AMEDA unveils modernisation steps for African, ME depositories    US Military Official Discusses Gaza Aid Challenges: Why Airdrops Aren't Enough    US Embassy in Cairo announces Egyptian-American musical fusion tour    ExxonMobil's Nigerian asset sale nears approval    Chubb prepares $350M payout for state of Maryland over bridge collapse    Argentina's GDP to contract by 3.3% in '24, grow 2.7% in '25: OECD    Turkey's GDP growth to decelerate in next 2 years – OECD    $17.7bn drop in banking sector's net foreign assets deficit during March 2024: CBE    EU pledges €7.4bn to back Egypt's green economy initiatives    Egypt, France emphasize ceasefire in Gaza, two-state solution    Norway's Scatec explores 5 new renewable energy projects in Egypt    Microsoft plans to build data centre in Thailand    Japanese Ambassador presents Certificate of Appreciation to renowned Opera singer Reda El-Wakil    Health Minister, Johnson & Johnson explore collaborative opportunities at Qatar Goals 2024    WFP, EU collaborate to empower refugees, host communities in Egypt    Al-Sisi, Emir of Kuwait discuss bilateral ties, Gaza takes centre stage    Sweilam highlights Egypt's water needs, cooperation efforts during Baghdad Conference    AstraZeneca, Ministry of Health launch early detection and treatment campaign against liver cancer    AstraZeneca injects $50m in Egypt over four years    Egypt, AstraZeneca sign liver cancer MoU    Swiss freeze on Russian assets dwindles to $6.36b in '23    Amir Karara reflects on 'Beit Al-Rifai' success, aspires for future collaborations    Climate change risks 70% of global workforce – ILO    Prime Minister Madbouly reviews cooperation with South Sudan    Egypt retains top spot in CFA's MENA Research Challenge    Egyptian public, private sectors off on Apr 25 marking Sinai Liberation    Debt swaps could unlock $100b for climate action    President Al-Sisi embarks on new term with pledge for prosperity, democratic evolution    Amal Al Ghad Magazine congratulates President Sisi on new office term    Egyptian, Japanese Judo communities celebrate new coach at Tokyo's Embassy in Cairo    Uppingham Cairo and Rafa Nadal Academy Unite to Elevate Sports Education in Egypt with the Introduction of the "Rafa Nadal Tennis Program"    Financial literacy becomes extremely important – EGX official    Euro area annual inflation up to 2.9% – Eurostat    BYD، Brazil's Sigma Lithium JV likely    UNESCO celebrates World Arabic Language Day    Motaz Azaiza mural in Manchester tribute to Palestinian journalists    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Apple Security Flaw Could Allow Hackers To Beat Encryption
Engish Published in Amwal Al Ghad on 22 - 02 - 2014

A major flaw in Apple Inc software for mobile devices could allow hackers to intercept email and other communications that are meant to be encrypted, the company said on Friday, and experts said Mac computers were even more exposed.
If attackers have access to a mobile user's network, such as by sharing the same unsecured wireless service offered by a restaurant, they could see or alter exchanges between the user and protected sites such as Gmail and Facebook. Governments with access to telecom carrier data could do the same.
"It's as bad as you could imagine, that's all I can say," said Johns Hopkins University cryptography professor Matthew Green.
Apple did not say when or how it learned about the flaw in the way iOS handles sessions in what are known as secure sockets layer or transport layer security, nor did it say whether the flaw was being exploited.
But a statement on its support website was blunt: The software "failed to validate the authenticity of the connection."
Apple released software patches and an update for the current version of iOS for iPhone 4 and later, 5th-generation iPod touches, and iPad 2 and later.
Without the fix, a hacker could impersonate a protected site and sit in the middle as email or financial data goes between the user and the real site, Green said.
After analyzing the patch, several security researchers said the same flaw existed in current versions of Mac OSX, running Apple laptop and desktop computers. No patch is available yet for that operating system, though one is expected soon.
Because spies and hackers will also be studying the patch, they could develop programs to take advantage of the flaw within days or even hours.
The issue is a "fundamental bug in Apple's SSL implementation," said Dmitri Alperovich, chief technology officer at security firm CrowdStrike Inc. Adam Langley, a senior engineer at Google, agreed with CrowdStrike that OS X was at risk.
Apple did not reply to requests for comment. The flaw appears to be in the way that well-understood protocols were implemented, an embarrassing lapse for a company of Apple's stature and technical prowess.
The company was recently stung by leaked intelligence documents claiming that authorities had 100 percent success rate in breaking into iPhones.
Friday's news suggests that enterprising hackers could have had great success as well if they knew of the flaw.
Source : Reutes

Clic here to read the story from its source.