Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 25 February 2014 / Published in Woo on Tech

Serious Security Hole Revealed in iOS

Apple Logo

Usually Apple is able to sit on the sidelines of today’s technology security circus , enjoying a (debatable) reputation for being more secure than Windows and even Android. Unfortunately, it had to step into center stage this week and own up to a security flaw in its core networking code used in both iOS and OS X. And not just a little one either: this one affects how SSL-encrypted network traffic is handled, and it affects iPhones, iPads running iOS 6 or 7, and any computer running OS X 10.9 “Mavericks”.

What this means for you:

In a nutshell, the bug essentially prevents the affected device from verifying the identity of the certificate used to guarantee the SSL encryption. When your Apple device fires up a secure connection using SSL, the first thing it’s suppose to do is check the SSL certification of the destination by verifying it’s identity. Except, in the case of the bug, it doesn’t but reports back to the device that everything is OK. This would be the equivalent of putting a blind doorman in front of your bar to check ID’s. Apple has released a patch for iOS 6 and 7, but still has not issued a fix for the OS X platform.

For now, until you verify you’ve patched your mobile device with the latest security update for your version of iOS, I recommend against using any applications that transmit confidential data (your’s or your client’s) over the internet. On the desktop/laptop side, avoid using Safari until OS X is patched, and switch to a browser like Chrome or Firefox, both of which implement their own SSL code that is not affected by this flaw. To keep track of whether or not Apple has fixed this hole, you can visit: http://hasgotofailbeenfixedyet.com/

Update: As of Feb 25, Apple has issued a patch for OS X 10.9. Make sure your Apple devices update to the latest version of their corresponding operating system.

  • Tweet
Tagged under: Apple, confidential, encryption, flaw, safari, security, ssl, vulnerability

What you can read next

July 12 is the Day of Action for Net Neutrality
Doubt no more – the “Internet” knows who you are
iOS 6 Jailbroken
Jailbreaking iPhones Becoming More Popular

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Social Media monetizes our need to be social

    Part of our occasional series “The Elepha...
  • Freemail accounts will be hacked

    Most of you know that I do not recommend using ...
  • LastPass Breach is bad news for everyone

    Late in the year, just in time for the holidays...
  • 2023 – Approach with Caution

    Traditionally I like my year-end messages to be...
  • Privacy sign

    Popular tax apps leaked your data to Facebook

    While it shouldn’t come as a surprise to any of...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP