Apple Inc. SSL/TLS Bug Links to Snowden
By Athena Yenko | February 24, 2014 6:43 PM EST
Apple Inc. SSL/TLS bug could be what U.S. intelligence agents were boasting about as documents leaked by Edward Snowden mentioned about agents saying they can hack any iPhone and that this is a fact that was not exposed in public.
According to researchers who examined versions of Apple's software, Apple Inc. SSL/TLS bug had been present for months and that people who had learned about the flaw chose not to report it, Reuters reported.
It did not help that Apple Inc. was elusive about when or how it discovered the security flaw which affected iOS and Mac OS.
The SSL/TLS bug was so anomalous that security experts were criticising Apple Inc for its failure to do thorough software testing. Experts were theorising that an Apple Inc. engineer might have intentionally created the bug to spy or hack on users.
Some intelligence people meaningfully said that the best of "back doors" were created by "mistake."
Johns Hopkins University cryptography professor Matthew Green told Reuters that Apple Inc. SSL/TLS bug was "as bad as you could imagine."
Mr Green refused to elaborate, "that's all I can say," he said.
The trouble with SSL/TLS Bug was the software's recognition of digital certificates which banking sites, Google's Gmail service, Facebook etc utilise in establishing encrypted connections.
The one single line in the programme and an absent bracket were proofs that certificates, supposedly recognised by the SSL/TLS, cannot be authenticated. As a result, hackers can masquerade as the Web site being surfed by those browsing the internet. Hackers can then acquire all the electronic traffic before a connection to the real site can happen.
Aside from intercepting data, hackers can also interleave malicious web links in real emails, taking full control of the device being hacked.
Hacker can easily gain access to targeted devices simply through connecting to an internet service provider or through unsecured WiFi connections.
Apple Inc refused to comment about the experts' theories.
On the other hand, Adam Langley, a Google engineer who had dealt with similar issues in the past, believed that Apple Inc. had no intentions of creating the flaw.
"I believe that it's just a mistake and I feel very bad for whomever might have slipped," he wrote in a personal blog.
To contact the editor, e-mail:
Most Popular Slideshows
- NFL MNF: Pittsburgh Steelers 30, Houston Texans 23 [PHOTOS]
- 2014 MLB World Series Game 1: San Francisco Giants 7, Kansas City Royals 1 [PHOTOS]
- 2014 MLB World Series - Game 2: Kansas City Royals 7, San Francisco Giants 2 [PHOTOS]
- NFL Thursday Recap - Denver Broncos 35, San Diego Chargers 21: Peyton Manning Has 3 TDs In Easy Win [PHOTOS]
Join the Conversation
- Tesco Facing Crisis After Chairman Quits Citing Accounting Scandal In The Retail Giant
- Australian Federal Court Fines Reebok $350,000 & Orders Refunds For Shoe Endorsed By Miranda Kerr That Claims Unproven Health Benefits
- Sydney Software Firm Bigcommerce Teams Up With Alibaba To Beat Amazon
- Perth Call Centre Staff Bad In English And Not Philippine And Indian Counterparts, Telstra Boss Says
- Xiaomi Redmi 1S vs. Sharp Aquos Crystal – Specifications, Features And Price Showdown
- ASUS Releases A Teaser Indicating The Arrival of New Zenfone and ZenWatch On October 28
- Boy Stoned To Death For Alleged Rape, Victim Receives Dowry From Militants
- Three Dual SIM Samsung Galaxy Note 4 Duos Variants Comes To China
- Russia is Creating Underwater Combat Robots to Protect its Arctic Territories
- ‘Lone Wolf’ Attack on Canada Parliament Hill Could be ISIS-Related
- Android Lollipop 5.0 Confirmed for Nov 3 Rollout as Nexus 6 Global Release Date is Delayed – Reports