security flaw April 27

AAPL: 97.82

-6.53
Stock Chart

The FBI has decided it will not divulge the details of how it successfully hacked into the San Bernardino iPhone to Apple, having found a method at the last-minute just hours before going to court in late March. However, in an attempt to appear helpful and cooperative, the FBI gave Apple its first security tipoff under the Vulnerability Equities Process this month.

Reuters reports the FBI informed Apple of a security flaw affecting iOS and Mac software  on April 14th, as part of a process that balances the needs of law enforcement to hack devices and the needs of manufacturers to patch found flaws before criminals can use them …

expand full story

security flaw April 21, 2015

The buggy code highlighted by arsTechnica
Comments (9)

A bug in the way that 1,500 iOS apps establish secure connections to servers leaves them vulnerable to man-in-the-middle attacks, according to analytics company SourceDNA (via arsTechnica). The bug means anyone intercepting data from an iPhone or iPad could access logins and other sensitive information sent using the HTTPS protocol.

A man-in-the-middle attack allows a fake WiFi hotspot to intercept data from devices connecting to it. Usually, this wouldn’t work with secure connections, as the fake hotspot wouldn’t have the correct security certificate. However, the bug discovered by SourceDNA means that the vulnerable apps fail to check the certificate …  expand full story

security flaw December 16, 2014

9to5toys 

security flaw November 13, 2014

security flaw July 23, 2014

Submit a Tip

cancel

Submitting a tip constitutes permission to publish and syndicate. Please view our tips policy or see all contact options.

Powered by WordPress.com VIP