SSL Stories May 10

AAPL: 93.42

0.63
Stock Chart

Apple subsidiary FileMaker is today releasing FileMaker 15, introducing a number of notable additions for mobile device users as well as a host of other new features and enhancements for the platform.

expand full story

SSL Stories July 23, 2014

SSL Stories May 25, 2014

Apple’s SSL certificate that is responsible for verifying and authenticating connections to Apple’s Mac App Store software update servers has expired, causing the Mac App Store to issue errors like those above. Another error notification points to the swscan.apple.com server as being the issue, below.

Server-cert-error

 

A quick search shows that this SSL certificate expired yesterday May 24th at midnight.

Screenshot 2014-05-25 13.11.59

expand full story

9to5toys 

SSL Stories April 17, 2014

SSL Stories March 19, 2014

SSL Stories February 25, 2014

ssl

Update: The bug has been fixed in OS X 10.9.2

Security consultant Aldo Cortesi said in a blog post (via ZDNet) that it took him less than a day to exploit the goto fail bug in OS X to capture all SSL traffic, and that there’s a good chance he isn’t the first to have done so – an implicit suggestion that the vulnerability may already be being used in man-in-the-middle attacks.

I’ve confirmed full transparent interception of HTTPS traffic on both IOS (prior to 7.0.6) and OSX Mavericks. Nearly all encrypted traffic, including usernames, passwords, and even Apple app updates can be captured. This includes:

  • App store and software update traffic
  • iCloud data, including KeyChain enrollment and updates
  • Data from the Calendar and Reminders
  • Find My Mac updates
  • Traffic for applications that use certificate pinning, like Twitter …  expand full story
9to5google 

Submit a Tip

cancel

Submitting a tip constitutes permission to publish and syndicate. Please view our tips policy or see all contact options.

Powered by WordPress.com VIP