Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to HackersIf you are the proud owner of an Apple device, listen up! On Friday, Apple revealed a major SSL (Secure Socket Layer) vulnerability in its software; so, what does that mean to you? Well, hackers can intercept and alter communications, like email and login credentials, on any Apple device because communications that are meant to be encrypted are not.

Because of this vulnerability, a man-in-the-middle (MITM) attack can seamlessly intercept communications, including unencrypted passwords, between you and your intended recipient or website. The attacker is able to act like a proxy, reading, inserting and modifying the data by using a fake certificate of authority to trick the device into thinking it is interacting with a trusted host.

Apple responded immediately by rushing out a new version of iOS for tablets and phones to patch this vulnerability, but it was only issued for iPhones, generation 4 or later; iPod touch, 5th generation and iPad, 2nd generation, while a blunt statement was found on Apple’s support site: The software “failed to validate the authenticity of the connection.”

By the way, did you notice that Mac computers were not mentioned regarding the new version of iOS? That’s because they are currently being left hanging without a patch.

For those of you with newer Apple devices, most of them should have automatically updated with the patch to deter this SSL vulnerability. If not, however, I suggest going to your settings icon immediately and updating your software. And, for the Mac computers left out, I guess you’re “on a wing and a prayer” right now since I’m sure hackers are already studying the patch to develop programs to take advantage of Apple’s flaw.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.