Tags: apple | security | flaw

Apple Security Flaw Compromises iOS, OSX, Opening Door for Hackers

Monday, 24 Feb 2014 01:51 PM

By Clyde Hughes

  Comment  |
   Contact  |
  Print  
|  A   A  
  Copy Shortlink
Apple is trying to fix a major security flaw on its mobile device software that could allow hackers to capture email and other communications that are supposed to be encrypted.

According to Reuters, the flaw could allow hackers to have access to the user's mobile network, giving them the power to alter exchanges between the user and protected sites such as Gmail and Facebook. The news agency said governments with telecom carrier data access could do the same.

Urgent: Do You Approve Or Disapprove of President Obama's Job Performance? Vote Now in Urgent Poll

Apple did not disclose how it learned of the flaw nor did it say whether the flaw was currently being exploited by hackers. The company did say on its support website that the security software "failed to validate the authenticity of the connection."

The security flaw affects Apple's iOS mobile operating system and its desktop OSX software through reverse engineering security updates.

"This enables an adversary to masquerade as coming from a trusted remote endpoint, such as your favorite webmail provider and perform full interception of encrypted traffic between you and the destination server," wrote Crowdstrike’s researchers, according to Forbes. The bug also "give(s) them a capability to modify the data in flight (such as deliver exploits to take control of your system)."

Researchers told Forbes that the vulnerability allows communications to be eavesdropped or corrupted and could be used as a backdoor implanted to offer access to the National Security Agency or others.

"This sort of subtle bug deep in the code is a nightmare," Adam Langley, a Google security staffer, told Forbes, stating that its creation may have been by accident. "I believe that it's just a mistake and I feel very bad for whomever might have slipped in an editor and created it."

Reuters' Joseph Menn said the fact that hackers had not reportedly taken advantage of the flaw before last week's announcement lends to evidence that they may not have known it was there, either.

"Until Apple releases a patch of its own, users should update their iOS devices to the latest version, use Chrome and Firefox rather than Safari, and try to avoid untrusted networks," Forbes' Andy Greenberg wrote.

Editor's Note: Do You Support Obamacare? Vote in Urgent National Poll

Related Stories:

© 2014 Newsmax. All rights reserved.

  Comment  |
   Contact  |
  Print  
  Copy Shortlink
Send me more news as it happens.
 
 
Get me on The Wire
Send me more news as it happens.
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Country
Zip Code:
Privacy: We never share your email.
 
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
You May Also Like

Passengers Push Plane on Icy Russian Runway (With Help of a Tractor)

Wednesday, 26 Nov 2014 20:45 PM

Passengers on a Russian plane got off to push the aircraft to help get it on the runway after it began slipping on ice i . . .

Bernie Tiede, Convicted Murderer Mortician, to Get New Sentencing

Wednesday, 26 Nov 2014 17:39 PM

Bernie Tiede, the mortician who was convicted of killing his companion Marjorie Nugent in 1996, will receive a new sente . . .

Chrysler Pentastar Logo Getting Phased Out With FCA Formation

Wednesday, 26 Nov 2014 15:51 PM

Chrysler's iconic Pentastar logo is being phased out as the company introduces a new logo in keeping with the newly form . . .

Top Stories

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved