The news of a security hole in Apple’s iOS and Mac OS X Mavericks operating systems is still an ongoing issue, especially since Apple has yet to release a patch for Mavericks users. An update to iOS, (7.0.6 and ) was issued on Friday to close the hole but to this point, Apple has only said that a patch will be coming for OS X Mavericks “very soon.” The security hole was caused by a coding error that essentially bypassed the SSL encryption check that applications perform.
Simply put, users who are on a public network such as at a coffee shop or in an airport have their data potentially exposed to prying eyes. The coding error has been described as simple, elegant, and as a big mistake or possibly a malicious act by various sources. Essentially a “goto fail” command was duplicated allow the SSL security check to be completely bypassed. Simple and elegant it may be, but many are questioning how such a coding error could have occurred or not been caught.
So, while iOS users can update and have some relative peace of mind, OS X Mavericks users are still left in waiting mode. Independent research Ashkan Soltani has published a list of Apps that Mavericks users might want to avoid if connecting via an open network. Those Apps include:
- Software Update
Or to put it another way, if you are concerned you might want to use another device if you need to log on to a public network to get any work done with those Apps and others not yet identified. The pressure is mounting for Apple to publish a patch sooner rather than later and I would imagine we’ll hear news about that early in the coming week. If not, we’ll hear news about that not being the news, rest assured.
This article may contain affiliate links. Click here for more details.