Here's The iOS Security Bug That Was Just Patched By Apple

If you own an iOS-powered device, you probably woke up to an update from Apple to patch the operating system to version 7.0.6. Its primary purpose is to close a security hole in the API responsible for Secure Sockets Layer (SSL) and Transport Layer Security (TLS) connections — but what exactly was fixed? In programming terms, it's actually rather silly.

Image: Marc Kjerland / Flickr, licensed under Creative Commons 2.0

This post was originally published on Gizmodo Australia.

Apple posted an article on its support site describing the content of 7.0.6, but as you can see below, it doesn't go into gory details (not that it needs to for the average consumer):

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS

Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

If you're wondering what's specifically wrong with Secure Transport — the API for iOS and OS X that handles SSL and TLS connections — Google software engineer Adam Langley dug up the dirt on his blog, Imperial Violet. Basically, a series of "if" statements are short-circuited by sequential "goto" commands, which means certain certificate verification checks are skipped entirely, regards of validity.

As to who's affected? Langley explains:

Since this is in Secure Transport, it affects iOS from some point prior to 7.0.6 (I confirmed on 7.0.4) and also OS X (confirmed on 10.9.1). It affects anything that uses Secure Transport, which is most software on those platforms although not Chrome and Firefox, which both use NSS for SSL/TLS. However, that doesn't mean very much if, say, the software update systems on your machine might be using Secure Transport.

Langley also went to the trouble of coding a test page, making it easy to find out if you're affected. I can confirm visiting the page in Chrome on an iPhone 5s running iOS 7.0.5 was not vulnerable, while using Safari on the same device presented me with a "you're affected" message.

If you're running a jailbroken device, you'll be happy to know the latest jailbreak tool has been updated with support for 7.0.6.

Apple patches iOS SSL vulnerability [The Register]


Comments

    If you didn't update your iPhone 4 to iOS7 (because it's waay slower) then this patch requires it because Apple has only made the 6.1.6 update available to 3S phones.

    Why oh why doesn't Apple have proper patching technology? These monolithic updates are ridiculous.

    Last edited 23/02/14 6:19 pm

      I would normally agree with you wholeheartedly because for years Apple has had NO IDEA when it comes to patching... forcing customers to download +GB!!! sized updates to fix minor issues.

      But this one is only 16.4MB on my iPhone and took about 25 seconds to download and 2-3 mins to install the update.

      I've noticed since they "allowed" over-the-air updates to iOS devices that they have gotten-their-act-together in regards to the ridiculously LAZY size of their updates. Even for OS.X too.

        Except that I was required to do a multigigabyte multi-hour upgrade because I couldn't apply a 16.4MB patch to my iPhone 4. And now OH GOD MY EYES.

        Actually even with over-the-air updates, Apple still required that I clear another 3.5GB from my phone in order to do an update.

      Because of the long held belief that IOS (MAC) is not susceptible to virus and hacking... Why would they want to disenchant their users by needing "patches" of any kind?

      Simple fact is that the hacks have been there but the resources have not been applied to uncover them.. There is an underground of MAC intrusions that simply are kept "underground"

      Ignorance is bliss to the hundreds of millions of sheep.. At least with a Droid, windows or other OS, you expect hacks and work to prevent them.. :)

Join the discussion!

Trending Stories Right Now