Audiobus: Use your music apps together.
What is Audiobus? — Audiobus is an award-winning music app for iPhone and iPad which lets you use your other music apps together. Chain effects on your favourite synth, run the output of apps or Audio Units into an app like GarageBand or Loopy, or select a different audio interface output for each app. Route MIDI between apps — drive a synth from a MIDI sequencer, or add an arpeggiator to your MIDI keyboard — or sync with your external MIDI gear. And control your entire setup from a MIDI controller.
Download on the App StoreAudiobus is the app that makes the rest of your setup better.
WARNING: Very Cautious Email Security
I got hacked.
I am not a fool. Nor am I inexperienced.
I am not sure if it was a 3rd party provider, an email phish, or what, but my shit got penetrated.
Needless to say, I am aware now of a large number of new attacks and scams so be CAREFUL what you open or click on. I am aware some exact replicas of email services that open and you think it is gmail or outlook but its not.
I just wanted to warn people I communicate with regularly so you don't go through this.
Good day.
Comments
Bummer, good to remind people to be especially careful these days.
I do wonder sometime whether having so many sites and services linked (as in log in using Google, LinkedIn, etc) is a good idea.
Did you lose anything permanently?
@RustiK. Hope it's not a serious issue for you. New kinds of criminals. Best of luck with everything.
Curious how deeply you were hacked, as in was it an online account, an app, or at the os level. Which platform was it specifically?
I refuse to click anything in any email myself, and run 2-factor authentication on everything I have the option to. This reminds me I have a few more sites I need to check for 2-step.
While it's very hard to safeguard against sloppy security at the online services you use, there are some things you can do on your end
The above are useful measures against bruteforce hacking, drive by attacks and zero day browser exploits but these days, the majority of attacks rely on social engineering where the user is the weak point and if you can get the user to click a link or even better, download and open a file, you can bypass all the security measures
So the most important advice is to use common sense
Regarding security software such as antivirus, it's debatable if they're any good. First of all, they rely on a database of known risks which is of course useless against zero days. It's also trivial for a good programmer to modify existing malware enough to avoid detection. So AV now use heuristic scans too, which are usually either too aggressive which will give you lots of false positives or too lax so things can still get through. Since malware attacks rely on exploits in installed software, introducing AV will also result in a larger attack vector. There have been numerous exploits that attacked the AV itself
Of course, security is a lot more complex than this but i just thought i'd offer some advice to anyone reading this thread
Sucks. I never sign in with Google. I rather not take advantage of benefits I.e.keystrokes collected by my third party keyboard etc.
I expect soon enough we'll all need some kind of paid antivirus solution. I normally go with free but not if it's worth my money
Does everyone here use anti virus? I have never had any on my iPad- never had a problem- I only use it for making music, ebay, some games etc- email if I have to. What is the best anti virus if I need it?
I have Norton on my PC.
Not on any IOS device.
Not aware of how to.
Well I am curious too.
Pretty crazy story actually for an email thing.
It started yesterday am.
I went to send an email to Reactable about some non-sense with hotmail on MyMail email app on iPhone.
So, it gets kicked back with some notice about sender blah blah blah.
Didn't think much of it.
A. I am in a remote location doing something
B. It is an international email
I also use this account for Craig's List sales. (I sell)
I go to check emails for a potential sale on this hotmail account and see your acct suspended due to fraudulent or suspicious activity. I'm like fuck, I need to make money. I need to straighten this out.
So I head down the wormhole of attempting to re-instate this account. This includes a secondary email previously in possession of Microsoft from my original enrollment with hotmail. This email is a gmail account.
As I go to re-authenticate the hotmail account with the Gmail account I get a notice from Google suspcious activity, and asks if this is me:
"Logged in on iPhone in Washington DC"
WTF, that wasn't me I am at that moment in a rural area north of Baltimore Maryland. So Google shuts it down.
These are the exciting parts from yesterday.
Here is my synopsis of potentials.
1- I heard TMobile was hacked (i have T Mobile)
2- My 3rd party app did something or was compromised something went wrong\
3- Some scumbag hacker
4- Government is monitoring me and Trump
Thats my story
NOTE:
I only use cash and don't even have a bank account
Could someone do this true Dropbox?
I dunno to be honest.
And I changed my other remaining passwords etc.
In the end of the day: Your two (hotmail & google) email accounts got hacked?
Yes.
Simultaneously is the odd thing that is irking my spidey senses.
The best anti virus in IOS, and really any where, is not to click on email links period. If you need to go to a website, go there on your own and not thru links. I've had that philosophy for a long time and thank God it's kept me out of trouble.
I didn't that is why I posted this thread.
I don't
didn't
wouldn't
So that is why I am so concerned about what happened and to tell others be very vigilant or paranoid. Whatever works.
Wow that's not good.
Also do not use a single master password for everything guys that's another easy open door to hackers IMHO.
