Text only | Text with Images

Peterborough Linux User Group (Canada) Forum

General (non-Linux) => General Discussion => Topic started by: ssfc72 on August 26, 2016, 08:24:05 AM

Title: Current Apple Iphone zero day attack flaws have been fixed
Post by: ssfc72 on August 26, 2016, 08:24:05 AM
http://www.bbc.com/news/technology-37185544

On the BBC website is an article about the just announced Iphone zero day attack flaw. The flaw is actually 3 zero day flaws put together in one attack.

The flaw was discovered recently and Apple took only 10 days to fix the flaw with an update of IOS tp version 9.3.5
The researchers advised Apple of the attack and gave Apple the time to fix the flaw before they announced the attack to the media.

However, I am wondering if this attack is going to still affect older Iphones and Ipod Touch devices that Apple does not update the IOS.  My Ipod touch is stuck at IOS 6???
Title: Re: Current Apple Iphone zero day attack flaws have been fixed
Post by: Jason on August 26, 2016, 08:08:40 PM
Quote from: ssfc72 on August 26, 2016, 08:24:05 AM
However, I am wondering if this attack is going to still affect older Iphones and Ipod Touch devices that Apple does not update the IOS.  My Ipod touch is stuck at IOS 6???

I tried to read some of the links in the article and some online searching to see if this affects just the iOS 9.x series or other versions. Couldn't really tell. The one thing I could tell though was that the malware is installed through a text that has a special link. So if you avoid going to suspicious links (or any links) directly from text, you should be okay. Can the iPod Touch get text messages? It's wireless only, isn't it?
Title: Re: Current Apple Iphone zero day attack flaws have been fixed
Post by: ssfc72 on August 26, 2016, 09:58:19 PM
Ipod Touch devices have only wifi.  They don't have cell phone carrier, text messaging.

But with the wifi, I do have a texting app, so I would be at risk of getting a text message with a Link, that might affect the device.
Title: Re: Current Apple Iphone zero day attack flaws have been fixed
Post by: Jason on August 27, 2016, 07:51:17 AM
I don't think that receiving the link is the problem. It's if you open the link (tap on it) and that link leads to carefully crafted code that loads malware onto your system.
Title: Re: Current Apple Iphone zero day attack flaws have been fixed
Post by: ssfc72 on August 28, 2016, 09:36:23 AM
Some more details on the Iphone hack.

http://www.securityweek.com/apple-issues-emergency-fix-ios-zero-days-what-you-need-know

Affects Iphones 4s and later.  5th gen Ipod Touch and later.

Looks like my 3rd gen ipod touch, should not be vulnerable.
Title: Re: Current Apple Iphone zero day attack flaws have been fixed
Post by: bobf on August 29, 2016, 03:17:22 PM
My 1st-gen iPad is stuck at v5.1.1, IIRC. Not that I use it for much, and definitely not for texting, so I'm going to assume I can continue using it unconcernedly...
Text only | Text with Images