Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to HackersIf you are the proud owner of an Apple device, listen up! On Friday, Apple revealed a major SSL (Secure Socket Layer) vulnerability in its software; so, what does that mean to you? Well, hackers can intercept and alter communications, like email and login credentials, on any Apple device because communications that are meant to be encrypted are not.

Because of this vulnerability, a man-in-the-middle (MITM) attack can seamlessly intercept communications, including unencrypted passwords, between you and your intended recipient or website. The attacker is able to act like a proxy, reading, inserting and modifying the data by using a fake certificate of authority to trick the device into thinking it is interacting with a trusted host.

Apple responded immediately by rushing out a new version of iOS for tablets and phones to patch this vulnerability, but it was only issued for iPhones, generation 4 or later; iPod touch, 5th generation and iPad, 2nd generation, while a blunt statement was found on Apple’s support site: The software “failed to validate the authenticity of the connection.”

By the way, did you notice that Mac computers were not mentioned regarding the new version of iOS? That’s because they are currently being left hanging without a patch.

For those of you with newer Apple devices, most of them should have automatically updated with the patch to deter this SSL vulnerability. If not, however, I suggest going to your settings icon immediately and updating your software. And, for the Mac computers left out, I guess you’re “on a wing and a prayer” right now since I’m sure hackers are already studying the patch to develop programs to take advantage of Apple’s flaw.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • ADI Control4 product image

    ADI Control4® X4 & Control4® Connect

    Drive long-term system value and reduce post-installation friction with a visually redesigned control interface paired with a secure, future-ready smart service framework.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Zenitel Cloud RMM

    Zenitel Cloud Remote Monitoring & Management (RMM)

    Enhance operational uptime and slash maintenance costs across multi-site environments with secure, centralized cloud-based system diagnostics and lifecycle management.