iOS security hole much easier to exploit than first thought

iPhone 4

Apple may have thought an update released Monday to fix issues with security certificates wasn't a big deal, but security researchers disagree. The flaw is easy to exploit thanks to an update to a publicly available application that can snoop on the data stream of iOS devices.

That application is called SSLSniff. An update to the application also released Monday allows it to now intercept secure communications of unpatched iOS devices.

Sophos' Chester Wisniewski called it "absolutely essential" in a blog post Tuesday that anyone with an iOS device that uses it for more than just phone calls applies the fix. The issue exists in every version from iOS 4.3.4 for GSM devices, 4.2.9 for CDMA devices and older, as well all beta versions of iOS 5.

iOS' security certificate system is flawed, which causes the vulnerability. Essentially, it will allow a valid certificate purchased from a Certificate Authority to be used to sign any other certificate. iOS then mistakenly considers the certificate valid, meaning an attacker could fool a device into allowing him or her in as a valid connection.

"This allows anyone who can capture traffic from your iPhone, iPad or iPod Touch with man-in-the-middle techniques to intercept and read any and all encrypted SSL traffic silently and without notification to the user," Wisniewski wrote.

It is urgent that users who frequent public Wi-Fi hotspots apply the fix, as this would be the easiest location for attackers to snoop on unpatched iOS devices. If you own a first-generation iPhone or iPhone 3G, or an iPod touch first or second generation, this issue will never be fixed as Apple no longer provides updates.

That means every time one of these devices is used, that person takes a chance on having his or her data compromised -- a very compelling reason to upgrade or stop using those devices altogether, if the person is concerned about privacy.

Security researchers at Recurity Labs have created a website, https://issl.recurity.com, which iOS users can surf to with their devices to see if they are vulnerable. Tests by Betanews on a variety of iOS devices not using the most current version of iOS verified that the site is a reliable method for testing.

11 Responses to iOS security hole much easier to exploit than first thought

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.