{"id":1045,"date":"2014-02-23T18:36:20","date_gmt":"2014-02-23T22:36:20","guid":{"rendered":"http:\/\/mikemartinezonline.com\/blog\/?p=1045"},"modified":"2014-05-02T20:15:22","modified_gmt":"2014-05-03T00:15:22","slug":"serious-os-x-and-ios-security-vulnerability-completely-opens-up-your-all-your-secure-communications","status":"publish","type":"post","link":"https:\/\/mikemartinezonline.com\/blog\/2014\/02\/23\/serious-os-x-and-ios-security-vulnerability-completely-opens-up-your-all-your-secure-communications\/","title":{"rendered":"Serious OS-X and iOS Security Vulnerability Completely Opens Up Your ALL Your Secure Communications"},"content":{"rendered":"<p><a href=\"https:\/\/mikemartinezonline.com\/blog\/wp-content\/uploads\/2014\/02\/Rotten_plus_GreenApple.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"Rotten_plus_GreenApple\" alt=\"Rotten_plus_GreenApple\" src=\"https:\/\/mikemartinezonline.com\/blog\/wp-content\/uploads\/2014\/02\/Rotten_plus_GreenApple_thumb.png\" width=\"141\" height=\"157\" border=\"0\" \/><\/a><\/p>\n<p>It had been know for <span style=\"text-decoration: underline;\"><strong>MONTHS<\/strong><\/span> that there was a serious security flaw in iOS and possibly the latest version of OS X that could allow attackers to surreptitiously circumvent the most prevalent Internet security protocol \u2013 TLS\/SSL and and Security Certificate validations. The issue is a &#8220;fundamental bug in Apple&#8217;s SSL implementation,&#8221; This can allow attackers to view ANY of your \u2018secure\u2019 Web communications. This includes e-mail, banking sites. Facebook etc..<\/p>\n<p>Apple finally released an \u2018emergency patch\u2019 to the latest version of iOS last week, but it appears that the flaw affects more than just Apple\u2019s mobile platforms. It actually affects the latest versions of OS X \u2013 Apples latest desktop Operating System too!!<\/p>\n<p>If you have an iDevice I\u2019d recommend backing it up; via iTunes or any of <a href=\"https:\/\/mikemartinezonline.com\/blog\/2013\/01\/27\/idevice-updates-and-backups-04\/\">the other methods I\u2019ve previously recommended.<\/a> Then checking for any System Updates. Tap Settings &gt; General &gt; Software Update. Then download and Install to download the update. [Updates might download automatically while your device is connected to Wi-Fi and a power source.]<\/p>\n<p>As for you Desktop computer, well there lies the rub. Apple appears to have at first done the usual \u2013 deny, then downplay, then finally admit there is a serious problem and \u2018promise a quick fix\/patch\u2019. [It\u2019s really crazy that they are able to get away with this so often; I guess those reporting are too busy licking Apple sack\u2026.but I digress]<\/p>\n<p>So what to do..<\/p>\n<p>If you use the Desktop Apple Operating System \u2013 OS X you should always use the <span style=\"text-decoration: underline;\">latest versions<\/span> of <a href=\"http:\/\/www.google.com\/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=1&amp;cad=rja&amp;ved=0CCQQFjAA&amp;url=http%3A%2F%2Fwww.google.com%2Fchrome%2F&amp;ei=pncKU4m2K8SIogSnwIDoAQ&amp;usg=AFQjCNFw-0GuxyuZwraQHrJ5tqsxgerAFQ&amp;bvm=bv.61725948,d.cGU\">Chrome<\/a> or <a href=\"http:\/\/mozilla.org\/firefox\">Firefox<\/a> for internet browsing to help mitigate some of the possible exposure. [I NEVER use Safari and always recommend to all my clients that they don\u2019t either]. Even if you\u2019ve take the latest update on your iDevice I\u2019d still recommend I\u2019d recommend <a href=\"https:\/\/www.google.com\/url?sa=t&amp;rct=j&amp;q=&amp;esrc=s&amp;source=web&amp;cd=3&amp;cad=rja&amp;ved=0CDQQFjAC&amp;url=https%3A%2F%2Fitunes.apple.com%2Fus%2Fapp%2Fchrome-web-browser-by-google%2Fid535886823%3Fmt%3D8&amp;ei=SHcKU_PWKs-hogT8pYLIDw&amp;usg=AFQjCNEJrmz0KW2AipEgEcchX0rdGs2G3g&amp;bvm=bv.61725948,d.cGU\">Chrome for iOS<\/a>.<\/p>\n<p><a href=\"http:\/\/gizmodo.com\/why-apples-huge-security-flaw-is-so-scary-1529041062\">Here one of the latest articles<\/a> I\u2019ve found with a VERY good explanation. You should at least read this! But I\u2019d recommend hitting all my sources.<\/p>\n<p>Be safe folks!<\/p>\n<p>Sources to read <strong><a href=\"http:\/\/arstechnica.com\/security\/2014\/02\/extremely-critical-crypto-flaw-in-ios-may-also-affect-fully-patched-macs\/\">1<\/a>, <a href=\"http:\/\/www.reuters.com\/article\/2014\/02\/22\/us-apple-encryption-idUSBREA1L10220140222\">2<\/a>, <a href=\"http:\/\/articles.economictimes.indiatimes.com\/2014-02-22\/news\/47581758_1_flaw-several-security-researchers-hackers\">3<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>It had been know for MONTHS that there was a serious security flaw in iOS and possibly the latest version of OS X that could allow attackers to surreptitiously circumvent the most prevalent Internet security protocol \u2013 TLS\/SSL and and Security Certificate validations. The issue is a &#8220;fundamental bug in Apple&#8217;s SSL implementation,&#8221; This can &hellip; <a href=\"https:\/\/mikemartinezonline.com\/blog\/2014\/02\/23\/serious-os-x-and-ios-security-vulnerability-completely-opens-up-your-all-your-secure-communications\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Serious OS-X and iOS Security Vulnerability Completely Opens Up Your ALL Your Secure Communications&#8221;<\/span><\/a><\/p>\n","protected":false},"author":587,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[50,9,10,7,197,167,21,13,1],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/posts\/1045"}],"collection":[{"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/users\/587"}],"replies":[{"embeddable":true,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/comments?post=1045"}],"version-history":[{"count":3,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/posts\/1045\/revisions"}],"predecessor-version":[{"id":1048,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/posts\/1045\/revisions\/1048"}],"wp:attachment":[{"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/media?parent=1045"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/categories?post=1045"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mikemartinezonline.com\/blog\/wp-json\/wp\/v2\/tags?post=1045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}