOS and OS X, claiming it is possible to crack Apple's password-storing keychain, break app sandboxes, and bypass its App Store security checks. Attackers can exploit these bugs to steal passwords from installed apps, including the native email client, without being detected. The team was able to upload malware to Apple's app stores, and passed the vetting processes without triggering any alarms. That malware, when installed on a victim's Mac, raided the keychain to steal passwords for services including iCloud and the Mail app, and all those stored within Google Chrome. Lead researcher Luyi Xing told El Reg he and his team complied with Apple's request to withhold publication of the research for six months, but had not heard back as of the time of writing. They say the holes are still present in Apple's software, meaning their work will likely be consumed by miscreants looking to weaponize the work. Apple was not available for immediate comment. The Indiana University boffins Xing; Xiaolong Bai; XiaoFeng Wang; and Kai Chen joined Tongxin Li, of Peking University, and Xiaojing Liao, of Georgia Institute of Technology, to develop the research, which is detailed in a paper titled Unauthorized Cross-App Resource Access on Mac OS X and iOS. "Recently we discovered a set of surprising security vulnerabilities in Apple's Mac OS and iOS that allows a malicious app to gain unauthorised access to other apps' sensitive data such as passwords and tokens for iCloud, Mail app and all web passwords stored by Google Chrome," Xing told The Register's security desk. "Our malicious apps successfully went through Apple’s vetting process and was published on Apple’s Mac app store and iOS app store. "We completely cracked the keychain service - used to store passwords and other credentials for different Apple apps - and sandbox containers on OS X, and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps." The team was able to raid banking credentials from Google Chrome on the latest OS X 10.10.3, using a sandboxed app to steal the system's keychain data and secret iCloud tokens, and passwords from password vaults. Photos were stolen from WeChat, and the token for popular cloud service Evernote was nabbed, allowing it to be fully compromised. "The consequences are dire," the team wrote in the paper. Some 88.6 per cent of 1,612 OS X and 200 iOS apps were found "completely exposed" to unauthorized cross-app resource access (XARA) attacks allowing malicious apps to steal otherwise secure data. Xing says he reported the flaws to Apple in October 2014. Apple security bods responded to the researchers in emails seen by El Reg expressing understanding for the gravity of the attacks, and asked for at least six months to fix the problems. In February, the Cupertino staffers requested an advanced copy of the research paper. Google's Chromium security team was more responsive, and removed keychain integration for Chrome, noting that it could likely not be solved at the application level. AgileBits, owner of popular software 1Password, said it could not find a way to ward off the attacks nor make the malware "work harder" some four months after it was warned of the vulnerabilities. ("Neither we nor Luyi Xing and his team have been able to figure out a completely reliable way to solve this problem," said AgileBits's Jeffrey Goldberg in a blog post today.) The team's work into XARA attacks is the first of its kind; Apple's app isolation mechanisms are supposed to stop malicious apps from raiding each other. The researchers found "security-critical vulnerabilities" including cross-app resource-sharing mechanisms and communications channels such as the keychain, WebSocket and Scheme. "Note that not only does our attack code circumvent the OS-level protection but it can also get through the restrictive app vetting process of the Apple Stores, completely defeating its multi-layer defense," the researchers wrote in the paper. They say almost all XARA flaws arise from Apple's cross-app resource sharing and communication mechanisms such as keychain for sharing passwords, BID based separation, and URL scheme for app invocation, which is different from how the Android system works. Their research, previously restricted to Android, would lead to a new line of work for the security community studying how the vulnerabilities affect Apple and other platforms. Here's the boffins' description of their work: Source
-
