Tags: apple | security | flaw

Apple Security Flaw Compromises iOS, OSX, Opening Door for Hackers

Monday, 24 Feb 2014 01:51 PM

By Clyde Hughes

  Comment  |
   Contact  |
  Print   |
    A   A  
  Copy Shortlink
Apple is trying to fix a major security flaw on its mobile device software that could allow hackers to capture email and other communications that are supposed to be encrypted.

According to Reuters, the flaw could allow hackers to have access to the user's mobile network, giving them the power to alter exchanges between the user and protected sites such as Gmail and Facebook. The news agency said governments with telecom carrier data access could do the same.

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

Apple did not disclose how it learned of the flaw nor did it say whether the flaw was currently being exploited by hackers. The company did say on its support website that the security software "failed to validate the authenticity of the connection."

The security flaw affects Apple's iOS mobile operating system and its desktop OSX software through reverse engineering security updates.

"This enables an adversary to masquerade as coming from a trusted remote endpoint, such as your favorite webmail provider and perform full interception of encrypted traffic between you and the destination server," wrote Crowdstrike’s researchers, according to Forbes. The bug also "give(s) them a capability to modify the data in flight (such as deliver exploits to take control of your system)."

Researchers told Forbes that the vulnerability allows communications to be eavesdropped or corrupted and could be used as a backdoor implanted to offer access to the National Security Agency or others.

"This sort of subtle bug deep in the code is a nightmare," Adam Langley, a Google security staffer, told Forbes, stating that its creation may have been by accident. "I believe that it's just a mistake and I feel very bad for whomever might have slipped in an editor and created it."

Reuters' Joseph Menn said the fact that hackers had not reportedly taken advantage of the flaw before last week's announcement lends to evidence that they may not have known it was there, either.

"Until Apple releases a patch of its own, users should update their iOS devices to the latest version, use Chrome and Firefox rather than Safari, and try to avoid untrusted networks," Forbes' Andy Greenberg wrote.

Editor's Note: Do You Support Obamacare? Vote in Urgent National Poll

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print   |
  Copy Shortlink
Send me more news as it happens.
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

US Officials '99% Certain' North Korea Behind Sony Cyberattack: Report

Wednesday, 17 Dec 2014 20:51 PM

U.S. officials have determined with "99 percent certainty" that the North Korean government is behind the cyberattack on . . .

AMC MoviePass: Subscription Service Lets Viewers See Daily Movies

Wednesday, 17 Dec 2014 20:29 PM

AMC Theaters has joined startup MoviePass on a pilot program that will offer a subscription service for in-theater movie . . .

Socialmatic Camera Prints Polaroids and Posts Them to Social Media

Wednesday, 17 Dec 2014 19:53 PM

Polaroid will soon offer the Socialmatic camera, which both prints photos and posts them to social media. . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved