Skip to content
August 1, 2011 / David Bleeker

Sniffer hijacks secure traffic from unpatched iPhones

Almost anyone can snoop the secure data traffic of unpatched iPhones and iPads using a recently-revised tool, a researcher said today as he urged owners to apply Apple’s latest iOS fix.

The nine-year-old bug was quashed Monday when Apple issued a patch for the iPhone 4, iPhone 3GS and third- and fourth-generation iPod Touch.

If those devices aren’t patched, attackers can easily intercept and decrypt secure traffic — the kind guarded by SSL, which is used by banks, e-tailers and other sites — at a public Wi-Fi hotspot, said Chet Wisniewski, a security researcher with U.K.-based Sophos.

“This is a nine-year-old bug that Moxie Marlinspike disclosed in 2002,” said Wisniewski in an interview today. [read more]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: