Page 1 of 1

Update your iThings: Apple splats SSL snooping bug in iOS 6,

Posted: Sat Feb 22, 2014 3:13 pm
by knuckles
Apple has issued updates for its mobile operating system iOS to patch a bug that blew apart the integrity of encrypted connections in the right conditions.

Versions 7.0.6 and 6.1.6, available now for download, fixes a vulnerability that could allow "an attacker with a privileged network position" to "capture or modify data in sessions protected by SSL/TLS," according to the Cupertino corp. This is due to the Secure Transport component of the operating system failing to validate "the authenticity of the connection," suggesting some sort of failure to verify the certificate or identity of whatever system a vulnerable iDevice was connected to.
http://www.theregister.co.uk/2014/02/21 ... erability/

Re: Update your iThings: Apple splats SSL snooping bug in iO

Posted: Thu Jun 04, 2015 2:51 pm
by Inuyashar
Content they are looking for the source of interference, which some sources say they have learned.