Apple didn't reveal the exploit. Apple isn't run by morons.
Printable View
Apple didn't reveal the exploit. Apple isn't run by morons.
OMG you are 100 % correct tested BlackBerry and IOS7, only BlackBerry showed "error". I think that proves a lot!
Posted via CB10
The Snowden releases showed that the iPhone is known to be the easiest cell phone to hack. If I was the head of internal data security for the US military, for which the Air Force is responsible, and I thought that there might be a big security issue from someone inside, then I would make everyone carry a phone that was known to be easy to hack, such as 100% hackable, such as the iPhone.
I agree.
I'm not splitting hairs at all. The person he was responding to wasn't addressing typical users. . . users with "top secret info" were specifically referenced.
You must be relying on a rather liberal definition of the word "basically."
Because the US airforce announced they are going with iphone instead of blackberry, now a major flaw was revealed in iphone. How isnt it related?
No, that's not true at all.
The problem is that the device is not checking the certificate. If someone can trick your device into connecting to another place than the intended one (and there are myriad ways of doing this, from simple speed by being closer to poisoning resolver caches to other, more-esoteric things) you are screwed as your device will THINK it is talking to the correct server when it is not, and it will dutifully negotiate a SSL connection with the fake that then delivers unencrypted data to the fake site!
The fake could then simply steal it with a fake login prompt or worse, connect to the real one, pass it through transparently and steal your login and password in the process and you would have no idea it happened.
There is no defense against this; I looked at the actual code "error" and what I want to know is when the bad code got in there and how many revs back have been sent out with this. There is every reason to believe this isn't a new problem and if so the number of thefts that have likely taken place are extremely high, including some really nasty systemic thefts that have involved re-routing traffic temporarily on the backbone through places like China and Belarus.
[WARN]Please keep it civil. Debate the topic, not the person posting their opinion.[/WARN]
no, its showing how USAF dropped BB to go with Apple and people on here said it was a dumb idea because of security issues - this came up in a BB forum - seems relevant to me foks!
Basically that isn't what I was saying. Does everyone have top secret info in their emails they are sending?
Windows 8.1 modern browser. Page can't be displayed.
I work in risk management for a large multinational. We used to be BlackBerry only but now it's byod. Even though there is a policy that transmitting sensitive proprietary information via a smartphone is a terminable event, guess what? People still do it because it's easy and convenient. Just because there is a rule in place does not guarantee people will abide by it. So why take the chance?
The last line is a fair question. So why use mobile devices at all? I mean, why take the chance in the first place? Clearly, the benefits of mobile make up for the fact that it's less secure than other options.
I hope the USAF saw this news after they ditched Blackberry for Apple I-phone. This is evident that Apple products are susceptible to hackers because their IOS is not well secured, unlike the Blackberry that is #1 with phone security, even the POTUS has one. Shame on the US Air Force, I would have thought they would have followed their commander-in-chief and upgrade their phones to BES-10, but no they want to play candy crush and watch Nexflix all day, so they've switched to I-phone. Jokers!
Many of them still waiting for a 10.2 update. Got this update early this morning on my iPhone 😊
Sent from my iPhone 5S using Tapatalk
That site only works in Safari. It's moot for anyone not running an iOS device or a Mac to even try.
Attachment 250290
And yeah, my Mac (thus far) remains unpatched but at least they got the iOS patch out.
No matter what Security issues there is with Apple IOS Apple fans will not change, I work for the councils here in the UK they are all Apple and Microsoft Phones, it starts from the IT Manager's they are Apple fans , the directors are Apple Fans , they cannot see changing to BES 10 or a Blackberry platform, it is all about the apps,
If I was in a position of influence in IT I would want the most secure platform especially if I was in Government, but this how these councils operate, and what scares me, is if any data gets capture or hacked, who will they blame.
Thank you for an intelligent comment. You don't build a platform, then in retrospect add a security patch and hope for the best. Security has to start at the ground floor which is why we hear at least 6-10 times a year about a security flaw.
Posted via CB10
They won't be able to play candy crush as the USAF, didn't buy the iPhone 5 or 5s. It that crappy old iPhone 4. Just wait till the service people get a hold of that lump of coal.
Posted via CB10
This bug affects all traffic, not just email. When making an online payment someone connected to the same Wi-Fi network could in theory see your card details.
True. But security clearly isn't the only priority. If it were, the USAF wouldn't be changing anything. (Also, again, the fact that these agencies use mobile platforms at all is per se proof that security is but one item on a list of priorities.) This is not new; security wasn't the only reason the USAF went with BlackBerry previously, either. Clearly though, BBRY had a lot more success competing against Palm and Windows Mobile than it does any of the current crop of competitors.
Correct, Apple didn't reveal the exploit. However, the community revealed the exploit. It was stupidly simple to spot.
No, it's not for Android. It's an Apple bug.
I suggest you read this: Understanding Apple's SSL/TLS Bug | iMore
That's exactly the point- these are not individual citizens using a phone for personal reasons, these are members of the military. The Department of Defense stated the #1 reason for switching was budgetary. It's cheaper for them to use Apple phones and iPads than to use Q10 on a BES. It's a shame that an organization with a budget the size of the US Military and charged with defending our country decides to save ~$16M by putting our security at risk. It's all about money.... if you read the DoD articles they also claim they don't have the proper controls in place to ensure iOS security, but they are working on it.
Because the holes keep coming...... every few weeks there is a new one. not the best platform to be using in any security capacity. Anyone can see that, if not they have their heads elsewhere.......apps or not.
If the app is that Important to have, then get the most secure company device in blackberry and develop the app for that....done!
Hate solves nothing, Respect gains everything!