The leading bariatric clinics around the world are accredited either by JCI, ISO or even an equivalent standard-setting organization, adequately catering to numerous foreign patients seeking affordable obesity surgery procedures. Look on the food diary and discover what high-fat or sugary foods and drinks start eliminating. Doing both of those activities will help you to lose one of the most weight within the shortest volume of time. Here is my site; best weight loss apps for droid
-
- apps
- best weight loss apps
-
(and 3 more)
Tagged with:
-
Apple uses iOS (operating system) to power many of its mobile devices such as iPhone, iPad and so on. From the beginning, security has been placed at the core of iOS. There are many inherent features that secure the device and its resources at different levels. This article aims to provide answers to questions such as the following: What really happens when an iPhone is powered on? How is data at rest secured by iOS? If the device is lost or stolen, can the attacker view or modify my personal data? How are privacy controls enforced? For ease of understanding, we wil deal with each of these topics in separate sections. Let’s begin! Boot level security mechanism In the desktop computer world, an attacker can access the data present on the hard disk even without knowledge of the password of that system. For instance, he can remove the hard disk and plug it to a different system and read the data, or he can boot the system into a different OS by using a live CD. But do you think it’s possible in the case of an iPhone? I.e., Can an attacker who has access to an iPhone remove the chip and read its data or sideload another OS to access data? Not really under normal circumstances! This is because iOS devices don’t load firmware that is not signed by Apple. Taking a look at the boot level security mechanism would help us to understand this in a better fashion. So what really happens when you power on your iPhone? When an iOS device is turned on, the processor immediately executes code known as the boot ROM. This boot ROM code is something that is designed during chip fabrication and is implicitly trusted. This boot ROM also contains root certificates of Apple which will be used to signature check the loading of the next stages. LLB (Low Level Boot loader) is the next thing that will be loaded after the signature check. LLB finishes its task and loads next stage boot loader iBoot after verifying its signature. iBoot verifies and runs iOS kernel. Thus, as shown in the following figure, at each stage a signature check is done before loading the next step. This is called “Chain of Trust”. Hence, under normal circumstances, this chain of trust ensures iOS runs on valid devices only and also verifies that the phone is not booted into another operating system. Can this signature check be bypassed so that we can flash our own boot loader? Yes it can be. Several vulnerabilities have been identified in boot ROM code which can be exploited to not only flash our own boot loader but also to bypass the signature checks of every stage. Remember that if one link is compromised, it would ultimately lead to compromise of all the other links that follow. How this can be done will be discussed in a separate post. Secure Enclave You must have heard about the finger print sensor introduced in iPhone 5S. Apple says this finger print information is encrypted and stored in a ‘Secure Enclave’ inside the phone and is never backed up to iCloud or any Apple servers. So what is this Secure Enclave and how does it work? Secure Enclave is a coprocessor created inside Apple A7 processor. All the cryptographics required for data protection are handled by this. It has a secure boot and updates which are separate from the main processor. Secure Enclave is a concept that is similar to ARM’s Trust zone technology. Following is a sample depiction of hardware architecture of trust zones. As shown above, a new mode called ‘secure mode’ is added to the processor. In simple terms, it kind of creates two-world architecture on the same device. The first world that runs normal iOS apps (user mode) and the second world that runs only trusted code (secure mode). Data written to the RAM when in secure monitor mode cannot be accessed when in user mode. The following steps compiled from iPhone5S: Inside the Secure Enclave | Fortinet Blog explain how Secure Enclave works while validating the fingerprint in iPhone 5S: User enters his fingerprint Locking service calls an API