Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Lack of HTTPS on iOS App Store left users open to attacks, researcher says

Lucian Constantin | March 12, 2013
Apple fixed the issue in January by enabling HTTPS by default for App Store active content.

Even the ability to see what applications an iOS user has installed on his device, which appears to be the least serious attack scenario reported by Bursztein, has significant implications, according to Ducklin.

"Firstly, some of those Apps will identify aspects of your life that would be handy for a social engineer to know: the bank you use, the newspapers you like, the games you play, the share-trading services you invest with, and more," he said. "Secondly, the complete selection of Apps on your device may very well be unique to you, thus making it a handy form of digital fingerprint for an attacker."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.