iCloud security flaw put iPhone, Mac passwords at risk

A security flaw in iOS devices that went largely unreported after it was revealed to have been fixed had the potential to be one of the most damaging security vulnerabilities this year.

The bug exploited a flaw in how Apple’s iCloud Keychain synchronizes sensitive data across devices, like passwords and credit cards on file, which — if exploited — could’ve let a sophisticated attacker steal every secret stored on an iPhone, iPad, or Mac.

“The bug we found is exactly the kind of bug law enforcement or intelligence would look for in an end-to-end encryption system,” said Alex Radocea, co-founder of Longterm Security, who is set to reveal more details about the now-fixed vulnerability at the Black Hat conference in Las Vegas on Wednesday.

Radocea said the flaw could have let an attacker punch a hole in the end-to-end encryption that Apple uses to ensure nobody can read data as it is sent across the internet.<!–more–>

Advertisements

Add a Prayer or Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s