Consumer Electronics
Apple Takes Low-Key Approach to Fix Major Security Flaw
Published:
Last Updated:
This is a pretty big deal. It means that an attacker could intercept communications from an iPhone that was meant to be encrypted. Let’s say the attacker had access to the same network over an unsecured WiFi connection in a coffee shop or restaurant. He could impersonate a protected site such as Facebook or Gmail and alter any data passed between the iPhone and the site. The worse news for Apple is the its desktop operating system, OS X, is perhaps even more exposed to attack.
Given the severity of the potential damage, Apple has taken a low-key approach to notifying users of the harm to which they are exposed. The company has pushed a patch to iPhone users, but the company’s note says only, “This security update provides a fix for SSL connection verification,” and contains a link to a page on Apple’s support site. The update gives no sense of urgency about installing the patch.
This has to be embarrassing for Apple. SSL (secure socket layer) has been around for about 20 years and implementing it properly should be a no-brainer for a company like Apple. Perhaps that is why the company’s response has been so low-key.
Credit card companies are at war, handing out free rewards and benefits to win the best customers. A good cash back card can be worth thousands of dollars a year in free money, not to mention other perks like travel, insurance, and access to fancy lounges. See our top picks for the best credit cards today. You won’t want to miss some of these offers.
Flywheel Publishing has partnered with CardRatings for our coverage of credit card products. Flywheel Publishing and CardRatings may receive a commission from card issuers.
Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.