Short answer - you don't need it. Common sense is far more effective
Long rant
Antivirus relies on a database of malware which it compares to the files it scans. The problem with this is that the malware has to be discovered by them before it's entered into the database. It's useless against zero day exploits. It's trivial for good programmers to change just enough to make the malware appear non malicious until it's entered into the database again. Advanced malware can do this in the wild. So to deal with that, they introduced heuristic analysis which (wildly simplified) decompiles a given program and analyse it or run it in a virtual environment to see what it does. While it is capable of detecting unknown malware, it still relies on what it already knows so to speak and a huge drawback is false positives
So antivirus is not only not very effective, it also hogs system resources and it opens you up for other attacks. Security is about reducing the attack vector and AV does the opposite
Things that will help
Also realise that there is no way to secure you completely. As phones and tablets keep getting more features, they also get more security holes and there is little we can do about that
Good rant.
Very true^^^^
I stopped using anti viruses when I found out that it's the company them sends them (viruses-harmless or fake) to you and then "finds them" and quarantine them etc...
Just to make you feel safe.
I had never any serious problems besides the usual advertising shit that gets in..(.that gets easily removed with MB or combofix or others, free ones, just do a research.)
@RustiK , your problem sounds like it was an infection from someone else's PC that had your addresses and the virus starts to send emails to everyone who is in the address book of the hacked account.
Change your password and everything is OK. You can use virtual keyboard which is safer when you write PWs etc....
Sounds like good advice- thanks for taking the time. Is it just as effective to ignore ads (not respond to them) or should an ad blocker be used in all cases. If so - is there a best one to use?
Cheers
I use ones from Google chrome apps, they all work....
Another thing, NEVER download any software from other sites then the developer.
They infect you, guaranteed.
To see what I mean go on Adobe reader site and pretend you want to download Adobe reader. Before downloading, see what comes with it, 2 softwares that you don't want and that are very hard to get rid of. (Obviously don't download just see)
Yes, it is possible to hack (or even just guess) passwords of email accounts. It won't be done by clicking an email link within iOS mail or such - but it is possible. Sometimes a good guess is enough and after the hacking of the first account the hacker knows some other mail accounts - and has an idea how to vary the password for these accounts.
(sad story: there are a lot of passwords where the last one or two digits are numbers, usually "01" or "02" or such)
2-factor authentification helps.
P.S.
There is no such thing like a virus for iOS devices.
The problem with ads is they are an easy way to deliver malware. There have been many examples of large ad services being compromised which means users got malware from otherwise reputable sites. If you block the ad with an adblocker, it doesn't get to load so you're safe
I wouldn't say it's a must use situation though because today the vast majority of malware attacks relies on social engineering which means tricking the user into enter personal info on a compromised website, downloading and opening an email attachment etc.
One thing i would recommend very much is to use a password manager. Once setup, you only have to remember the master password which means you generate very long and complex passwords for the sites you use since you wont have to remember them. There are plenty of managers out there, ranging from very easy to use and convenient like LastPass all the way to open source solutions with encrypted local storage like Keypass but using any one of them with a strong master password will make a big difference
While I can't say for certain if there are any iOS virus(as in self replicating malware) in the wild at the moment, there is plenty of other malware that has targeted iOS. In fact, in light of the recent Vault 7 leaks it's very apparent that smart devices are fairly easy to exploit
https://www.theiphonewiki.com/wiki/Malware_for_iOS
https://9to5mac.com/2016/03/17/acedeceiver-iphone-malware/
https://www.theregister.co.uk/2016/03/16/acedeceiver_ios_malware/
2 seperate diff passwords on each account
Password Manager
Two-factor authentication on every account that allows it.
Hacking in to a two-factor account is possible, but your cell phone account has to be compromised, as well as your email password. It's considerably more difficult to do and far less likely to happen.
This thread has propmpted me to change my gmail password which I haven't done for the last 2'years. Then I thought: what if frequent password changes are a security risk due to unsecured network etc. I'm currently living in a shed while my house is being refurbished. Could a wifi repeater be weak link?
There's such a potential for paranoia here!
Buy and use 1Password, use cryptic passwords, don't reuse any passwords, stay away from warez and illegal software, don't share your wifi and you'll be fine.
Get on top of this quick. US Federal agencies should have information to help you get things under control, with the biggest concern being ID theft, and the lesser concerns being use of your data or even just plain theft. I'd even call your local police department, because it is a crime and they should be able to help you.
There is indeed but the thing to remember is that, while you can't be completely secure, many of the advanced attacks requires you to be targeted specifically. Sure, someone could crack your wifi but what are the odds of that happening?
Most malware is through some kind of social engineering and is not targeted at specific individuals so that's why common sense really is the most important measure you can take
I'd say the 2 most important things to do, if you haven't already, is to start using a password manager and enable 2 factor authentication wherever possible
All safety measures listed here are good practice, but of equal importance is a contingency plan for when you do get hacked, given that a lot of the 'weak links' are beyond a persons control.