Dev.SN

Apple iOS 7.0.6 Update Bricks iPads, iPhones

posted by LaminatorX on Sunday February 23 2014, @06:00PM   
from the damned-if-you-do-damned-if-you-don't dept.

l3g0la5 writes:

"Apple released iOS 7.0.6 to patch a vulnerability which, if unpatched, could allow attackers to capture or modify data in sessions protected by SSL/TLS. However, quite a few users have reported that the upgrade didn't go as planned and their iDevices have been bricked after the update or during the update process. Users have flocked to Twitter as well as Apple support forums voicing their concerns and frustrations as quite a few users have tried updating their iOS 7 devices while on the move and once bricked, their iPhone, iPad or iPod Touch requires a connection to iTunes to restart."

• Info about the vulnerability Info about the vulnerability (Score: 4, Informative) by qwade on Sunday February 23 2014, @07:02PM

  by qwade (1006) on Sunday February 23 2014, @07:02PM (#5356)

  A little more info in the following link:

  Apple security flaw allows hackers to beat encryption [theage.com.au]

  TL;DR - It's a bug in the SSL implementation which doesn't properly verify certificates.

  Starting Score:	1		point
  Moderation		+3
  Informative=3, Total=3
  Extra 'Informative' Modifier		0
  Total Score:		4

• Re:Info about the vulnerability (Score: 4, Insightful) by Acabatag on Sunday February 23 2014, @08:36PM

  by Acabatag (2885) on Sunday February 23 2014, @08:36PM (#5399)

  From what I have read, in a comment on some other tech news site that doesn't need to be discussed here, the bug acts such that Apple's software completely ignores the certificate. In other words, Apple's QA testing did not include the test case: 'Try to use SSL on a site with a fake certificate.' Which is so staggering that I am still waiting for somebody to contradict it. (Maybe on this better, more intelligent forum, someone can expand on this for us)

  Parent