[Tech ARP] Apple iOS (And OS X) Have A Critical Security Hole And The Fix Is Here
No replies to this topic
Posted 23 February 2014 - 03:35 PM
We have just posted an article called *Apple iOS (And OS X) Have A Critical
Security Hole And The Fix Is Here*.
Quote : On Friday, the 21st of February, Apple acknowledged that they had a
critical security hole in their iOS operating system. It was specifically
an SSL (Secure Socket Layer) vulnerability in iOS and OS X that exposes iOS
and OS X devices to a "man in the middle" attack.
Apparently, Apple used "raw OpenSSL for HTTPS, but didn't include hostname
verification". This is a glaring flaw because it would allow anyone with a
valid SSL certificate to masquerade as a trusted website to harvest your
communications or login information.
There is speculation that this could well be the security hole which the
NSA exploited to insert the DROPOUTJEEP software implant, probably using
automatic updates via SSL.
Link : *http://www.techarp.com/showarticle.aspx?artno=804*<http://www.techarp.c...aspx?artno=804>
We hope you will post this news on your website. Please feel free to send
your news to news ( -at -) *techarp.com* <http://techarp.com/> and we will
Tech ARP : *http://www.techarp.com/* <http://www.techarp.com/>
Tech ARP : *http://techarp.com/* <http://techarp.com/>
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users