Yes, even Apple has security problems sometimes. They also have problems with other things, like maps. Still, that hasn’t stopped them from becoming one of the biggest tech companies in the world and one of our favorite companies too.

Even if we do love all-things Apple (well, most of us anyway) that doesn’t mean we won’t tell you when the company has a problem. Case in point this time is a security vulnerability recently discovered in iOS 6.1.

This vulnerability allows an iPhone’s unlock passcode to be bypassed, giving unauthorized users access to the device’s Phone app, contacts, voicemail and photos. Yeah, that’s not cool.

Recognizing that they have a problem, an Apple spokesperson confirmed to the website AllThingsD that the company is aware of the issue and plans to release a fix in a future software update.

And yes, there’s also video of this vulnerability in action. If you want to see it, check it out after the break.

Even though most of us who upgrades to Apple’s new iPhone 4S are loving our new devices, according to reports there’s a potential threat to our happiness lurking just under the surface. Now, before you get too worried, this “threat” requires a specific set of circumstances most users will never encounter.

However, if  you happen to leave your iPhone 4S in a cab, for example, the person who finds it can potentially access your address book, appointments and more by using Siri, even if your iPhone 4S is locked with a passcode. That’s right, even if it’s locked.

However, all is not lost and there’s a simple fix for this issue. To prevent someone from accessing Siri and your info while the iPhone 4S is locked, simply go to Settings> General> Passcode Lock. Once there toggle the option for “Allow access to Siri when locked with a passcode” to Off.

The iPhone 4S will now require the the phone to be unlocked before it allows access to Siri. There, problem solved.

Don’t you wish all problems could be solved this easily?

After nearly two and a half months since hackers compromised its network, it looks like Sony is close to restoring full service for users of its PlayStation network later this week. The final piece will be when the company takes the service back online in Japan. Of course, the company has been saying it will get things back online for awhile now.

According to Bloomberg, Sony has been working with the FBI to identify the LulzSec hackers who were responsible for the attack on its San Diego data centers, during which the hackers obtained account information for more than 100 Million PlayStation Network users. Reportedly, LulzSec rented and used servers from Amazon.com’s cloud service to facilitate the attack.

The attack is the second-largest online data breach in U.S. history, and will cost the company an estimated $173 Million in direct costs to repair and shore up its security. The actual cost in terms of the company’s brand and consumer confidence has yet to be measured.

Chairman Howard Stringer told shareholders last week the services will continue to be a main source of growth. Sony CEO Howard Stringer apologized after the attacks and offered a year of identity theft protection to those affected by the breach, as well as a free month of access to PSN.

If you’ve been wondering what the heck happened to Sony’s Playstation Network (its been “unavailable” for several days), now we know. On Tuesday, Sony issued a statement explaining the recent PlayStation Network and Qriocity issues. The company said it discovered that between April 17th and April 19th someone broke into its network and stole user information.

In an effort to stop the security breach, Sony temporarily denied access for everyone to its PlayStation Network and Qriocity services. The company also hired a security firm to investigate and started increasing its security infrastructure.

Sounds goo so far, right? Sony found a problem and is taking steps to correct it.

Well, it gets worse. Here’s part of Sony’s statement:

We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

Sony said that it doesn’t think credit card data was taken, but it will not rule out the possibility. The company said it’s possible credit card numbers – excluding security codes – may have been obtained by the intruders. The firm advises that its customers “remain vigilant” by closely monitoring credit statements.

Sony says the Playstation network and related services will be reactivated as soon as possible and that customers can dial 1-800-345-7669 with any questions.

Click through for Sony’s official statement. Why do a few assholes have to ruin it for everyone else?

On Friday, Google quietly rolled out a new beta feature for it’s core search service, dubbed ‘Google with SSL.’ While a post on the official Google blog implied that while this new secure connection would eventually be made available on the vast majority of its ancillary services, only the core search property would be part of this public beta for now.

Most consumers are used to seeing banking or e-commerce services use what are known as Secure Sockets Layer (SSL) connections to encrypt information that travels between your computer and their service. However this is a first for any major search engine and something that competitors Yahoo and Microsoft’s Bing have yet to implement.

Usually recognized by a web address starting with “https” along with a browser lock icon, this technology is regularly used to secure log-in areas and to prevent sensitive data from being intercepted. But now, search users will be able to take advantage of this privacy-enhancing feature to help protect their search terms and their search results pages from being intercepted by a third party on your network.

U.S.-based users can begin using the new secure version of Google Search by simply adding a ‘https://’ in front of the standard ‘www.google.com’ URL. The new secure search mode will be rolled out to the rest of the world over the next few days.

Given the storm of bad press and user revolts Facebook has been suffering since announcing their “Open Graph” feature to better spread its data across the web, it’s rather puzzling that the company would announce an unrelated new security feature. But, announce it they did. With well-known tech pundit and podcaster Leo Laporte deleting his Facebook account on-the-air, Facebook has announced a new security method that ties your account to certain known computers and devices.

Similar to a method already in-use by most U.S. banking entities, Facebook will recognize computers and devices you typically log-in with, however when an unknown device attempts to log-in, you will be required to answer a challenge-response question to verify your identity. Facebook users will be able to approve which computers and mobile devices are allowed to log-in, and when an unauthorized attempt occurs, an email or text message will alert the user of the unauthorized access attempt.

While this heightened security is certainly unique in the social networking world, it does nothing to address the serious privacy issues being expressed about how Facebook data is being extended and used by unknown and potentially untrustworthy third-party web sites. Even Congress is getting involved, with four Democratic senators calling on Facebook CEO Mark Zuckerberg to reconsider the recent changes in its privacy settings and asking the Federal Trade Commission to streamline guidelines regarding privacy on all social networks.

After the jump, I describe how to activate Facebook’s new authorized device/log-in notification feature, so read on if you’d like to try it for yourself.