Ssl

Understanding Apple's SSL/TLS Bug

Yesterday Apple released updates for iOS 6, iOS 7, and Apple TV to squash a security bug that affected SSL/TLS connections. Often times, security patches can fix obscure bugs that could only occur under the strangest of circumstances, and they get rolled in to larger updates that address many other issues. However, this fix warranted its own updates, both for iOS 7 and for iOS 6. So what kind of bug calls for such a response? Fortunately for those of us curious enough to wonder, Adam Langley has the answer.

More →

41
loading...
0
loading...
176
loading...
0
loading...

iOS 7.0.6 and 6.1.6 for iPhone and iPad released, go get your bug fixes! [Update: Apple TV too!]

Apple on Friday released iOS 7 version 7.0.6 and iOS 6 version 6.1.6. Both are no available as over-the-air (OTA) downloads. Apple describes the 7.0.6 update thus:

More →

17
loading...
0
loading...
121
loading...
0
loading...

Tumblr updates iOS app, fixes important potential password security issue

Tumblr for iOS has been updated with an important security fix. According to Tumblr's blog post, there was an issue in the app that allowed for a user's password to be compromised in certain circumstances.

More →

5
loading...
0
loading...
46
loading...
0
loading...

iTunes 11.0.3 brings a number of important security fixes

Apple recently released iTunes 11.0.3 with a number of cosmetic improvements including an updated MiniPlayer and songs view. However, this release is more than just a pretty face, bringing a number of security patches which address a wide range of vulnerabilities. Even users not interested in the visual treatments will want to grab this update.

More →

-
loading...
-
loading...
-
loading...
-
loading...

Security oversight in some apps could leave you vulnerable to hacking, data theft

Usually when sensitive information is being transferred over a network, the application will open an encrypted connection with the server using SSL (Secure Sockets Layer). iOS ships with a list of Certificate Authorities whose SSL certificates should be trusted, helping to ensure traffic is only sent to trusted servers and not intercepted by a malicious third party using their own self-signed SSL certificate.

More →

5
loading...
0
loading...
81
loading...
0
loading...

Is MobileMe Secure Enough for Your Data?

It started innocently enough. Prince Mclean over at Apple Insider commented in passing:

More →

0
loading...
0
loading...
0
loading...
0
loading...