New iOS Flaw Means Your iPhone is Ridiculously Hackable Right Now


Do you sometimes connect your iPhone to public Wi-Fi networks? If so, you might want to stop doing that. According to Reuters, a flaw in Apple’s iOS operating system could allow hackers or spies to intercept your Internet traffic, placing your personal and financial information in serious danger.

The failure is due to Apple’s poor implementation of SSL (secure sockets layer) and transport layer security. These two protocols are in place to encrypt and protect the information flowing back and forth between you and the website you’re using. Unfortunately, the flaw in Apple’s support for these protocols — a flaw in authentication, to be precise — means that hackers can jump in between you and the Internet and pass themselves off as the site you want to access.

You can imagine the types of information you might unwittingly surrender under such conditions. Your social security number, for instance, or your credit card number. According to Johns Hopkins University cryptology professor Matthew Green, “It’s as bad as you could imagine, that’s all I can say.”

And the bad news doesn’t end there. Two experts — Dmitri Alperovich of CrowdStrike Inc. and Adam Langley of Google — both agree that Apple’s Mac OS X operating system is also vulnerable. This means that iMacs, MacBooks and other Mac systems could be targeted in the same fashion as iOS devices like iPhones and iPads.

It looks like Apple has already put out an update for iOS to patch this flaw up, which is good news. Users with an iPhone 4 and above are eligible for the update, as are owners of the 5th-generation iPod touch and anyone with an iPad 2 or above. As far as the Mac goes, there doesn’t appear to be a fix just yet, but one is undoubtedly on the way.

This is a pretty major flaw coming from a company that otherwise doesn’t make a lot of mistakes. It’s good the patch is out for iOS, but Mac users should still remain cautious when connecting to public Wi-Fi networks.

We’ll keep you up to speed on any new developments with this story.