If you own an iOS-powered device, you probably woke up to an update from Apple to patch the operating system to version 7.0.6. Its primary purpose is to close a security hole in the API responsible for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections — but what exactly was fixed? In programming terms, it’s actually rather silly.
This post was originally published on Gizmodo Australia.
Apple posted an article on its support site describing the content of 7.0.6, but as you can see below, it doesn’t go into gory details (not that it needs to for the average consumer):
Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.
If you’re wondering what’s specifically wrong with Secure Transport — the API for iOS and OS X that handles SSL and TLS connections — Google software engineer Adam Langley dug up the dirt on his blog, Imperial Violet. Basically, a series of “if” statements are short-circuited by sequential “goto” commands, which means certain certificate verification checks are skipped entirely, regards of validity.
As to who’s affected? Langley explains:
Since this is in Secure Transport, it affects iOS from some point prior to 7.0.6 (I confirmed on 7.0.4) and also OS X (confirmed on 10.9.1). It affects anything that uses Secure Transport, which is most software on those platforms although not Chrome and Firefox, which both use NSS for SSL/TLS. However, that doesn’t mean very much if, say, the software update systems on your machine might be using Secure Transport.
Langley also went to the trouble of coding a test page, making it easy to find out if you’re affected. I can confirm visiting the page in Chrome on an iPhone 5s running iOS 7.0.5 was not vulnerable, while using Safari on the same device presented me with a “you’re affected” message.
If you’re running a jailbroken device, you’ll be happy to know the latest jailbreak tool has been updated with support for 7.0.6.
Apple patches iOS SSL vulnerability [The Register]