present in secure world Processor switches to secure world The bits which characterize the fingerprint move from sensor to processor This data cannot be eavesdropped or modified by any app because this process is running in secure mode which is different from user mode Necessary cryptographic verifications are done & access granted. Apple thus argues that even if the kernel is compromised, the integrity of data protection will be maintained. As per Apple’s documentation, “Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space”. Code Signing Apps have today become critical components of any mobile operating system. Apple believes enforcing strict security at the application level is important to ensure overall security of the device. Apple has gone to great extent to make this happen, and code signing is one step in that direction. To put it simply, Apple does not allow running any app which is not approved by it! To ensure that all apps are from a trusted and approved source and have not been tampered with, iOS requires all apps to be signed by Apple. Default apps like Safari are signed by Apple. Other third party apps are also to be verified and signed by Apple. In other words, the above discussed chain of trust principle continues from boot loader to OS to apps. But how does this actually work? Does this mean I cannot run an app developed by me if it’s not signed by Apple? In order to develop and install apps on iOS devices, developers must register with Apple and join the iOS Developer Program. The real-world identity of each developer, whether an individual or a business, is verified by Apple before their certificate is issued. This certificate enables developers to sign apps and submit them to the App Store for distribution. As a result, all apps in the App Store have been submitted by an identifiable person or organization, serving as a deterrent to the creation of malicious apps. These apps are further reviewed by Apple to ensure they operate as described and don’t contain obvious bugs or other problems. Apple believes this process would give customers more confidence in the quality of apps they buy. If corporate companies want to use in house apps for their internal purpose, they need to apply for iOS Developer Enterprise program (iDEP). Apple approves applicants after verifying their identity and eligibility. Once an organization becomes a member of iDEP, it can register to obtain a Provisioning Profile. This is the one that permits in-house apps to run on devices it authorizes. Users must have the Provisioning Profile installed in order to run the in-house apps. This ensures that only the organization’s intended users are able to load the apps onto their iOS devices. In-house apps also check to ensure the signature is valid at runtime. Apps with an expired or revoked certificate will not run. This code signing process is depicted in the following figure. Thus we have explored three major security features in iOS – secure boot process, Secure Enclave, and application signing in this article. In the next part, we will look into other security features such as data protection, encryption and so on. ‘Til then, Happy Hacking! Source
-
Your Location has been Shared 5,398 Times in Last 14 Days
Aerosol posted a topic in Stiri securitate
Do you realize how often your smartphone is sharing your location data with various companies? It is more than 5000 times in just two weeks. That is little Shocking but True! A recent study by the security researchers from Carnegie Mellon reveals that a number of smartphone applications collect your location-related data — a lot more than you think. The security researcher released a warning against the alarming approach: "Your location [data] has been shared 5,398 times with Facebook, GO Launcher EX, Groupon and seven other [applications] in the last 14 days." During their study, researchers monitored 23 Android smartphone users for three weeks. First Week - Participants were asked to use their smartphone apps as they would normally do. Second Week - An app called App Ops was installed to monitor and manage the data those apps were using. Third Week - The team of researchers started sending a daily “privacy nudge” alert that would ping participants each time an app requested location-related data. Researchers concluded: Some apps for Android are tracking user's movements every three minutes. Some apps for Android are attempting to collect more data than it needed. Groupon, a