Corporate teams are gearing up to take part in the Oxfam Trailwalker

After raising millions for charity and endless hours of training, teams are ready to take on the daunting Oxfam Trailwalker, writes Rachel Jacqueline

http://www.scmp.com/lifestyle/health/article/1353500/corporate-teams-are-gearing-take-part-oxfam-trailwalker

Teamwork and sheer will are mandatory for the 4,500 runners descending on the MacLehose Trail  this weekend for the annual Oxfam Trailwalker, a gruelling 100-kilometre charity foot race completed in teams of four with a 48-hour time limit.

But the quartets are usually not alone in their journey to the finish line; the teams are often formed among colleagues and supported – physically, emotionally and financially –  by fellow employees.

Corporate participation represents the largest and fastest-growing sector of the Trailwalker, says Kanie Siu Mei-kuen, director of fundraising and communications for Oxfam Hong Kong.

In 1986, the first year the event was open to the public, just 100 teams took part and raised HK$208,000; last year 1,179 teams raised HK$28 million. Almost HK$400 million has been raised in the past 27 years for Oxfam, a non-profit organisation focused on helping the poor.

More than 3,000 volunteers, 45,000 donors and 4,000 support team members are in action during the event. Over 40 key sponsors donate services and contribute vital manpower.

“The corporate community support helps us provide utilities, hiking gear, food and beverages to all participants and supporters, which helps them before and during the event,” Siu says.

For example, CLP Power has been providing the energy and infrastructure for the event since 1986. Each year, CLP lays more than 112,000 metres of cable, hangs over 42,000 light bulbs and high-beam lights, and supplies more than 9,800 power socket outlets.

Then, of course, there  are those who coax their bodies over the 100-kilometre journey.

The majority of teams represent their organisation or corporate sponsors across 15 “industry categories” designed to encourage “a bit of positive competition for the finishing time and donations raised between various corporations among the industries”, says Siu.

Each year, about 300 teams are classified as “special” by raising at least HK$30,000 each (the minimum is HK$6,800). These teams are then given priority for registration the following year. Siu says they are usually corporate teams. This year there are 459 special teams, up from 397 last year.

Financial services provider State Street, the event’s primary sponsor, also gets physically involved. “We’re not just a sponsor – over the years we’ve had hundreds of State Street employees join Trailwalker, not only as participants but also as volunteers to support Oxfam’s important work,” says Natalie Wu, the company’s vice-president of corporate citizenship for Asia-Pacific. 

There are also added benefits for participants in the event. “It’s all about teamwork and is a great opportunity for team building,” Siu says. “It’s also a fun way to develop team spirit within the corporate community,” 

“Workplace involvement in the Oxfam Trailwalker is a unique way to support employees and strengthen relationships with clients and suppliers. It can also help promote a healthy workforce … and increase an organisation’s charitable profile.”

A few ways to make the world more awesome: A chat with Kid President  (Laura Vivas)

Robby Novak seems like a regular ol’ 11-year-old boy with a big laugh and a tendency to fidget, if you ignore the fact that he’s also a YouTube superstar. The dynamo elementary student started making a series of motivational videos with his older brother-in-law when he was just 9. The videos went viral, and since then, he’s appeared on Today, interviewed people like Beyonce and the President of the United States, and even addressed the crowd at the 50th Anniversary of the March on Washington.

Chances are you’ve seen one of Robby’s videos, though you probably know him as Kid President. As his alter ego Kid President, Robby addresses the masses from his tiny oval office, spreading the word that life should be a party, people should be more awesome, and everyone should “treat everybody like it’s their birthday.” He wears a really snazzy suit and a red tie. He dances better than most adults. His seemingly boundless enthusiasm is contagious.

Robby became Kid President when his brother-in-law — videographer Brad Montague — decided that people should spend more time listening to what kids have to say. They started making their signature motivational videos, working together on each episode without any fancy film crews or staff. It didn’t take long to realize that a little kid wisdom was exactly what the world wanted. Kid President’s breakout video, “A Pep Talk from Kid President to You,” which was featured on TED.com last February, currently has over 30 million views on YouTube.

