Apple's OS X security hole affects slew of apps - CW15 - OMAHA

Apple's OS X security hole affects slew of apps

Updated: Feb 24, 2014 04:00 PM
Image courtesy of Apple Image courtesy of Apple


By Trevor Mogg
Provided by


It looks as if it's going to be a busy start to the week for Apple's security team, with more bad news surfacing in connection with a recently publicized ‘gotofail' vulnerability in its mobile and desktop operating systems.

The tech firm on Friday rolled out an urgent fix for iDevices running iOS 7 after it was discovered it was possible for hackers to obtain a user's data via a shared Wi-Fi network. Shortly after, it emerged the Safari browser on Mac computers was also affected, with Apple promising to roll out a fix soon.

The situation could be more serious than first feared, however, as a privacy researcher is claiming the bug affects a whole bunch of OS X applications, among them Mail, Twitter, FaceTime, iMessage, iBooks, and even Apple's software update mechanism, Forbes reported Sunday.

Washington, DC-based Ashkan Soltani posted the list of vulnerable programs on Twitter, which, if accurate, means a hacker could potentially "capture or modify data in sessions protected by SSL/TLS" – in other words, data passing between a computer and servers over a shared network, such as public Wi-Fi, could be intercepted. The advice is to avoid using a Mac computer on such public Wi-Fi networks until Apple rolls out the fix for OS X.

The bug, which first came to light three days ago, has been dubbed ‘gotofail' because of the single erroneously used ‘goto' command in the tech giant's code that caused it. Many in the security community have been puzzled by the apparent simplicity of the error, leading some conspiracy-oriented members to wonder if the code was a calculated move to create a backdoor for spy agencies. Apple, however, has always said it has never enabled backdoor access into any of its products.

Soltani, who describes himself as "an independent researcher and consultant focused on privacy, security, and behavioral economics," has previously worked on behalf of the Washington Post, helping to analyze documents leaked by Edward Snowden.


This article was originally posted on Digital Trends

Content provided by
INFORMATIONAL DISCLAIMER The information contained on or provided through this site is intended for general consumer understanding and education only and is not intended to be and is not a substitute for professional financial or accounting advice. Always seek the advice of your accountant or other qualified personal finance advisor for answers to any related questions you may have. Use of this site and any information contained on or provided through this site is at your own risk and any information contained on or provided through this site is provided on an "as is" basis without any representations or warranties.
Powered by WorldNow
All content © Copyright 2000 - 2014 WorldNow and KXVO. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.