June 23, 201411 yr Commercial Member Well... let's see... Android uses OSS, and well, the subject of this thread is about the compromise of same. Not read of Apple devices being affected this way, or Windows Phone... I prefer facts to opinion. Best regards, Robin.
June 23, 201411 yr Oh, I have a black van with tinted windows parked at the end of the street. Am I suspicious now? :ph34r: In my day...in high school and college, a van tinted dark...and sitting at the end of a cul-de-sac was called a Shag Wagon. Boy...have things changed, ROTFLMBO!
June 23, 201411 yr Not read of Apple devices being affected this way, or Windows Phone... http://support.apple.com/kb/HT6147 Read more here about the "goto fail" exploit. Georges - OpenStreetMap - Ubuntu GNU/Linux -
June 23, 201411 yr Commercial Member An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS PRIVILEDGED network position ("on the wire"), and intercept SSL/TLS data (through a MITM attack). That is not attacking the software or the handset directly, and in fact, doesn't require any access to the handset or its software at all. Best regards, Robin.
June 23, 201411 yr This was only one example, where it was possible to capture and read nearly all SSL traffic. Most mobile users are using their device on uncontrolled Wi-Fi networks, so it's a very serious issue, just like the OpenSSL Heartbleed. The main difference is how long you need to wait for fixes for known flaws. Sometimes it's just a shame: http://www.zdnet.com/ios-7-patches-80-vulnerabilities-7000020873/ Georges - OpenStreetMap - Ubuntu GNU/Linux -
Create an account or sign in to comment