Hypertext Transfer Protocol Stories August 28, 2015


One of the backend improvements in iOS 9 is a strengthening of app security when accessing data from webservers. The new App Transport Security (ATS) feature ensures that only connections encrypted using HTTPS are permitted. There’s just one problem with that: not all advertisers use HTTPS, so ATS will stop some ads appearing in apps.

Google has responded by providing developers with five lines of code that allow them to disable ATS …  expand full story

Hypertext Transfer Protocol Stories April 21, 2015

The buggy code highlighted by arsTechnica

The buggy code highlighted by arsTechnica

A bug in the way that 1,500 iOS apps establish secure connections to servers leaves them vulnerable to man-in-the-middle attacks, according to analytics company SourceDNA (via arsTechnica). The bug means anyone intercepting data from an iPhone or iPad could access logins and other sensitive information sent using the HTTPS protocol.

A man-in-the-middle attack allows a fake WiFi hotspot to intercept data from devices connecting to it. Usually, this wouldn’t work with secure connections, as the fake hotspot wouldn’t have the correct security certificate. However, the bug discovered by SourceDNA means that the vulnerable apps fail to check the certificate …  expand full story

Hypertext Transfer Protocol Stories February 17, 2012

[vodpod id=Video.16105462&w=425&h=350&fv=file%3Dhttp%3A%2F%2Fwww.wnyc.org%2Faudio%2Fxspf%2F187667%2F%26amp%3Brepeat%3Dlist%26amp%3Bautostart%3Dfalse%26amp%3Bpopurl%3Dhttp%3A%2F%2Fwww.wnyc.org%2Faudio%2Fxspf%2F187667%2F%253Fdownload%253Dhttp%253A%2F%2Fwww.podtrac.com%2Fpts%2Fredirect.mp3%2Faudio.wnyc.org%2Fbl%2Fbl021712bpod.mp3]

We have talked about the more technical aspects of contact uploading, but NPR gave a more mainstream interpretation. expand full story

Powered by WordPress VIP