goto fail (Apple SSL Vulnerability)
An Apple iOS and OS x Secure Socket Layer (SSL) software vulnerability that allows a malicious user or hacker to intercept and alter communications including email and login credentials. The vulnerability allows anyone with a certificate signed by a “trusted CA” to do a man-in-the-middle attack and intercept communication between the user’s Apple hardware and the intended recipient or website.
Apple Security Patches
Apple released a patch for devices including the iPhone (4 and later), iPod touch (5th generation) and the iPad (2nd generation). The SSL vulnerability has also been patched for OS X Mavericks. Websites, including this goto fail test site will check if your system is vulnerable if you visit the URL using the Safari browser.
A Simple Programming Error?
As reported on Wired, the iOS 7 bug is the result of a simple programming error where two “goto fail” lines appear, one after the other. The second function is a duplicate entry (a typo) that diverts the program’s execution past a critical authentication check.
Read Also:
- Saucy Salamander
Saucy Salamander is the Ubuntu codename for version 13.10 of the Ubuntu Linux-based operating system. Officially released in October 2013, Saucy Salamander follows the Raring Ringtail (v13.04) release and serves as a unifying update for the operating system by laying the groundwork for accelerating the optimization of Ubuntu for multiple form factors, particularly mobile use. […]
- OpenStack Havana
The successor to the Grizzly release of the OpenStack open source cloud computing platform (and the precursor to the 2014 OpenStack Icehouse release), OpenStack Havana debuted in October 2013 as the eighth release of OpenStack. Among OpenStack Havana’s most prominent feature additions are new orchestration and monitoring capabilities to go along with a variety of […]
- Operation Clandestine Fox (IE vulnerability)
Operation Clandestine Fox refers to a vulnerability in Internet Explorer (IE) that would allow owners of malicious websites to gain complete access to the site visitor’s computer if the visitor used IE version 6 and up. With access to the computer, hackers could engage in a number of malicious activities like install apps or even […]
- Apple CarPlay
A system developed by Apple to integrate Apple iPhones with the in-car infotainment entertainment systems provided in the dash of newer automobiles. Apple CarPlay is designed to make it easier and safer for drivers to access information and multimedia content on their smartphones from the car’s in-dash system without actually having to touch the phone […]
- OpenStack Icehouse Cloud Computing Platform
The successor to the Havana release of the OpenStack open source cloud computing platform, OpenStack Icehouse debuted in April 2014 as the ninth release of OpenStack. Among OpenStack Icehouse’s most prominent feature additions are live updates for Nova compute, a new Database-as-a-Service (DBaaS) capability called “Trove,” and storage replication enhancements. The follow-up to OpenStack Icehouse, […]