In the video, Robby (as Kid President) gives a rousing pep talk that’s equal parts hilarious and heartwarming. He reminds us all that life is short, so short that we shouldn’t waste time being boring or unkind, or ignoring the call to make the world awesome. “Boring is easy,” he tells the viewer. “Everybody can be boring. But you’re gooder than that.” He dances, quotes both Journey and Robert Frost, and in perhaps the most charmingly memorable part of the video, asks, “What if Michael Jordan had quit? … He wouldn’t have made Space Jam … What’s your Space Jam?”

In 2013 alone, Kid President had the opportunity to honor his hero, Dr. Martin Luther King Jr., at the 50th Anniversary of the March on Washington; work with the White House to prank the Internet on April Fools Day; and host a special Google Hangout with the United Nations for World Humanitarian Day. He kissed Beyoncé, nabbed an interview with Josh Groban via a voracious Twitter campaign, and presented his NCAA Tournament picks with ESPN.

Kid President also happens to have a rare brittle bone disease — osteogenesis imperfecta (OI) — which has caused him to have over 70 bone breaks since birth. While this is a part of Robby’s life, he and his brother-in-law choose not to make it the focus of their videos, deciding instead to focus on Robby’s natural humor, penchant for dancing, and ability to give a really good pep talk. As Montague writes on the Kid President website, “What’s inspiring about Robby isn’t his condition, but the fact that his condition doesn’t define who he is. In spite of all he’s been through, he not only keeps going — he dances.”

We’re thrilled that Kid President took time out of his busy schedule to share some off-the-cuff wisdom about staying positive and making the world a brighter place, as well as some adorably practical tips about what to avoid when feeding a baby (he just became an uncle, so this baby thing is new to him).

INTERESTING FACTS ABOUT LIFE by Elena Sisternas

INTERESTING FACTS ABOUT LIFE

1. You breathe on average about 5 million times a year.
2. Months that begin on a Sunday always have a Friday the 13th in them.
3. You are born with 300 bones, by the time you are an adult you will have 206.
4. The average lead pencil will write a line about 35 miles long or write approximately 50,000 English words.
5. One fourth of the bones in your body are in your feet.
6. The average person spends 2 weeks of their lifetime waiting for the light to change from red to green.
7. It takes more calories to eat a piece of celery than the celery has in it.
8. The present population is expected to rise to 15 Billion by the year 2080.
9. The largest recorded snowflake was 15 inches wide and 8 inches thick.
10. The tip of a bullwhip moves so fast that the sound it makes is actually a tiny sonic boom.
11. Native Americans used to name their children after the first thing they saw as they left their tepees after their children were born, hence the names Sitting Bull and Running Water.
12. The Matami Tribe of West Africa play their own version of football, instead of a normal football they use a human skull.
13. Coca-Cola would be green if the food colorant wasn't added.
14. During the 17th Century, the Sultan of Turkey ordered his hole harem of women to be drowned and replaced with a new one.
15. Coffins used for cremation are usually made with plastic handles.
16. "Almost" is the longest letter in the English language with all the letters in alphabetical order.
17. Human thigh bones are stronger than concrete.
18. Cockroaches can live several weeks with their heads cut off.
19. It is impossible to sneeze with your eyes open. We dare you, give it a try!
20. A Ten Gallon Hat will only hold 3/4 of a Gallon.
21. Of all the words in the English language, the word "SET" has the most definitions.
22. It is against the law to burp, or sneeze inside a church in Nebraska.
23. In 1386 a pig in France was executed by public hanging for the murder of a child.
24. Earth is the only planet not named after a god.
25. The world's oldest piece of chewing gum is over 9,000 years old!
26. Scientists have tracked butterflies travelling over 3,000 miles.
27. The silkworm consumes 86,000 times its own weight in 56 days.
28. If removed from the stress of the modern world, the average human would sleep about 10 hours a day.
29. To produce a single pound of honey, a single bee would have to visit 2 million flowers.
30. A colony of 500 bats can eat approximately 250,000 insects in an hour.
31. One in Five adults believe that aliens are hiding in our planet disguised as humans.
32. Travelling masseuses in ancient Japan were required by law to be blind.
33. The bloodhound is the only animal whose evidence is admissible in court.
34. James Fixx, the man who popularized jogging in America died of a heart attack while running.
35. The average American spends about a year and a half of his or her life watching commercials on television. What are you doing?! Get out and spend that year and a half doing something productive!

