You may or may not have been following concerns over the last few months about the security of Apple’s Safari browser on iOS products such as iPhones, iPads, and iPod touch devices. Either way, if you’re an Apple user you might want to take care when storing usernames and passwords on Safari, and sending sensitive information via email, as those services that are meant to be encrypted may not be so safe. Matthew Green, a professor at Johns Hopkins University told Reuters last week, “It’s as bad as you could imagine, that’s all I can say.”
The flaw was found in use of public wireless networks, where a hacker could impersonate a protected third party site and intercept data being sent to an intended secure site. This type of hack is known as a “man-in-the-middle” or “eavesdropping” cryptographic attack.
Late Friday, Apple issued update patches for iPhone and iPad operating systems, but it appears other applications have also been found to be susceptible including Apple Mail, Calendar, iBooks, iMessage, Facetime, Twitter, and [insert gasp here] even the Apple iOS CoreServices update application.
Furthermore the vulnerability, dubbed Apple’s “gotofail” bug, can also be found in Mac’s OSX, affecting the Safari browser on laptops and desktops.
The safest thing you can do for now is not use public wireless internet service. Or if you do, use a device that is freshly wiped of personal information. Otherwise, hang on for official announcements from Apple about the security of its operating systems and applications.
Featured image courtesy of Shutterstock