Page 1 of 2 12 LastLast
Results 1 to 15 of 22
  1. #1


    Member Since
    Sep 10, 2011
    Posts
    1,805
    "Apple mobile devices at risk......"
    I came across this today. Not sure whether it's pertinent but FYI anyway.

    Apple mobile devices at risk of hacking, firm says | Technology | theguardian.com

  2. #2

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    This is only a problem if it manifests itself in something that gets out and widespread before it's patched. Here's hoping Apple beats that person/group to the punch.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  3. #3


    Member Since
    Sep 10, 2011
    Posts
    1,805
    Quote Originally Posted by vansmith View Post
    Here's hoping Apple beats that person/group to the punch.
    I just installed an update to iOS 7.0.6 which appeared to be a fix for SSL verification.

  4. #4

    TattooedMac's Avatar
    Member Since
    May 19, 2009
    Location
    Waiting for a mate . . .
    Posts
    8,380
    Specs:
    21" iMac 2.9Ghz 16GB RAM & 13"MBP 2.9Ghz i7 8GB RAM 10.10.3, iPhone5 & iPad Air 2 iOS 8.3, ATV3
    I have to find the article, but its said that it STILL a problem. SSL and public WIFi is dangerous Why iOS 7.0.6 Is A Way More Important Update Than You Think | Cult of Mac. Thats all you have to do, is NOT use Public WiFi and you will be ok. Thats why we have Data Plans for our phones. I never use Public WiFi anyways, so i know lim safe
    Dont forget to use the Reputation System if someone has helped you out !!!
    Arguing with a zealot is only slightly easier than tunneling through a mountain with your forehead!!!!!
    MoTM ☆☆☆

  5. #5


    Member Since
    Sep 10, 2011
    Posts
    1,805
    Quote Originally Posted by TattooedMac View Post
    Thats why we have Data Plans for our phones. I never use Public WiFi anyways, so i know lim safe
    Yes I agree there.

  6. #6

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by TattooedMac View Post
    Thats all you have to do, is NOT use Public WiFi and you will be ok. Thats why we have Data Plans for our phones. I never use Public WiFi anyways, so i know lim safe
    If it's an SSL issue, I don't think it matters how you connect - the data is still unsecured. The best way around this is do as the article suggests and use applications that don't use Apple's SSL functionality (until this is patched for OS X).
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  7. #7

    McBie's Avatar
    Member Since
    Apr 26, 2008
    Location
    Belgium
    Posts
    2,732
    Specs:
    2013 MBA 13" - OS X 10.11
    With all due respect for Apple, but this is what I call serious neglect, and I choose my words careful.
    This is not " just an issue", this is not just " stuff happens , we are sorry ", this is not just " no big deal ".
    This is neglect, ..... deliberate ..... on purpose. This is not just " an accident ".
    Having a cross platform vulnerability and willingly choosing not to close it immediately is beyond me.
    Forestall had to leave for something with a lot less impact on Apple's user base.

    OS X is more secure than other OS's ...... right ?

    Do I need to say that I am upset, both professionally and as a user.

    /END RANT

    Cheers ... McBIe
    A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
    The bitterness of poor quality remains long after the sweetness of low price is forgotten.

  8. #8

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    I think this line from the Ars article on this issue (source) speaks to what you're bothered with McBie:
    Apple rarely comments on matters involving security, particularly those involving vulnerabilities that remain unpatched.
    It would seem that Apple has an issue with coming to terms with security issues. Taking their sweet time to fix certain things (at this point, it is "sweet time" as this fix should have been pushed out ages ago) and then refusing to comment on it is frustrating.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  9. #9


    Member Since
    Jan 08, 2007
    Posts
    28
    Specs:
    iPod 8GB Nano
    So an iPhone 4 user running iOS 6.1.x is stuck without going to iOS 7...? Is that the jist with this issue, it would seem? Keeping off public WiFi would be an option...and I am not in Sochi...so...

    Thoughts are appreciated. And a 5s is not totally out of the question, but that brings in the whole v6 release question....

    Thx.

  10. #10

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by nunee View Post
    So an iPhone 4 user running iOS 6.1.x is stuck without going to iOS 7...?
    No, iOS6 has been patched.

    Quote Originally Posted by nunee View Post
    Keeping off public WiFi would be an option...and I am not in Sochi...so...
    This is an SSL issue and has nothing to do with WiFi - any data sent is susceptible to this issue. It also doesn't matter if you're on a public or private WiFi network or where you are.

    Quote Originally Posted by nunee View Post
    Thoughts are appreciated. And a 5s is not totally out of the question, but that brings in the whole v6 release question....
    The answer is simple - does the 5s do what you want? If so, buy it. If not, don't. Playing the waiting game will get you nowhere since you'll be waiting forever.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  11. #11

    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,841
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Vansmith - am I correct in assuming that OS X users can workaround this by using a <cough>real<cough> browser like Firefox or Chrome?
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  12. #12

    McBie's Avatar
    Member Since
    Apr 26, 2008
    Location
    Belgium
    Posts
    2,732
    Specs:
    2013 MBA 13" - OS X 10.11
    Your assumption is correct as far as browser applications are concerned :-)
    All the other apps. are still vulnerable.

    Cheers ... McBie
    A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
    The bitterness of poor quality remains long after the sweetness of low price is forgotten.

  13. #13

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by cwa107 View Post
    Vansmith - am I correct in assuming that OS X users can workaround this by using a <cough>real<cough> browser like Firefox or Chrome?
    From what I've read, this issue is specific to OS functionality so only that which is baked into the OS is affected. A test of this is at gotofail.com.

    So yes, any browser but Safari.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  14. #14

    cwa107's Avatar
    Member Since
    Dec 20, 2006
    Location
    Lake Mary, Florida
    Posts
    26,841
    Specs:
    15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD
    Looks like 10.9.2 is out, with the fix in tow.
    Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!

    https://youtu.be/KHZ8ek-6ccc

  15. #15

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,742
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    That was reasonably quick but this fix was one line - it should have been pushed out moments after discovery. There's no need to push this out as part of a larger update specifically.

    Is it obvious that this issue really bothers me? This error was trivial (I saw a developer rip into Apple for this since decent QA should have caught this) but deeply destructive. Sure, nothing huge came of it but that's not the point (to preempt the "but nothing happened" argument).

    I read an article earlier that made an interesting point. In it, someone interviewed mentioned how Microsoft is quick to admit fault and patch things while working with the community. While this makes their software looked comparatively flawed, it's actually not - MS is just much better at recognising that their software is flawed. And this brings me back to what I've been arguing forever which is quite simple: OS X is software like any other and is thus flawed, weak and prone to fault. I still think it's pretty secure but this culture/myth around OS X's impenetrability needs to stop.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. "Enable Access for Assistive Devices" is missing in Yosemite.
    By mgraffeo in forum OS X - Operating System
    Replies: 6
    Last Post: 10-31-2014, 01:08 AM
  2. Can I add my laptop to my iCloud "find my" devices, through Mobile Me?
    By m3orange in forum OS X - Operating System
    Replies: 1
    Last Post: 02-09-2013, 12:56 PM
  3. Why is it a security risk to post as "administrator"?
    By class77 in forum OS X - Operating System
    Replies: 5
    Last Post: 10-18-2011, 12:13 AM
  4. Samsung's Head of Mobile: "We Didn't Copy Apple's Design"
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 4
    Last Post: 06-05-2011, 03:55 PM
  5. "Mobile Me" trademark and Apple
    By mraya in forum Apple Rumors and Reports
    Replies: 0
    Last Post: 01-15-2006, 12:12 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •