When it rains it pours.

Not the Beatles record company. Not the fruit.. What could it be...

Moderators: b1o, jkerr82508

Forum rules
Post Reply
User avatar
viking60
Über-Berserk
Posts: 9351
Joined: 14 Mar 2010, 16:34

When it rains it pours.

Postby viking60 » 03 Mar 2014, 01:36

Image
Apple has just come up with a patch for the dangerous SSL hole when a new keylogging vulnerability has surfaced in iOS7.
This could allow evil-doers to track all touchscreen and button presses. And that is pretty bad.
Background monitoring mobile applications has become a hot topic on mobile devices. Existing reports show that such monitoring can be conducted on jailbroken iOS devices. FireEye mobile security researchers have discovered such vulnerability, and found approaches to bypass Apple's app review process effectively and exploit non-jailbroken iOS 7 successfully. We have been collaborating with Apple on this issue", says FireEye


More here
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
Top
User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:
Contact Snorkasaurus

Re: When it rains it pours.

Postby Snorkasaurus » 19 Mar 2014, 20:00

That picture is awesome.
S.
Top
User avatar
viking60
Über-Berserk
Posts: 9351
Joined: 14 Mar 2010, 16:34

Re: When it rains it pours.

Postby viking60 » 20 Mar 2014, 13:19

Yes they say a picture can say more than a thousand words :mrgreen:
I am a little paranoid regarding this though.
Apple is not very verbose about it - probably understandable - but let us imagine that some government agency needed to log all your keystrokes and also the movements on the touchscreen?

Then it would be a deliberate or forced flaw. And the Norwegian STASEC (State Security police) called PST have just asked the government for allowance to use keyloggers.

Now I wonder how they could do that without any technical possibility to go through with it? Maybe it is a provided service from our American allies? :think:

Well pure speculation there: History has shown that...... our worst paranoia and our worst fears have not gone far enough. :shock:
We have seen that Microsoft informed the NSA about security holes and left them there long enough for the NSA to exploit before they closed them.
Apple could be doing the same.

I will stay away from iPhone now - just to make sure.

It just became ..rotten
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
Top
User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:
Contact Snorkasaurus

Re: When it rains it pours.

Postby Snorkasaurus » 20 Mar 2014, 14:50

viking60 wrote:I will stay away from iPhone now - just to make sure.
Good idea. I plan to stay away from the iPhone for good... I have a WebOS HP Veer and still wonder how much information can be scraped from it. I don't have email setup on it and the GPS is turned off but I do use it for phone calls (imagine that!) and checking webmail sometimes. I wish it had the ability to make ssh tunnels.
S.
Top
Post Reply

Return to “Apple”