Insert Wildly Unfair iPhone User Joke Here
Reported at RSA2015, by mobile security firm Skycure: “No iOS Zone“, an exploit which can crash any iOS device in range of a maliciously-configured Wi-Fi hotspot. A denial-of-service attack that actually reaches into the operating system itself (and involves how SSL certificates are handled by iOS) means that your cool tech won’t work – even in offline mode. Both Skycure and Apple are a bit vague on details while a solution is hammered out, but since the attack could potentially force an automatic connection, then crash all iOS devices it finds, for the present they recommend only one workaround: “physically running away“.
Insert Your OTHER Wildly Unfair iPhone User Joke HERE
Determined, by analytics service SourceDNA: A major security flaw affecting well over one thousand iOS apps. The issue lies with an older version of the widely-used AFNetworking library – SSL certificate validation checks are bypassed, so basically any HTTPS connection can be approved. This would be a Bad Thing, exposing your iOS device to man-in-the-middle attacks.
Love In the Air, In the Clear
Unsecured, by match.com: Their freakin’ login page. According to readers of and research by the good folks at Ars Technica, it would appear that usernames and passwords to the popular dating site have been accepted on their login page with no encryption whatsoever, from at least some point in March of this year.
Causation Is Not Correlation. However…
Suggested, by Japan’s Board of Audit: Upgrading 48,000 TEPCO computers which are currently running Windows XP. TEPCO, as you might recall, is the Tokyo Electric Power Company and operates the Fukushima Daiichi nuclear plant, which had a spot of bother back in 2011. XP was only finally retired by Microsoft in April 2014, and there is no connection whatsoever between XP use and nuclear catastrophe. However, the Board of Audit (very roughly analogous to the US GAO) notes that TEPCO’s plan to keep using XP until 2019 (as a cost saving measure) could very well be a Very Bad Idea.
As always, we appreciate you reading these words, and let us know what you think