deal-of-the-day app, requested one participant's coordinates 1,062 times in two weeks. Weather Channel, a weather report app, asked device location an average 2,000 times, or every 10 minutes. The participants were unaware of how closely they are being tracked by different apps, and many were surprised by the end results. Another participant wrote, "The number (356 times) was huge, unexpected." The research team found that privacy managing software helped manage access to data. When the members granted access to App Ops, they collectively checked their App permissions 51 times and restricted 272 permissions on 76 different apps. Just one of the participants failed to review permissions. As per users mentality, once the participants have made the changes to the app permission, they hardly looked at them after a few days. With the help of App Ops privacy app, in the span of eight days, the participants collectively reviewed app permissions 69 times, blocking 122 additional permissions on about 47 different apps. Ultimately, the team believes that if a user began getting the privacy nudges on a daily basis, they'll definitely go back to their privacy settings and restrict apps that are tracking users more closely. Source -
Yesterday at its annual F8 Developer Conference in San Francisco, Facebook officially turned its Messenger app into a Platform. Facebook's Messenger Platform allows third-party app developers to integrate their apps with Facebook messenger app. However, other popular messaging apps are already offering similar features, like Chinese WeChat, but Facebook release is much bigger than any other platform. At F8 Developer Conference, Facebook released SDK v4.0 for iOS and Android along with Graph API v2.3 that enable app developers to add new messenger platform features to their custom apps quickly. Facebook users can install these compatible third-party apps from the messenger app, which offers users to send animated GIFs, images, videos, and more content within the Facebook Messenger app easily. BOON FOR BOTH FACEBOOK AND THIRD PARTY DEVELOPERS Facebook Messenger Platform will offer third party app developers to reach out Facebook’s 600 Millions of users. So, the move will be a boon for third-party app developers. On the other hand, the move will help Facebook to integrate its messaging service directly into the vast ecosystem of Android and iOS apps. BUSINESSES ON MESSENGER The Social Networking giant also announced "Businesses on Messenger," feature that will soon let users connect directly with companies and make direct conversation, replacing the need for retailer chat windows in the process. When customers place an order for goods or services, they will be prompted to head to Facebook Messenger for communications including modifying orders, tracking orders, returning merchandise and getting answers to questions. Third party app developers who are interested in learning more and integrating their apps with the new Facebook Messenger Platform can grab the SDK on Facebook’s website. LAUNCH PARTNERS The new Messenger Platform is open to all developers, but Facebook launched 40 different apps initially with its partners, including ESPN, Giphy, Imgur, The Weather Channel and Bitmoji. The complete list of Messenger Platform launch partners are as follow: Action Movie FX Bitmoji Cleo Video Texting Clips ClipDis Ditty Dubsmash Effectify EmotionAR Emu ESPN FlipLip Voice Changer Fotor GIF Keyboard GIFJam Giphy Hook’d Imgur Imoji JibJab Kanvas Keek Legend Magisto Meme Generator Noah Camera Pic Stitch PicCollage GIF Cam PingTank Pyro! Score! on Friends Selfied Shout Sound Clips StayFilm Stickered Strobe Tackl Talking Tom Tempo The Weather Channel to.be Camera UltraText Wordeo Facebook users could also install these apps using a prompt message if they receive any message generated from updated apps. Source
-