7 Methods on How to Have a Better Night of Sleep by M@ri@ VALERO

7 Methods on How to Have a Better Night of Sleep   by Maria Valero

in Health    (submitted 2014-02-16)

7 Guidelines to Sleep Better

Below we talk about seven actions you can take to have a better night's slumber.

1. Employ a Consistent Sleeping And Wakeup Regimen

When get into your bed on a consistent time every single day it assists the body managing when you should retire for the night and when you ought to wake up. When you continue to keep a regular waking up time it will help to bolster your circadian function inside your brain and will help you sleep through the whole night.

2.Have a Sleeping Routine

When it is bedtime it is recommended to start a habit that is comforting.
Things you could do are stretches, soak in a bath, have a shower, read a novel, or play audio which will calm you. Try to do these kinds of things inside a warmly lighted room and clear of bright lighting.

Doing this regimen daily will certainly help your brain to understand when it's your sleep time and distinguish it from other activities. Do not conduct activities that you know can cause you stress, anxiety or a lot of exhilaration or you will be putting yourself in position to have a harder time drifting off to sleep.

3. Make Your Bedroom A Perfect Place For Getting to Sleep

Create a mood inside your sleeping room that's warmly lighted, comfy, quiet, and cool. Having the area in which you rest with the right mood may help you get to sleep a lot quicker and help you to sleep through the whole night.

Have the bedroom clear of disruptions and interruptions. If you can't get away from loud street noises or your bed partner's snoring you could try using something that causes white noise like a humidifier or fan.

4. Get the Right Bed and Pillows

Rest is a really vital part of your day-to-day life that is able to have a major effect on your entire perspective during the day. If you're currently be getting to sleep on a less than comfortable mattress or cushion, really carefully consider purchasing a mattress and cushion set which are cozy. This enables you to rest significantly better during the night time and also aid you in getting to sleep.

5. Use Your Sleeping Room for Sleeping Only

If you do activities within your bedroom like watching television, gaming, or work activities, you ought to do them somewhere else. This can help the brain to associate between rest time and other activities you do every day. If you typically associate the room with different activities then sleeping, it may counteract the harmony of your sleeping period.

6. Remove the Alarm Clock From The Room If You Tend To Look At It

If you've got the practice of looking at your clock then you may want to transfer the clock in a place where you can't keep looking at it. For people who have a tendency to look at the clock to see what time period you have to sleep, make sure you move the clock to an place where you won't be able to see it. Keeping your clock in a spot where you have the routine to keep looking at it could cause you to begin thinking, which might lead to anxiousness and eventually breakup your sleep.

7. Be Sure You Cease Eating & Drinking Some Time Before You Go to Bed

Be sure to always complete consuming food 2 or 3 hours before you get to sleep. You want your system to be done with it's digesting prior to you heading to sleep. Additionally be sure that you don't drink anything two or three hours before going to bed as well. You will have a difficult time falling asleep by eating or drink before bed and it's really not good for the digestive system. Regarding light sleepers, drinking too much before going to sleep can cause a trip to the bathroom in the course of your sleeping cycle and could keep you up.

If you decide to do a number of the things outlined here you will be able to go to sleep more quickly and also sleep through the night.

When you have any kind of queries regarding where and the way to work with how to sleep faster arcadia missa, you are able to e mail us in the webpage.

The Difference Between American and British Humour (Apart from the spelling of the word, obviously) - by Ines Serratosa

It’s often dangerous to generalize, but under threat, I would say that Americans are more “down the line.” They don’t hide their hopes and fears. They applaud ambition and openly reward success. Brits are more comfortable with life’s losers. We embrace the underdog until it’s no longer the underdog.We like to bring authority down a peg or two. Just for the hell of it. Americans say, “have a nice day” whether they mean it or not. Brits are terrified to say this. We tell ourselves it’s because we don’t want to sound insincere but I think it might be for the opposite reason. We don’t want to celebrate anything too soon. Failure and disappointment lurk around every corner. This is due to our upbringing. Americans are brought up to believe they can be the next president of the United States. Brits are told, “It won’t happen for you.”

