APPLE iOS Mail Vulnerability PING!
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
Posted on 04/25/2020 9:49:20 PM PDT by Swordmaker
Apple said on Thursday it has found “no evidence” a flaw in their Mail app for iPhones and iPads has been used against customers, and that it believes the flaw does “not pose an immediate risk to our users.”
Reuters—iOS email exploitSan Francisco-based cybersecurity firm ZecOps on Wednesday detailed a flaw that it said may have left more than half a billion iPhones vulnerable to hackers. Zuk Avraham, ZecOps’ chief executive, told Reuters he found evidence the vulnerability was exploited in at least six cybersecurity break-ins
On Thursday, Apple disputed Avraham’s evidence that the hack had been used against users.
“We have thoroughly investigated the researcher’s report and, based on the information provided, have concluded these issues do not pose an immediate risk to our users,” Apple said in a statement. “The researcher identified three issues in Mail, but alone they are insufficient to bypass iPhone and iPad security protections, and we have found no evidence they were used against customers.”
MacDailyNews Take: ZecOps maintained it found evidence of related hacks against “a few organizations” and that it would share additional technical information once Apple released its software update to the public which are expected soon.
Regardless, due to the existence of this flaw, we recommend users stop using Mail on iPhone, iPad, and/or iPod touch devices for now and as soon as iOS 13.4.5 and iPadOS 13.4.5 become available, update your devices!
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
Thank you.
Thanks!
I finally did it... went online Friday night and ordered the new SE2020 phone, picked it up at a nearby Verizon store yesterday, and shortly after, was able to set my old trusty 5c on the shelf.... well, eh, not quite, it turns out...
Being an IT guy, my phone has upwards of thirty Two-Factor Authentication (2FA, a.k.a. MFA) entries, in three auth apps: Google Auth, Microsoft Auth, Duo Mobile. And while it’s not really surprising, it was annoying to learn that the auth apps’ application data is -not- transferred to a new phone. I guess it makes sense security-wise, but I had hoped that it would transfer and then require some sort of verification to become active on the new device.
Alas, no, I have to re-enter data, regenerate and rescan 25 QR-code images at Amazon AWS, run an Azure Admin re-auth cycle, and run a Duo re-auth cycle. In the meantime, the Google and MS auth apps are still generating valid TOTP 6-digit codes on the OLD phone, so I’m carrying two phones until everything is recreated on the new one.
Word to the wise — 2FA/MFA is a constant PITA. I’ll live, it’s not like losing my contacts (which transferred fine). But I’ll never get those hours back.
And I like the new phone. Very snappy.
I’ve got an older SE with the home button. Nice phone — inexpensive and small.
Thanks SM.
The reviews I’ve seen have said that the camera on the SE, aside from only having a single lens, produces photos and videos that are nearly indistinguishable from those produced by the 11 and 11 Pro. That, combined with wireless charging, faster performance, and the fact that with the A13 it will be supported for several more years seems to make it a no-brainer at $399.
My reasons for waiting for the SE to reappear for sale are essentially identical to yours. And I am very pleased on all counts.
By any chance, have you been following Apple’s interest in its own processor?
Thanks for the warning.. hubby wants the new iPhone. I will plan a weekend with the girls.
Sounds like a plan. :-)
You didn’t transfer phone numbers to the new SE from the old iPhone 5c? I’ve never had problems with two-factor security when I did the transfer by just transferring phone numbers from the old to the new. Strange... have they changed two-factor since I upgraded from my old IPhoneX to the iPhone11 Pro?
Oh, Congratulations on the upgrade to the SE.
Of course. There are always rumors that Apple will be bringing out Macs based on the A Series processor... soon. That’s the rumor for several “soon” years now. I saw it last week, too. I will give it more credence when they announce one. It would require a major shift in focus for software makers akin to when Apple switch from the PowerPC processor to Intel back in 2001.
They may do it for lower end MacBooks and iMacs at first, but not for higher end, maintaining Windows compatibility for higher end machines, until the A series processor can produce power similar to the Xeon for Mac Pros, plus having a Rosetta like application to run legacy Mac software on A processor Macs to allow a transition over a period of years, again as they did during the PowerPC to Intel Transition.
Hm, I didn’t realize the new SE kept the home button. That’s something I like about my old SE.
In any case, under the security guidelines of rotating passwords and re-registering security devices periodically, as a security-minded IT Guy, I must admit that it’s overall a good thing despite the transient inconvenience.
I’m already very comfortable with the SE as a replacement for the 5c. Apple did the right thing keeping that form factor alive. Not everybody needs the high-end feature set and larger size. :-)
>> It would require a major shift in focus for software makers akin to when Apple switch from the PowerPC processor to Intel back in 2001.
Definitely.
I have a variety of gear, and typically capitalize over a 5 year window. I still have another 3 years on a 2017 mac pro cylinder. Not keen on dealing with a processor experiment down the road.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.