Apple Security Flaw: Update Software to Thwart Wi-Fi Hackers
A critical security flaw in iPhone and Mac software can potentially make Apple users vulnerable to hackers -- just by using public Wi-Fi.
Apple released an update Friday to address this serious security issue, but experts believe that this "bug" in Apple's device software has existed for almost two years, reports The Verge.
How can you make sure your Apple device isn't vulnerable to attack?
Flaw Allows Hackers to Pose as Secure Sources
When you log on to your bank's website or even to Facebook using your Apple device, your Web browser uses SSL connections. It's recommended that businesses use SSL connections when using wireless or external networks because of the dangers inherent in having that data intercepted by a third party.
SSL connections work by exchanging SSL certificates, which verify and authenticate a source as being a "trusted" one. That way, your browser knows to give a secure connection to "trusted" sites like your bank -- but not to untrusted ones you're unfamiliar with.
Unfortunately, a bug in the source code in Apple's iOS and OSX operating systems makes this SSL process open to attack, potentially giving hackers the ability to trick your iPhone or Mac into thinking they're trusted, secure sources. And they'll do so over unsecured Wi-Fi connections.
How to Patch the Security Gap
Apple has already released a patch for devices running its iOS operating system that will fix this security problem. If you're on an iPhone, iPad, or iPod Touch, go to Settings > General > Software Update and follow the instructions to download the patch.
If you have not yet updated your device to iOS 7 -- perhaps because you heard about some of its security flaws -- you may not have a choice. If you have an iPhone 4 or newer, you'll need to upgrade to iOS 7 to receive the patch.
Mac users may be disappointed to learn that there is no patch available yet for OSX, but the security flaw is still very real for Mac laptops. If you're worried about your MacBook getting hacked, don't use unsecured Wi-Fi (such as those offered at coffee houses or bookstores). Your home Wi-Fi, assuming you've set up a password or other encryption, should be fine until Apple gets around to fixing the problem.
Related Resources:
- Why Apple's Recent Security Flaw Is So Scary (Gizmodo)
- Security Warning: All Apple Devices Affected; Avoid Public Wi-Fi (FindLaw's Technologist)
- Be Careful with Free Wi-Fi at Your Business (FindLaw's Free Enterprise)
- 3 Ways to Protect Yourself on Public WiFi (FindLaw's Law and Daily Life)