There’s a received wisdom in the U.K. that Americans don’t get irony. This is of course not true. But what is true is that they don’t use it all the time. It shows up in the smarter comedies but Americans don’t use it as much socially as Brits. We use it as liberally as prepositions in every day speech. We tease our friends. We use sarcasm as a shield and a weapon. We avoid sincerity until it’s absolutely necessary. We mercilessly take the piss out of people we like or dislike basically. And ourselves. This is very important. Our brashness and swagger is laden with equal portions of self-deprecation. This is our license to hand it out.
This can sometimes be perceived as nasty if the recipients aren’t used to it. It isn’t. It’s play fighting. It’s almost a sign of affection if we like you, and ego bursting if we don’t. You just have to know which one it is.

I never actively try to offend. That’s churlish, pointless and frankly too easy. But I believe you should say what you mean. Be honest. No one should ever be offended by truth. That way you’ll never have to apologize. I hate it when a comedian says, “Sorry for what I said.” You shouldn’t say it if you didn’t mean it and you should never regret anything you meant to do. As a comedian, I think my job isn’t just to make people laugh but also make them think. As a famous comedian, I also want a strict door policy on my club. Not everyone will like what I say or find it funny. And I wouldn’t have it any other way. There are enough comedians who try to please everyone as it is. Good luck to them, but that’s not my game, I’m afraid.

Oh and for the record I’d rather a waiter say, “Have a nice day” and not mean it, than ignore me and mean it.

11 weird and wonderful facts about the oscars ( Pati Soucheiron)

11 Weird and Wonderful Facts About the Oscars (Pati Soucheiron)

Begun in 1929, the Academy Awards and its iconic Oscar statues have become a high-water mark in terms of pagentry and the movies they honor. True, the awards are sometimes overshadowed by the films they snub, but the event continues to hold international attention and has given out 2,809 Oscars for 1,853 in the intervening 83 ceremonies. In that time, the event has picked up some pretty interesting stats and facts, which we’ve chronicled for your pleasure.

1. Oscar winners don’t really own their statues. Upon being presented with their award, winners must sign an agreement stating that they should they wish to sell their statuettes they must first offer them to the Academy for $1. If they refuse, they cannot keep their trophy. The rule has been in effect since 1950, which means that older statues do sometimes appear on the open market. Be prepared to pay a lot more than $1, though: 

Steven Speielberg bought Bette Davis’ Oscar for $578,000 in 2001 and donated it back to the Academy, and Michael Jackson paid over a million for David Selznick’s award in 1999.

2. The biggest loser in Oscar history is Kevin O’Connell, a sound re-recording engineer. Despite 20 nominations since his work on 1983′s Terms of Endearment, O’Connell has yet to win a single statue. O’Connell’s last nomination came in 2007 for his work on Transformers.

3. To even have your film considered for a nomination, it has to meet some fairly exacting standards: It must be 40 minutes long; on 35mm or 70mm film, or 24- or 48-frame progressive scan Digital Cinema format at a minimum resolution of 2048 by 1080 pixels; and must be screened for paid admission in Los Angeles for at least seven days. 

4. That last point about screening in L.A. is particularly interesting as it held up the Charlie Chaplin’s 1952 film Limelight from winning an academy award. When the movie was finally screened in L.A. in 1973, it was nominated and won for Best Original Score.

5. One of the stranger recipients of an Oscar was the British Ministry of Information for their 1941 docudrama Target for Tonight. Not everyday a country’s wartime propaganda organ wins a major award!

6. There has only been one Oscar winner named Oscar: Oscar Hammerstein II, who won two for best song.

7. While the pomp and circumstance of the award ceremony are certainly legendary, the scale of them can be shocking. At the reception afterward, the assembled diners will be presented with 1,200 bottles of champagne, 1,000 spiny lobsters, 1,200 Kumamoto Oysters, and 18kg of caviar. Add in about 7 kg of edible gold dust for the 4,000 chocolate Oscar statues.

8. The Kodak Theater, which has been the most recent home of the Oscars, seats 3,332 people. Of course, not everyone shows up — which is why those famous seat-fillers make $125 an hour making the place look full.