1 Introduction The Dropbox SDK is a library that developers can download and add to their products. This library provides easy access to Dropbox features, such as downloading and uploading files, via a simple set of APIs. AppBrain provides statistics as to the prevalence of the use of the Dropbox SDK on Android [1]. According to these statistics, 0.31% of all applications use the Dropbox SDK. Of the top 500 apps in the Google Play Store, 1.41% use the Dropbox SDK. Interestingly, 1.32% of total app installations and 3.93% of app installations of the top 500 apps use the Dropbox SDK, respectively. While it is not a highly prevalent library, some extremely popular Android apps that may hold sensitive information use the Dropbox SDK, including Microsoft Office Mobile with over 10,000,000 downloads1 and AgileBits 1Password with over 100,000 downloads2 . The vulnerability that we discovered may affect any Android app that uses the Dropbox SDK versions 1.5.4-1.6.1. We examined 41 apps that use the Dropbox SDK for Android, out of which 31 apps (76%) were vulnerable to our attack (i.e. they used version 1.5.4-1.6.1). It’s noteworthy that the rest of the apps were vulnerable to a much simpler attack with the same consequences, but had been fixed by Dropbox with the 1.5.4 version of the SDK which they did not care to upgrade to. This paper is organized as follows. Section 2 gives a background on Inter-App Communication (IAC) in Android. Section 3 shows how IAC can be exploited in general locally by malware and remotely using driveby techniques. Section 4 describes how the Dropbox SDK for Android uses OAuth for app authorization. In 1https://play.google.com/store/apps/details?id=com.microsoft.office.officehub 2https://play.google.com/store/apps/details?id=com.agilebits.onepassword 1section 5 we deep-dive into the vulnerability we found within the Dropbox SDK for Android OAuth code. Section 6 presents a real attack, dubbed DroppedIn, that exploits the vulnerability. In section 7, we show that the threat is real by presenting case studies. We end with section 8 that presents a mitigation for the vulnerability. 2 Inter-App Communication (IAC) in Android Android applications are executed in a sandbox environment. The sandbox ensures data confidentiality and integrity as no application can access sensitive information held by another application without proper privileges. For example, Android’s stock browser application holds sensitive information such as cookies, cache and history which shouldn’t be accessed by third-party apps. The sandbox relies on several techniques including per-package Linux user-id assignment. Thus, resources, such as files, owned by one app cannot be accessed by default by other apps. While sandboxing is great for security, it may diminish interoperability as apps sometimes would like to talk to each other. Going back to the browser example, the browser would want to invoke the Google Play app when a user browsed to the Google Play website. In order to support this kind of functionality, Android provides high-level Inter-App Communication (IAC) mechanisms. This communication is usually done using special messages called Intents, which hold both the payload and the target application component. Intents can be sent explicitly, where the target application component is specified, or implicitly, where the target is left unspecified and is determined by Android according to other Intent parameters such as its URI scheme, action or category. 3 General Exploitation via Inter-App Communication The attack surface is greatly increased if the attacker can directly invoke application components, controlling the Intent’s payload. This is the case with exported application components. Such components can be attacked locally by malware. Activities, Android application components responsible for UI screens, can also be attacked remotely using drive-by exploitation techniques as shown by [2, 3]. In the local attack, illustrated by Figure 3.1, malware invokes the exported target application component with a malicious Intent (i.e. one that contains malicious data) by simply calling APIs such as Context.startActivity(Intent). In the case of remote drive-by exploitation, illustrated by Figure 3.2, a user is lured into browsing a malicious website. This site serves a web page that causes the browser to invoke the target activity with the malicious Intent. Read more: http://dl.packetstormsecurity.net/1503-exploits/exploiting-dropboxsdk-android.pdf
-
- android
- application
-
(and 3 more)
Tagged with:
-
