If you use Apple products you need to be aware of a very serious bug affecting the operating systems running on their devices. I was first made aware of this on Friday when John Hopkins cryptography professor Matthew Green tweeted the following:
I’m not going to talk details about the Apple bug except to say the following. It is seriously exploitable and not yet under control.
— Matthew Green (@matthew_d_green) February 21, 2014
Since I was away for the weekend, I wasn’t able to do any research into this until today. Fortunately, I came across an excellent article from Gizmodo. In a nutshell, it appears that Apple has released fixes for mobile devices (iPhones and iPads), but you need to go ahead and perform a software update to iOS 7.0.6. Unfortunately, there is no fix yet for Macs. This means if you are operating a Mac computer and using public wifi you should not use Safari as your browser. It is suggested you use Firefox or Chrome.
Even more terrifying is that although this flaw only became widely known about in the past several days, it has been there since September 2012. This has resulted in some claims of conspiracy. As Gigazom notes:
It doesn’t take too much of a stretch of the imagination, though, to draw a few shaky lines between this bug and the NSA’s PRISM program. No less an Apple devotee than John Gruber did just that last night, pointing out that the “goto fail;” command first snuck into iOS 6.0, which shipped just a month before Apple was reportedly added to the spy agency’s info-snooping PRISM program.
If you want to go full tinfoil hat based on that timing, you’re welcome to, but it’s highly unlikely that Apple intentionally added this bit of code. It’s entirely possible, though, that the NSA found out about it before Apple did, and has been secretly exploiting it for its PRISM purposes.
Kind of reminds me of the iPhone 5NsA mock video from late last year.
Scary stuff. I highly recommend reading the entire Gizmodo article here.
In Liberty,
Michael Krieger
Donate bitcoins: 35DBUbbAQHTqbDaAc5mAaN6BqwA2AxuE7G
Follow me on Twitter.
Another reason to distrust Apple. However I’m sure Android, Blackberry and Windows have their own exploit which hasn’t been uncovered yet as well. As a general rule one should always be careful what you put on your smartphone