9. In addition to its occasional snubbing of worthy films, the Oscars have also become somewhat notorious for overly long and emotional acceptance speeches. This came to a head in 2002, where the ceremony ran an astounding four hours and twenty-three minutes.Since then, the Academy has enacted the 45-second rule, where speeches longer than 45 seconds will be cut off by the orchestra — which is only slightly less awkward then watching full grown adults sob and ramble to their hearts content.

10. On the subject of acceptance speeches, the record for shortest speech is shared by William Holden and renowned director Alfred Hitchcock. They both simply said, “Thank you.”

11. While the Oscar staute is perhaps the most recognizable icon of the event, the phrase “And the winner is…” is perhaps even more famous. Originally used by the award’s presenters to announce the recipient of an award, the phrase was quietly abandoned in 1989. Since then, the preferred lead-in has been “And the Oscar goes to…”, presumably to make the losers feel better.

SOLUTIONS TO GLOBAL WARMING by Ignacio Pons

There is no single solution to global warming, which is primarily a problem of too much heat-trapping carbon dioxide (CO2), methane and nitrous oxide in the atmosphere. (Learn more about the causes of global warming.) The technologies and approaches outlined below are all needed to bring down the emissions of these gases by at least 80 percent by mid-century. To see how they are best deployed in each region of the world, use the menu at left.

• Boosting energy efficiency: The energy used to power, heat, and cool our homes, businesses, and industries is the single largest contributor to global warming. Energy efficiency technologies allow us to use less energy to get the same—or higher—level of production, service, and comfort. This approach has vast potential to save both energy and money, and can be deployed quickly.
• Greening transportation: The transportation sector's emissions have increased at a faster rate than any other energy-using sector over the past decade. A variety of solutions are at hand, including improving efficiency (miles per gallon) in all modes of transport, switching to low-carbon fuels, and reducing vehicle miles traveled through smart growth and more efficient mass transportation systems.
• Revving up renewables: Renewable energy sources such as solar, wind, geothermal and bioenergy are available around the world. Multiple studies have shown that renewable energy has the technical potential to meet the vast majority of our energy needs. Renewable technologies can be deployed quickly, are increasingly cost-effective, and create jobs while reducing pollution.
• Phasing out fossil fuel electricity: Dramatically reducing our use of fossil fuels—especially carbon-intensive coal—is essential to tackle climate change. There are many ways to begin this process. Key action steps include: not building any new coal-burning power plants, initiating a phased shutdown of coal plants starting with the oldest and dirtiest, and capturing and storing carbon emissions from power plants. While it may sound like science fiction, the technology exists to store carbon emissions underground. The technology has not been deployed on a large scale or proven to be safe and permanent, but it has been demonstrated in other contexts such as oil and natural gas recovery. Demonstration projects to test the viability and costs of this technology for power plant emissions are worth pursuing.
• Managing forests and agriculture: Taken together, tropical deforestation and emissions from agriculture represent nearly 30 percent of the world's heat-trapping emissions. We can fight global warming by reducing emissions from deforestation and forest degradation and by making our food production practices more sustainable.
• Exploring nuclear: Because nuclear power results in few global warming emissions, an increased share of nuclear power in the energy mix could help reduce global warming—but nuclear technology poses serious threats to our security and, as the accident at the Fukushima Diaichi plant in Japan illustrates to our health and the environment as well. The question remains: can the safety, proliferation, waste disposal, and cost barriers of nuclear power be overcome?
• Developing and deploying new low-carbon and zero-carbon technologies: Research into and development of the next generation of low-carbon technologies will be critical to deep mid-century reductions in global emissions. Current research on battery technology, new materials for solar cells, harnessing energy from novel sources like bacteria and algae, and other innovative areas could provide important breakthroughs.
• Ensuring sustainable development: The countries of the world—from the most to the least developed—vary dramatically in their contributions to the problem of climate change and in their responsibilities and capacities to confront it. A successful global compact on climate change must include financial assistance from richer countries to poorer countries to help make the transition to low-carbon development pathways and to help adapt to the impacts of climate change.

