Monthly Archives: October 2015
We just released version 2.04 of DetectX, but if you’re finding that you can’t update, here’s the reason (and the fix!).
Thanks to Apple’s new AppTransport security layer and Amazon S3 not supporting perfect forward secrecy protocol, users of DetectX on any version prior to 2.04 who are running El Capitan (OSX 10.11) will find that DetectX can’t be updated from within the app even though we use a secure https connection.
The simple, if inconvenient fix, is to download DetectX directly from sqwarq. We’ve fixed the bug so that once you’re on v2.04, the in-app update mechanism will function properly again (even on El Capitan !).
Another day, another raft of apps removed from the iOS App Store. Well, actually it’s not quite that bad, but it does seem to be getting a bit more common.
In any case, Apple have just released this statement:
“Apple has removed a few apps from the App Store that install root certificates that could allow monitoring of data. This monitoring could be used to compromise SSL/TLS security solutions. If you have one of these apps installed on your device, delete both the app and its associated configuration profile to make sure your data remains protected.”
The only minor problem being they haven’t actually named which apps have been removed, making it sort-of impossible to follow their advice.
Not to worry. You can tell if you have one of the not-mentioned apps simply by going to
Settings > General and looking for the Profile option.
If you don’t see ‘Profile’ anywhere in the list, then you can rest easy. You don’t have any of those apps.
If you do see ‘Profile’ in the list, look at what’s in it. Anything you don’t recognise should be removed. There shouldn’t be anything in there that you didn’t explicitly approve of and know about.
Anything you do recognise but are not sure if its safe, contact the developer and/or Apple directly.
Keeping an eye on General > Profiles is a good idea. We recently found a website that will download a config profile and install apps to your iOS device without that device being either Jailbroken or requiring you to enter an AppleID for the download.
Fair enough, it does require the user to click-through a few “do you want to trust this…” type dialogue boxes, but that’s hardly child-proof. If you’re a parent who lets your children use your iOS devices without constant surveillance like most of us, that’s a real security issue (and yet another reason why we at Applehelpwriter insist user accounts is a must-have feature Apple need to implement in iOS sooner rather than later).