Update fixes serious iOS flaw

mike123abc

Too many cables
Original poster
Supporting Founder
Sep 25, 2003
25,565
4,841
Norman, OK
http://www.tomsguide.com/us/how-to-apple-emergency-patches,news-18355.html

The flaw essentially causes SSL not to work properly so people on public WiFi can do a man in the middle attack on your SSL connections.

Even worse, the flaw seems to affect recent versions of Mac OS X, for which a patch is not yet available.

If you have a device running iOS 6 or 7, and you're not connected to a stranger's Wi-Fi network, patch it now — we've got instructions below. If you're running Mac OS X on a laptop, don't use public Wi-Fi networks, even those at your favorite coffeeshop.

The flaw also affects second- and third-generation Apple TVs, which received a patch.

"I know what the Apple bug is," tweeted Matthew Green, a cryptography expert who teaches at Johns Hopkins University in Baltimore. "And it is bad. Really bad."
 
There was an Update for my AppleTV, too. I wouldn't think it would be as susceptible to this sort of attack to warrant an update, but the timing is too much of a coincidence.

Edit: and, wah, the Beatles app is history. :(
 
There was an Update for my AppleTV, too. I wouldn't think it would be as susceptible to this sort of attack to warrant an update, but the timing is too much of a coincidence.

Edit: and, wah, the Beatles app is history. :(

Yeah the article mentioned it was fixed on Apple TV too, but I do not know of many that would take their Apple TV and use it on other networks...
 
Yeah the article mentioned it was fixed on Apple TV too, but I do not know of many that would take their Apple TV and use it on other networks...

I have Apple TV installed at work for presenters to use in in our conference center and theater. HD projectors in both areas...
 
I have Apple TV installed at work for presenters to use in in our conference center and theater. HD projectors in both areas...

Yeah, but I bet you have control over the work network. The flaw happens when using public wifi and someone impersonates the hot spot, acts as a man in the middle and breaks the HTTPS connection.
 
It's not iOS, but Lion, Mountain Lion, and Mavericks all got the SSL fix in addition to Safari. Lion and Mavericks required a reboot after applying the update(s).
 

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)

Who Read This Thread (Total Members: 1)

Latest posts