An Interest In:
Web News this Week
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
Some of Our Sources
- Slashdot
- Techcrunch
- Team Treehouse
- Joshua Blankenship
- Spoon Graphics
- Creative Curio
- Crazy Leaf Design
- Line 25
- Design Modo
- Hashedout
Help Webnuz
Referal links:
February 23, 2014 06:38 am GMT
On Friday Apple announced a fix to a security bug in its iOS 7 system. Saturday Web security experts have parsed the patch to figure out what exactly the problem was… And apparently it’s a doozy. Wired has all of the gory details: “[The] terse description inApple’s announcementyesterday had some of the internet’s top crypto experts wondering aloud about the exact nature of the bug. Then, as they began learning the details privately, they retreated into what might be described as stunned silence. “Ok, I know what the Apple bug is,”tweeted Matthew Green, a cryptography professor at Johns Hopkins. “And it is bad. Really bad.” The culprit of what may be one of Apple’s biggest security snafus is an extra “goto” in one part of the authentication code, Wired reported. That spurious line of code bypasses the rest of the authentication protocols. The bug couldcould allow hackers to intercept email and other communications that are meant to be encrypted, according to a Reuters report which was issued late on Friday night. Meanwhile, ZDNet notes that macs may have been left vulnerable. [Update: Apple spokesperson Trudy Muller sent us this comment about the continuing vulnerability in macs."We are aware of this issue and already have a software fix that will be released very soon." (i.e.iOS 6 and 7 have been patched, OS X 1.9 is the first version to exhibit the vulnerability and is not currently patched, but will be soon. Until then, don't connect to any public wifi with your OS X 10.9 Macs.)] As ZDNet’s contributing editor Larry Seltzer wrote: Make no mistake about it, this is a very serious bug. The bug makes it fairly straightforward to intercept and decrypt SSL/TLS communications, probably the most important security protocol there is today. Here’re more details, on the patch from ZDNet. Photo via Flickr user aditza121
Original Link: http://feedproxy.google.com/~r/Techcrunch/~3/tOWz06Pobm4/
[Updated] Apple Fixed A Bug In iOS 7. Its A Doozy
On Friday Apple announced a fix to a security bug in its iOS 7 system. Saturday Web security experts have parsed the patch to figure out what exactly the problem was… And apparently it’s a doozy. Wired has all of the gory details: “[The] terse description inApple’s announcementyesterday had some of the internet’s top crypto experts wondering aloud about the exact nature of the bug. Then, as they began learning the details privately, they retreated into what might be described as stunned silence. “Ok, I know what the Apple bug is,”tweeted Matthew Green, a cryptography professor at Johns Hopkins. “And it is bad. Really bad.” The culprit of what may be one of Apple’s biggest security snafus is an extra “goto” in one part of the authentication code, Wired reported. That spurious line of code bypasses the rest of the authentication protocols. The bug couldcould allow hackers to intercept email and other communications that are meant to be encrypted, according to a Reuters report which was issued late on Friday night. Meanwhile, ZDNet notes that macs may have been left vulnerable. [Update: Apple spokesperson Trudy Muller sent us this comment about the continuing vulnerability in macs."We are aware of this issue and already have a software fix that will be released very soon." (i.e.iOS 6 and 7 have been patched, OS X 1.9 is the first version to exhibit the vulnerability and is not currently patched, but will be soon. Until then, don't connect to any public wifi with your OS X 10.9 Macs.)] As ZDNet’s contributing editor Larry Seltzer wrote: Make no mistake about it, this is a very serious bug. The bug makes it fairly straightforward to intercept and decrypt SSL/TLS communications, probably the most important security protocol there is today. Here’re more details, on the patch from ZDNet. Photo via Flickr user aditza121Original Link: http://feedproxy.google.com/~r/Techcrunch/~3/tOWz06Pobm4/
Share this article:
Tweet
View Full Article
Techcrunch
TechCrunch is a leading technology blog, dedicated to obsessively profiling startups, reviewing new Internet products, and breaking tech news.More About this Source Visit Techcrunch