Highly aggressive adware has been found hidden in ten Android applications hosted on Google Play, Bitdefender reported. Adware is highly common on both desktop PCs and smartphones. However, the threats discovered by the security firm stand out not just because they are aggressive, but also because they employ clever tricks to stay hidden on the infected device. Once installed, the apps redirect victims to a webpage, hosted at mobilsitelerim.com/anasayfa, which serves ads designed to trick users into installing other pieces of adware disguised as system or performace updates, or get them to sign up for premium services. The displayed ads differ depending on the user’s location, Bitdefender said. “Although they’re not malicious per se, by broadcasting sensitive user information to third parties, they resemble aggressive adware found on desktop PCs. The resulting barrage of pop-ups, redirects and ads irks users and seriously damages both the user experience and the performance of Android devices,” Bitdefender security researcher Liviu Arsene explained in a blog post. After the adware (Android.Trojan.HiddenApp.E) is installed on the device, the redirections occur whenever the victim tries to access a website via the stock Android browser, Chrome, Firefox, and even Facebook. “After the apps are installed, the redirects occur as soon as you open any of the mentioned browsers. Regardless of what URL you’re trying to visit, you’re redirected to ad-displaying websites. The next redirect is performed after 60 seconds have elapsed,” Arsene told SecurityWeek via email. The applications had been uploaded to Google Play with names such as “What is my ip.” Researchers found the apps under two developer accounts, but the same individual might be behind both of them. In order to avoid raising suspicion, the applications only require two permissions on installation (Network Communication and System Tools). While users might figure out which of the apps they installed cause the annoying redirections, removing them could prove difficult. That’s because the applications are installed with the name “System Manager,” instead of the one used to advertise them on Google Play. The search giant appears to have removed most of the apps from Google Play after being alerted by Bitdefender, but some of the shady programs can still be found on third-party app markets. Experts believe the adware made it past Google’s vetting process because the URL that is used to redirect users doesn’t actually serve any malicious APKs. Source: securityweek.com
-
Best Mac Apps Collection (Update 3) August.2014 Best Mac Apps Collection (Update 3) August.2014 | 23.6 GB Finding the perfect application could be really difficult sometimes. In this article I've collected the best 36 Mac Applications found on the web, all app full active. I hope you'll find them useful.List Apps:- Adobe Acrobat XI Pro 11.0.7 (Mac OS X)- Adobe Photoshop.Lightroom.5.6.Final (Mac OS X)- Adobe Premiere Elements 12 Multi (Mac OS X)- Adobe Photoshop CC 2014.15.1 Multilingual (Mac OS X)- ArchiCAD 18 (3006) (Mac OS X)- Autodesk Maya 2014 SP4 (Mac OS X)- Kolor Autopano Giga 3.6.3 (Mac OS X)- Kolor Autopano Video Pro 1.6.3 (Mac OS X)- Kolor Panotour Pro v2.1.3 (Mac OS X)- DxO Optics Pro 9.1.5 Build 106 (Elite) (Mac OS X)- FXFactory Pro 4.1.7 (Mac OS X)- Final Cut Pro X 10.1.2 + Motion 5.1.1 + Compressor 4.1.2 + mLooks 1.2- Maxon CINEMA 4D Studio R15 RETAIL (Mac OS X)- Camtasia 2.8.2 (Mac OS X)- Capture One Pro 7.2.2.2 (Mac OS X)- CleanMyMac 2.2.5 (Mac OS X)- Data Rescue 3.2.4 (Mac OS X)- Dragonframe 3.5.7 (Mac OS X)- Drive Genius 3.2.4 (Mac OS X)- GraphicConverter 9.3 (Mac OS X)- HDR Light Studio 4.2 (Mac OS X)- HyperDock 1.3.3 (Mac OS X)- Imagenomic Portraiture 2.3.3 for Adobe PS (Mac OS X)- Rosetta Stone TOTALe v4.1.15 Mac OS X- Microsoft Office 2011 14.4.1 Volume.Licensed (Mac OS X)- Native Instruments Kontakt 5.3.1 Standalone AU 64bit MacOSX- onOne Perfect Photo Suite Premium Edition 8.5.1 MacOSX- Parallels Desktop 9.0.24237 (Mac OS X)- PhoneView 2.8.6 (Mac Os X)- PopClip 1.4.6 (Mac OS X)- ProVideo2.0.5.Mac.OSX- QuickBooks Pro 2014 15.0.5 R6 Mac OS X- Radium 3.0.3 (Mac OS X)- ScreenFlow 4.5.2 (Mac OS X)- Suitcase Fusion 5 v16.2.3 (Mac OS X)- UnRar X Mac OS X- VMware Fusion 6.0.4 Professional (Mac OS X)- Wondershare PDF Editor Pro 3.1.0 (Mac OS X)- XScope 3.6 (Mac OS X)- Serial Box 08.2014 + SerialSeeker 1.3.7 (B11) + iSerial Reader 2.0.16- KCNcrew Pack 07-15-14 (Mac OS X) DOWNLOAD LINKS: http://u19822771.letitbit.net/download/28392.2531f8bf4f0ff07ac168b7d54d00/MacCollection.August.2014.part01.rar.html http://u19822771.letitbit.net/download/34499.31ad71c605d2a79a74f1f2ed9437/MacCollection.August.2014.part02.rar.html http://u19822771.letitbit.net/download/44646.40eb1245eeb06cf8b19718bcb12a/MacCollection.August.2014.part03.rar.html http://u19822771.letitbit.net/download/22102.25644a3683651db1d4a392e1e3e6/MacCollection.August.2014.part04.rar.html http://u19822771.letitbit.net/download/74482.7652679044b0b8f0864a9d86d050/MacCollection.August.2014.part05.rar.html