Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to Hackers

Apple Encryption Flaw Leaves Data Vulnerable to HackersIf you are the proud owner of an Apple device, listen up! On Friday, Apple revealed a major SSL (Secure Socket Layer) vulnerability in its software; so, what does that mean to you? Well, hackers can intercept and alter communications, like email and login credentials, on any Apple device because communications that are meant to be encrypted are not.

Because of this vulnerability, a man-in-the-middle (MITM) attack can seamlessly intercept communications, including unencrypted passwords, between you and your intended recipient or website. The attacker is able to act like a proxy, reading, inserting and modifying the data by using a fake certificate of authority to trick the device into thinking it is interacting with a trusted host.

Apple responded immediately by rushing out a new version of iOS for tablets and phones to patch this vulnerability, but it was only issued for iPhones, generation 4 or later; iPod touch, 5th generation and iPad, 2nd generation, while a blunt statement was found on Apple’s support site: The software “failed to validate the authenticity of the connection.”

By the way, did you notice that Mac computers were not mentioned regarding the new version of iOS? That’s because they are currently being left hanging without a patch.

For those of you with newer Apple devices, most of them should have automatically updated with the patch to deter this SSL vulnerability. If not, however, I suggest going to your settings icon immediately and updating your software. And, for the Mac computers left out, I guess you’re “on a wing and a prayer” right now since I’m sure hackers are already studying the patch to develop programs to take advantage of Apple’s flaw.

About the Author

Ginger Hill is Group Social Media Manager.

  • Fresh Security Perspective from AMAG’s New Sales Director A Fresh Perspective on Security

    Fred Nelson may be new to the security industry but his sales and leadership methods are time tested, and true. Fred joined AMAG only a few months ago, but brings with him a wealth of experience in sales and life balance solutions. This year is off to a good start for AMAG with new solutions on the horizon.

Digital Edition

  • Security Today Magazine - April 2022

    April 2022

    Featuring:

    • Similarities at Data Centers and Airports
    • Transitioning to the Cloud
    • Going High Tech
    • The Benefits of On-site Security
    • Optimizing Store Layouts

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety