Egypt, Saudi Arabia coordinate on regional crises ahead of first Supreme Council meeting    FRA launches first register for tech-based risk assessment firms in non-banking finance    Egypt's Health Ministry, Philips to study local manufacturing of CT scan machines    African World Heritage Fund registers four new sites as Egypt hosts board meetings    Maduro faces New York court as world leaders demand explanation and Trump threatens strikes    Egypt identifies 80 measures to overhaul startup environment and boost investment    Turkish firm Eroglu Moda Tekstil to invest $5.6m in Egypt garment factory    EGX closes in red area on 5 Jan    Gold rises on Monday    Oil falls on Monday    Al-Sisi pledges full support for UN desertification chief in Cairo meeting    Al-Sisi highlights Egypt's sporting readiness during 2026 World Cup trophy tour    Egypt opens Braille-accessible library in Cairo under presidential directive    Abdelatty urges calm in Yemen in high-level calls with Turkey, Pakistan, Gulf states    Madbouly highlights "love and closeness" between Egyptians during Christmas visit    Egypt confirms safety of citizens in Venezuela after US strikes, capture of Maduro    From Niche to National Asset: Inside the Egyptian Golf Federation's Institutional Rebirth    5th-century BC industrial hub, Roman burials discovered in Egypt's West Delta    Egyptian-Italian team uncovers ancient workshops, Roman cemetery in Western Nile Delta    Egypt, Viatris sign MoU to expand presidential mental health initiative    Egypt's PM reviews rollout of second phase of universal health insurance scheme    Egypt sends medical convoy, supplies to Sudan to support healthcare sector    Egypt sends 15th urgent aid convoy to Gaza in cooperation with Catholic Relief Services    Al-Sisi: Egypt seeks binding Nile agreement with Ethiopia    Egyptian-built dam in Tanzania is model for Nile cooperation, says Foreign Minister    Al-Sisi affirms support for Sudan's sovereignty and calls for accountability over conflict crimes    Egypt flags red lines, urges Sudan unity, civilian protection    Egyptian Golf Federation appoints Stuart Clayton as technical director    4th Egyptian Women Summit kicks off with focus on STEM, AI    UNESCO adds Egyptian Koshari to intangible cultural heritage list    Egypt recovers two ancient artefacts from Belgium    Egypt warns of erratic Ethiopian dam operations after sharp swings in Blue Nile flows    Sisi expands national support fund to include diplomats who died on duty    Egypt's PM reviews efforts to remove Nile River encroachments    Egypt resolves dispute between top African sports bodies ahead of 2027 African Games    Germany among EU's priciest labour markets – official data    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Apple Security Flaw Could Allow Hackers To Beat Encryption
Engish Published in Amwal Al Ghad on 22 - 02 - 2014

A major flaw in Apple Inc software for mobile devices could allow hackers to intercept email and other communications that are meant to be encrypted, the company said on Friday, and experts said Mac computers were even more exposed.
If attackers have access to a mobile user's network, such as by sharing the same unsecured wireless service offered by a restaurant, they could see or alter exchanges between the user and protected sites such as Gmail and Facebook. Governments with access to telecom carrier data could do the same.
"It's as bad as you could imagine, that's all I can say," said Johns Hopkins University cryptography professor Matthew Green.
Apple did not say when or how it learned about the flaw in the way iOS handles sessions in what are known as secure sockets layer or transport layer security, nor did it say whether the flaw was being exploited.
But a statement on its support website was blunt: The software "failed to validate the authenticity of the connection."
Apple released software patches and an update for the current version of iOS for iPhone 4 and later, 5th-generation iPod touches, and iPad 2 and later.
Without the fix, a hacker could impersonate a protected site and sit in the middle as email or financial data goes between the user and the real site, Green said.
After analyzing the patch, several security researchers said the same flaw existed in current versions of Mac OSX, running Apple laptop and desktop computers. No patch is available yet for that operating system, though one is expected soon.
Because spies and hackers will also be studying the patch, they could develop programs to take advantage of the flaw within days or even hours.
The issue is a "fundamental bug in Apple's SSL implementation," said Dmitri Alperovich, chief technology officer at security firm CrowdStrike Inc. Adam Langley, a senior engineer at Google, agreed with CrowdStrike that OS X was at risk.
Apple did not reply to requests for comment. The flaw appears to be in the way that well-understood protocols were implemented, an embarrassing lapse for a company of Apple's stature and technical prowess.
The company was recently stung by leaked intelligence documents claiming that authorities had 100 percent success rate in breaking into iPhones.
Friday's news suggests that enterprising hackers could have had great success as well if they knew of the flaw.
Source : Reutes

Clic here to read the story from its source.