Apple Fixes App Store Vulnerability

iOS app store password attack

Apple has finally patched a security hole in the App Store. Several months ago a Google security researcher found that the App Store was sending data over an unencrypted HTTP connection.

In English, that simply means that someone with the knowhow and the intent can grab that data from you if you’re using it over a public wifi network.

Here’s a further explanation of what can come of that from GeekNewsCentral:

The lack of HTTPS left iOS customers open to password stealing, app swapping — the ability for an attacker to force a customer to install/buy the attacker’s app of choice instead of the one the user intended to install/buy, fake app upgrades and serious privacy leaks.

The hole was discovered in July of last year, so it took Apple quite a while to patch it up. At least it’s finally done.

About 8bitjay

Google + Profile