Secured Connection Vulnerabilities on Apple Devices

Paul MorganBlog

apple security flaw

apple security flawAre you like most of us and own and use an Apple device (phone, laptop, or tablet)? Unfortunately, an extremely concerning security flaw has been reported that’s so bad that developers won’t even discuss details (to prevent giving hackers insight into how to exploit the hack).

The security flaw affects SSL/TLS connections for the devices, which normally prevent eavesdropping on your communications. If you use an iOS or OS X device, your communications could potentially be intercepted through what is known as a “man in the middle” attack– without your knowledge in any way, your “secured” connections could be intercepted in plain text by an attacker.

If you have an iOS device (iPhone, iPad), an update to correct this vulnerability was released on Friday to correct the problem. I urge everybody that uses this device to immediately update iOS to version 7.0.6. If you are using an OS X device (iMac, Macbook), there is no patch currently available to correct this. This vulnerability affects Safari as well as most iCal, Mac Mail, and numerous other applications. Until a patch is released by Apple and installed on your machine, I recommend using exclusively Google Chrome or Mozilla Firefox for internet browsing and avoiding the use of any other internet-enabled programs for which security is a concern.

More details regarding the problem are available from Gizmodo, along with a more in-depth analysis of the nature of the vulnerability: