Security Alert : Your iPhone and Mac is vulnerable

If you are an iPhone or a Mac user, please read this and forward to your friends. On the 21st of February 2014, Apple has pushed out an emergency security update for iOS (7.06), which patches a security issue that leaves all your iPhone, iPad and iPod devices vulnerable to have its communications hacked into and have data compromised.

Now, this isn’t too big an issue if you are just storing phone numbers and making phone calls, but if you have personal data, or even worse, use your phone for transactions, kindly upgrade immediately to iOS 7.06. Especially nowadays, we tend to use our iPhones for Paypal and Maybank2U payments.

How do I know if I am affected and my iPhone is vulnerable?

Check out whether your device is affected by going to https://gotofail.com. If your device is affected and is vulnerable, it’ll show as the bottom.

gotofail

 

You can also use Google Chrome to double-check if its affected. We found that only Safari and other Apple software are affected by this.


What can I do to act upon this iOS and OSX vulnerability?

1) If you are an iPhone, iPad and iPod user

Upgrade your phone to the latest iOS patch. Go to

  1. Settings
  2. General
  3. Updates
  4. Install the update, immediately. It’s really crucial

iOS 7 update

2) If you are a Mac user, including Macbook Pro and Macbook Air

Stop using Mac Apps by Apple until Apple releases the patch. This would include Safari, Mail, Pages, etc, if you are using them on critical and confidential information. However, if you are a small fry like us here at TechGarage.my, we still use Safari. However, if we are on a critical website, we might just switch over to things like the Tor Browser, and surf through a VPN to be safe.


If you are an Android user, should you gloat to your iOS using friends about their iPhones and iPads?

Actually, if you are an Android user, and have a Samsung, LG, Xiaomi or one of those other brands of Android phones, you might be vulnerable too. Especially as most Android phones are still running on older versions of the Android phone, making them an easy target for hackers.

Android4.4.1.8percent

iOS7.82percent

And that is why we kept telling our Android using friends that it is always better to pay up for an iPhone, than to use an Android, which is very vulnerable to hacking attempts if you are on Android 4.1 and below. Here’s what the Apple Insider wrote.

There is now actually a published tool designed specifically to exploit the flaw via an easy to use framework even the most entry-level hacker can use to attack Android users. The reason that tool exists is that security researchers were so frustrated by Google failing to effectively patch the flaw that they are attempting to force it and its partners into action by laying Android bare. 

Google released a patch for the live bug back in November as part of Android 4.2, but most of its Android hardware and carrier partners haven’t yet made the update available to users. In fact, the update is hard enough to obtain and install that Google currently reports that just 27 percent of active Android users accessing Google Play have it installed.

That means 73 percent of Android users are still at risk from this particular attack by relatively easy to use, widely available hacker tools, with a large number of those users lacking any access to a fix. That’s a fact that hasn’t made headlines like the SSL vulnerability patch that Apple has already made available to all of its iOS users.

If you use your phone for everything, including emails, WhatsApp and even transactions, please update your phone immediately. If you can no longer update your phone, please upgrade. iPhone users are always given the option to upgrade to the latest iOS up to two to three generations by Apple, while Android users, including owners of Samsung, Ninetology, Huawei, HTC and Sony, are not often given the latest update if they are not on the flagship models. And if you are, it might take months before it is released.

By Leo

Avid techie. Excited about Photography, Technology, Ecommerce and Jesus. I write on DigitalDestiny.co and WPStarters.com. When I'm not blogging, I'm code wrangling in Ruby and PHP. Talk to me on LinkedIn

Leave a comment

Your email address will not be published. Required fields are marked *