Skip to main content

Apple Decides That Dead Silence Is The Best Way To Address Major Encryption Flaw On OS X

posted onFebruary 25, 2014
by l33tdawg

Apple on Friday issued an update that fixed a rather severe vulnerability in their SSL/TLS implementation in iOS. In short, the flaw allowed any hacker the ability to intercept data during supposedly secure and encrypted transfers when using an iPhone, iPad or iPod Touch on a public network. Estimates suggest that the vulnerability was introduced in iOS 6.0 back in September 2012 (Apple was added as a PRISM partner in October 2012, utterly circumstantial but just sayin'). After some reverse engineering of the patch, people discovered it overhauled some fairly major portions of iOS.

The bigger problem is they discovered during that analysis it also impacts Apple laptops and desktops running Apple’s OS X (there's a few of those out there). The original bug existed for some time before being detected, and at the moment there's not only no fix in place for laptop and desktop users, but Apple hasn't issued any statements warning customers that everything they do at the coffee shop is potentially exposed.

Source

Tags

Apple OS X Security Encryption

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th