Adapting to changes already underway: As the Climate Hot Map demonstrates, the impacts of a warming world are already being felt by people around the globe. If climate change continues unchecked, these impacts are almost certain to get worse. From sea level rise to heat waves, from extreme weather to disease outbreaks, each unique challenge requires locally-suitable solutions to prepare for and respond to the impacts of global warming. Unfortunately, those who will be hit hardest and first by the impacts of a changing climate are likely to be the poor and vulnerable, especially those in the least developed countries. Developed countries must take a leadership role in providing financial and technical help for adaptation.

Why birds can’t avoid hitting your car windscreen ( by Pol Galí)

It’s not just a superstition – a bird hitting your car windscreen really is an omen of death. No, not for you, but for the poor bird. It’s estimated that at least 80 million birds are killed this way every year in the United States alone. That’s not just distressing and dangerous for drivers. It’s a potentially significant source of fatalities to some rare and endangered bird species, which is why wildlife researchers and conservationists would like to understand more about why they fail to avoid oncoming vehicles.

After all, birds are often pretty good at getting out of the way. So when they don’t, is it because some birds are slower than others, or because some other factor clouds their judgment? That’s the question explored by an American team led by Travis DeVault of the National Wildlife Research Center in Sandusky, Ohio.

You can’t conduct an experimental study like this without reproducing the phenomenon you’re investigating. That’s why the researchers had to gather their data by driving a Ford pickup truck at speeds of up to 90km/h (56mph) directly at birds in the road. Remarkably, the team were able to avoid any actual impacts with the birds, although there were some near misses.

They chose a stretch of road at Plum Brook Station, a remote installation near Sandusky belonging to the Nasa Glenn Research Center. Rest assured the road was closed to traffic for the experiments. The hapless avian participants were turkey vultures, a common scavenger throughout the Americas which are often involved in aircraft collisions as well as road incidents. Turkey vultures feed on carcasses such as road kill, and to create the conditions for a potential collision the researchers placed on the road raccoon carcasses on which the vultures had previously been conditioned to feed.

Screen test

DeVault and colleagues were primarily interested in studying how vehicle speed influences collision. Naturally, one would expect that the chances of impact are higher when the vehicle is travelling faster, giving birds less time to react. But does their behaviour change only gradually, or more abruptly, as the speed increases?

Birds may not have had enough time to evolve some vehicle-specific avoidance mechanisms, but they probably rely on standard manoeuvres geared to avoiding predators – drawing on signals about how fast the threat is approaching and how far away it is.

So the researchers measured the birds’ responses for three different approach speeds: 30, 60 and 90 km/h (19, 37 and 56mph, respectively). In particular, they were interested in when the birds began any movement like running or flying away.

There are two ways to measure that: how long before collision, and how far away the truck is. An earlier study on rock pigeons found they can tell when to scarper thanks to “looming-sensitive” neurons that can convert the rate of apparent growth in size of an approaching object to an estimate of collision time. But that study considered only approach speeds typical of predators (up to 27km/h, or 17mph), whereas vehicles typically travel much faster.

DeVault and colleagues found that, when the truck approached at 30 and 60 km/h, the turkey vultures tended to take off over a fairly well defined range of vehicle distances and times-to-collision. But up the speed to 90 km/h, and it looked as though the birds no longer had much of a clue how to respond, and did so largely at random. Some birds took flight when the truck was almost 300m (985ft) away, for example, while a comparable number left it until a mere 20m (66ft) away, just a few seconds before impact. Their cognitive mechanism for evaluating the danger had, it seemed, broken down.

The implication is that, while naturally you’d expect a lower speed limit to reduce the chance of fatal collisions, the danger is disproportionately high when vehicles travel at more than 90 km/h (or rather, at some threshold lying between 60 and 90). No one is expecting that highways all around the world should observe this speed limit for the sake of birds, but it might be especially important in wildlife parks, bird reserves and conservation areas. The question remains of whether the behaviour of the turkey vulture is representative of other birds, let alone other wild animals more generally. But it seems entirely possible that cognitive overload – the “rabbit in the headlights” effect – is a widespread danger to wildlife when a truck is bearing down on them.

One happy footnote: future studies should be even less risky for the birds. Rather than continue the live method used for this study, the team has now started to monitor birds’ responses to video playback of approaching vehicles.

