Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to HackersIf you are the proud owner of an Apple device, listen up! On Friday, Apple revealed a major SSL (Secure Socket Layer) vulnerability in its software; so, what does that mean to you? Well, hackers can intercept and alter communications, like email and login credentials, on any Apple device because communications that are meant to be encrypted are not.

Because of this vulnerability, a man-in-the-middle (MITM) attack can seamlessly intercept communications, including unencrypted passwords, between you and your intended recipient or website. The attacker is able to act like a proxy, reading, inserting and modifying the data by using a fake certificate of authority to trick the device into thinking it is interacting with a trusted host.

Apple responded immediately by rushing out a new version of iOS for tablets and phones to patch this vulnerability, but it was only issued for iPhones, generation 4 or later; iPod touch, 5th generation and iPad, 2nd generation, while a blunt statement was found on Apple’s support site: The software “failed to validate the authenticity of the connection.”

By the way, did you notice that Mac computers were not mentioned regarding the new version of iOS? That’s because they are currently being left hanging without a patch.

For those of you with newer Apple devices, most of them should have automatically updated with the patch to deter this SSL vulnerability. If not, however, I suggest going to your settings icon immediately and updating your software. And, for the Mac computers left out, I guess you’re “on a wing and a prayer” right now since I’m sure hackers are already studying the patch to develop programs to take advantage of Apple’s flaw.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

New Products

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.