Flaw exposes iOS users to data theft

Flaw exposes iOS users to data theft
April 23, 2015 - 11:21 AMT

PanARMENIAN.Net - A newly-discovered vulnerability in iOS apps apparently allows hackers to bypass HTTPS security to steal sensitive information, Digital Spy reports.

The problem has been traced back to open source code library AFNetworking's version 2.5.1, which was released in January.

According to analytics firm SourceDNA, the code includes a bug that lets people skip a validation check and access an iOS device on the same Wi-Fi network, then present a fake SSL certificate which allows them to decrypt HTTPS data.

An updated version of the code which fixes the problem was released three weeks ago, but a number of high-profile apps are still using the old insecure code.

Apps which were affected include Uber, Movies by Flixster, Microsoft and Yahoo.

The flaw could raise questions about the long-standing assumption that open-source software is more secure.

If you're worried about your data, there's a tool that allows you to see which apps have been affected.

Related links:
Digital Spy. Networking flaw found in iOS apps has put millions of users' data at risk
 Top stories
Yerevan to host WCIT 2024Yerevan to host WCIT 2024
Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT).
Armenia moves to tax profits from Facebook, GoogleArmenia moves to tax profits from Facebook, Google
Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues.
Krisp raises $5m A round for its voice-isolating algorithmKrisp raises $5m A round for its voice-isolating algorithm
Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls.
Board Chairman։ Top officials have demanded Ucom alienationBoard Chairman։ Top officials have demanded Ucom alienation
Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020."
Partner news
 Articles
Revolut launches in Armenia

Fast and free money transfers, no hidden fees

 Most popular in the section
Ralph Yirikian to take over Ucom as CEO; Ara Khachatryan stepping down
Viva-MTS +Premium offers additional 30 GB, Yandex Plus subscription
Global Banking & Finance Review names Ucom as Armenia’s best telecom company
300 partners to arrive in Yerevan for Harmony Meetup 3.0 by Fastex
Home
All news
Overview: IT & Technology
Archive for April 23, 2015
Other news in this section
 Latest news
Erdogan wants “realistic road map” for relations with Armenia Turkish President Recep Tayyip Erdogan has called for a “new realistic road map” for relations with Armenia.
Armenia-Azerbaijan: Experts launch work on determining coordinates Expert groups from the countries started the process of determining the coordinates based on geodetic measurements.
Yerevan says did not expect CSTO in peacekeeping role Pashinyan has declared that the CSTO would be expected to come to the Armenia-Azerbaijan border as an ally of Armenia
Henrikh Mkhitaryan wins Serie A title with Inter Inter Milan midfielder Henrikh Mkhitaryan admits that the team have long been imagining clinching Serie A against AC Milan.
---