Feeling smug that your iPhone can't be hacked? Not so fast...- Eduardo Blasi

iPhone owners would be forgiven for having a false sense of security when it comes to the safety of data on their phone. Apple has done a tremendous job of creating a locked-down operating system that keeps malicious software away from its elegant handsets and deters potential attackers.

Android continues to be the most targeted mobile operating system. Cisco’s 2014 Annual Security Report claimed that 99% of mobile malware spotted in 2013 was aimed at Google’s smartphone operating system – the report was swiftly tweeted by Apple’s Phil Schiller as his latest jab at Android.

Yet there remain some alarming facts for iPhone owners to take on board. First, its iOS software is far from flaw-free. In a 2013 report, Symantec claimed that there were 387 documented security holes in iOS in 2012, compared to just 13 for Android.

When Apple released its iOS 7 software in 2013, it patched a whopping 70 flaws. And while vulnerabilities do not always equate to threats, it’s clear from this data that iOS is far from invincible. What’s more, there are a myriad of ways outsiders can try to pilfer data from iOS. Given the popularity of Apple’s devices, attackers will be hungry to exploit them.

Target the apps

If you’ve been reading the Guardian’s coverage of online surveillance by agencies including the NSA and GCHQ, you’ll already know that one way to gather data from smartphones is to exploit vulnerabilities in apps. A variety of techniques can be employed by attackers in this respect.

One notable problem uncovered by an Israeli start-up, SkyCure, was the insecure use of what’s known as the “301 Moved Permanently” HTTP feature found in many applications on iOS, which lets developers easily switch the Internet addresses apps use to acquire data. It’s often used when services are switching domains.

SkyCure found attackers sitting on the same network as a user of a vulnerable app could easily switch those Internet addresses with their own malicious site. Even when users left that network, as iOS cached the malicious URL, when they continued to use the application they would still hit that bad site, which could be used to carry out exploits on the user’s phone.

At least three of the biggest US media outlets had such a flaw in their consumer-facing applications, says Yair Amit, co-founder and chief technology officer of Skycure. “You can persistently and remotely control how the application is working,” he warns.

“It’s possible because most applications are loading information or commands from their server to execute on the client with no indication of the actual source. I’ve been working with many pretty well-known papers as well as other big vendors on other applications, like finance and podcasts, and patches are going out.”

Amit is planning to detail some more “neat techniques” for exploiting iOS at the RSA Conference in San Francisco this month, but cannot reveal more as he works with Apple to mitigate the threat.

Insecure data

Developers, whether producing iOS applications for workers or for the wider public, often rely too heavily on the device to store data too. If done insecurely, this allows attackers sitting on the same network as an iPhone user, such as a public Wi-Fi network, to potentially scoop up information being sent to and from the app.

“It is easy to make mistakes such as storing user data (passwords/usernames) incorrectly on the device, in the vast majority of cases credentials get stored either unencrypted or have been encoded using methods such as base64 encoding (or others) and are rather trivial to reverse,” says Andy Swift, mobile security researcher from penetration testing firm Hut3.

“This mistake extends to sending data too, if developers rely on the device too much it becomes quite easy to forget altogether about the transmission of the data. Such data can be easily extracted and may include authentication tokens, raw authentication data or personal data. At the end of the day if not investigated, the end user has no idea what data the application is accessing and sending to a server somewhere.”

Another common problem in iOS apps, according to Cesar Cerrudo, chief technology officer for security research and consultancy firm IOActive Labs, is improper or lack of validation of data received by the application. This allows attackers to send malicious data to the app and have malicious code executed on the user device to steal information.

All of these attacks could easily be executed on public or unprotected Wi-Fi networks, so you should be especially careful when using such services, refraining from sharing sensitive data over them. And they should avoid any untrusted networks.

Using stolen certificates

Apple has been particularly good at defending iPhones and iPads from malware. Yet there are ways to game the system to get rogue apps on iOS devices.

Stolen certificates can be particularly handy. Even though they can be tricky to acquire, some are bought and sold on underground forums, others nabbed during attacks on businesses. These certificates are designed to sign applications, providing validation they were created by legitimate parties.