http://u19822771.letitbit.net/download/90476.99941f7c248819aff3a5556a0870/MacCollection.August.2014.part06.rar.html http://u19822771.letitbit.net/download/93782.952bdbed4e9f7bb1c4e1c45d52a9/MacCollection.August.2014.part07.rar.html http://u19822771.letitbit.net/download/60116.6c2a72cb5fce95c88c6c3c12f844/MacCollection.August.2014.part08.rar.html http://u19822771.letitbit.net/download/69016.63adf252ad0a8b983fbf471fa2b2/MacCollection.August.2014.part09.rar.html http://u19822771.letitbit.net/download/59423.50258ff8e0d24442b2fca4c4d637/MacCollection.August.2014.part10.rar.html http://u19822771.letitbit.net/download/37033.37f0cd2bec52cdc485e27aa3d680/MacCollection.August.2014.part11.rar.html http://u19822771.letitbit.net/download/38065.3da1915146a65fd9aa1010e32144/MacCollection.August.2014.part12.rar.html http://u19822771.letitbit.net/download/43358.4722d0332f758f551ab5c62eb512/MacCollection.August.2014.part13.rar.html http://u19822771.letitbit.net/download/15723.1d75abbbfa7d749300e1462afe37/MacCollection.August.2014.part14.rar.html http://u19822771.letitbit.net/download/95594.99fd502f6355d49e3d7f81dd0648/MacCollection.August.2014.part15.rar.html http://rapidgator.net/file/5ae68b828b8f09416a71c27d3fb49392/MacCollection.August.2014.part01.rar.html http://rapidgator.net/file/76c8d41ab1c9a8245369802ad048c332/MacCollection.August.2014.part02.rar.html http://rapidgator.net/file/ec55f783157b73244e1ba25f4d450ebf/MacCollection.August.2014.part03.rar.html http://rapidgator.net/file/89c835c5eff7c030a1b3dbc4c4562767/MacCollection.August.2014.part04.rar.html http://rapidgator.net/file/76792a0994c540319eb1a407ab78e7bd/MacCollection.August.2014.part05.rar.html http://rapidgator.net/file/33b7f62cce6b693d81b90ba168eddd27/MacCollection.August.2014.part06.rar.html http://rapidgator.net/file/6e5dddaf2492b04a1d4ee794e95a23cc/MacCollection.August.2014.part07.rar.html http://rapidgator.net/file/248887f56f80a1178c77c9666f85ab3f/MacCollection.August.2014.part08.rar.html http://rapidgator.net/file/f8a55a8958036fb17d320f28eee5d5e1/MacCollection.August.2014.part09.rar.html http://rapidgator.net/file/c17b062972e7595f269c43fdc1ce398f/MacCollection.August.2014.part10.rar.html http://rapidgator.net/file/a6887fdaff8e08a8006a53d9bb2c4f9e/MacCollection.August.2014.part11.rar.html http://rapidgator.net/file/cb2f179ebab0081afc102f1ecf217ad1/MacCollection.August.2014.part12.rar.html http://rapidgator.net/file/28c50f27d136a271a6cba9c9d35fe5da/MacCollection.August.2014.part13.rar.html http://rapidgator.net/file/55a894f178dc611cbe88729e31924277/MacCollection.August.2014.part14.rar.html http://rapidgator.net/file/559539019457e4910e7a81aa795c94a5/MacCollection.August.2014.part15.rar.html http://www.uploadable.ch/file/eKbzez6dxvTN/MacCollection.August.2014.part01.rar http://www.uploadable.ch/file/qA5W77Ybrmtq/MacCollection.August.2014.part02.rar http://www.uploadable.ch/file/tg6TxPbPZ7mm/MacCollection.August.2014.part03.rar http://www.uploadable.ch/file/sygErYkrAPMY/MacCollection.August.2014.part04.rar http://www.uploadable.ch/file/2qrAqHbJ9yxF/MacCollection.August.2014.part05.rar http://www.uploadable.ch/file/QJMHzA7mXMyy/MacCollection.August.2014.part06.rar http://www.uploadable.ch/file/tavBApTNEcZD/MacCollection.August.2014.part07.rar http://www.uploadable.ch/file/kzgAuDzH9Y9B/MacCollection.August.2014.part08.rar http://www.uploadable.ch/file/Dxq58jxwY9Sq/MacCollection.August.2014.part09.rar http://www.uploadable.ch/file/sdbTXvkntgCK/MacCollection.August.2014.part10.rar http://www.uploadable.ch/file/SQYK7jzmhs9Q/MacCollection.August.2014.part11.rar http://www.uploadable.ch/file/Mrc4jqzE3wu6/MacCollection.August.2014.part12.rar http://www.uploadable.ch/file/m9NBPaTxN3FY/MacCollection.August.2014.part13.rar http://www.uploadable.ch/file/7y5EstZwckDE/MacCollection.August.2014.part14.rar http://www.uploadable.ch/file/zxXMWNqJcuER/MacCollection.August.2014.part15.rar
-
- apps
- collection
-
(and 2 more)
Tagged with:
-
Nu mai mira pe nimeni, nu? Dupa ce in ultima perioada de timp au fost scoase la iveala numeroase bug-uri de securitate, deficiente in setarile de confidentialitate, inca o stire legata de vanzarea datelor unor useri de catre o aplicatie de top de pe Facebook a aparut. Facebook zice ca n-are nimic, nu-s mai mult de o duzina de aplicatii autorizate de ei si considerate a fi de top, care fac asta in mod curent. Facebook App Developers Sold User Data…Shock! An Update on Facebook UIDs - Facebook Developers