26 February 2014

Apple for the day


The BBC has an article about an Apple software glitch:
Apple has issued a fix to a flaw in its OS X operating system which previously left users vulnerable to security breaches while browsing online. A software update was released last week to iPhone, iPad, and iPod owners to protect users from "an attacker" who may "capture or modify data". It was later discovered that the problem also existed on Apple laptops and desktop computers running OS X.
The problem was first spotted on Apple's mobile devices which run the iOS 7 operating system. It related to the way secure connections are made between Apple's safari browser and websites, including banking sites, Google, and Facebook.
These sites have digital security certificates that allow an encrypted connection to be established between a user's computer and the website. This means any data that is sent over the connection should be secure. However, a vulnerability in the code for Apple's iOS and OS X operating systems meant the security certificates were not being checked properly. This meant hackers could impersonate a website and capture the data that was being sent over the connection before letting it continue its journey to the real website.
Apple released a fix for mobile devices running iOS 7 last week but a spokesperson issued the following statement about OS X: "We are aware of this issue and already have a software fix that will be released very soon." The fix was released on Tuesday.
According to researchers, the security flaw had existed for months but no one had reported it publicly.
Graham Cluley, a security analyst, said it was a failing by the company that it had not been identified earlier. "It's pretty bad what Apple has done, they've seriously dropped the ball. How much the problem has been exploited is hard to say. Hackers may now be trying to take advantage while users wait for the security fix."
Rico says hackers should be hunted down and killed, thus solving the problem...

No comments:

Post a Comment

No more Anonymous comments, sorry.