For iOS, they come in various flavours, the most common one being for developers who want to publish on the official App Store. But there are also certificates for signing in-house applications, where IT teams send out apps and updates via their own infrastructure, rather than using the App Store.

If an attacker can get hold of a valid certificate, they can target specific employees by enticing them into downloading malicious applications, as Michael Shaulov, chief executive of San Francisco-based firm Lacoon Mobile Security demonstrates during a one-on-one presentation over WebEx.

He shows me a mock phishing email, urging a user to download a security update. When the user clicks on the download link, they are asked by the device whether they want to install. If they click yes, as many would do if the email appeared to legitimately come from their employer, the malware downloads on to the iPhone.

In the example Shaulov uses, a fake enterprise email client is downloaded. He uses that fake app to collect information such as calendar, geolocation and contact data, or even switch on recording without any user intervention. “This is all done on a completely fresh iOS 7 non-jailbroken device. You can facilitate such an attack without much effort,” he adds.

“A lot of enterprises are now ahead of the curve with their mobility and are distributing in-house applications in such a way that it becomes a very reasonable phishing target. People are familiar with this way that IT delivers a new application, so they just click that malicious link.”

Bypassing App Store protections

Whilst using stolen certificates is handy for targeted hits where the hackers want to avoid all the code checking that the App Store provides, the holy grail for iOS attackers is getting malware into Apple’s walled garden - the official App Store, which has only ever hosted one rogue app.

Given Apple doesn’t allow anti-virus to work on its mobile machines, acquiring masses of malware downloads from its official market would be a major coup for a digital criminal.

There are precedents. Researchers from the Georgia Tech Information Security Center have previously shown off a way of sneaking a bad app into the store. They sent in what appeared to be a legitimate piece of software and Apple accepted it. But once the app was installed on a user device it would rearrange its code to enable more malicious features, such as stealing photos and sending emails.

Others have created nifty pieces of iOS malware. Neal Hindocha, a researcher from security company Trustwave, is planning to demonstrate a keylogger at RSA Conference that can monitor everything on an iPhone, right down to the swipes of a touchscreen. It will only work on a jailbroken device, however, where security protections stopping applications having too much power are removed.

Jailbreaking and jumping out of the sandbox

Another potentially nasty attack vector can come from website attacks that launch a kernel-level exploit, cutting right to the heart of iOS and handing user privileges to a hacker. This is one of the most difficult ways to break iOS, especially when the attacker is doing the work remotely rather than having direct access to the device. 

Apple has covered off all known kernel vulnerabilities in the latest version of iOS, but researchers have theorised on possible future attacks. Tarjei Mandt, senior vulnerability researcher at Azimuth Security, has beenprobing the ways iOS allocates memory and believes he has found a potential weakness.

It lies in what is known as the new “zone page metadata structure”, which is designed to improve the performance of the operating system’s zone allocator, used for organising memory by size, dividing memory into regions, or zones.

A hypothetical attack would see the hacker trick this metadata structure, information from which is taken by the code doing the memory allocation, into writing remote code into the memory pages of the device.

“If you have a memory corruption vulnerability, the idea [for the attacker] is that you can target this structure to overwrite the information that it contains,” he says. “If you have the ability to corrupt that data structure… you’ll essentially be able to gain an arbitrary right [a privilege allowing an attacker to write to the device], which is pretty much the end goal of any exploit.”

The attacker could direct a target to a website, where a browser vulnerability would be exploited to initiate attack code. The kernel flaw would then be used to jump out of the Apple sandbox, an emulation technology that runs code to see if it’s malicious before executing it. In theory, this chained approach would eventually lead to malicious software being lumped on the iPhone.

Another way of getting root access to a phone is to jailbreak it by physically grabbing it and using known tools like evasi0n, which requires the iPhone be connected to a PC by USB, to gain user privileges. Malware could then be installed for persistent attacks.

Lacoon has data showing that iOS is the favourite target of those running spyphones, buyable software that does what it says on the tin, monitoring jailbroken devices. In an analysis of 650,000 users from a major telecoms partner, Lacoon found 57% of the 650 infected machines were based on iOS.

If all this sounds worrying, there’s one encouraging piece of advice: the best strategy for the average iPhone owner is quite simple: keep your device within your line of sight, and don’t click on any suspicious links.