What Every Employer Needs to Know About Apple’s iPhone 5

Some people argue that Apple iPhone products are the best line of smartphones on the planet. It would be difficult to disagree with them. Apple consistently creates superb devices that combine modern aesthetics, famously tight security and excellent functionality into a stylish package.

Apple iPhones are governed by the iOS series of operating systems, typically noted for stability, security and a fantastic user interface. However, recent versions of the operating system have a series of flaws and exploits that can leave businesses open to different types of attack and malicious behavior.

Password Theft

If your business uses the iPhone 5, or the most recent iPhone release, you may be susceptible to a flaw in security discovered by researchers from Indiana University, Georgia Tech and Peking University. They found a way to intercept password data from other apps despite the fact that Apple claims they designed the system to prevent one app from stealing data from another. In fact, the researchers were able to also bypass the security of the Apple store as a whole by getting an app that contained malware approved for distribution.

This security vulnerability works by hijacking a browser extension that communicates password data. Hackers can also delete passwords to force users to input them again, thus capturing more password data. Apple asked the researchers to hide the flaw, which was discovered in October 2014, to prevent the spread of information to hackers who could potentially devise a way to put it to use.

Unauthorized cross-app resource access, or XARA for short, presents a security flaw that Apple is having a great deal of difficulty solving due to its complexity, threatening more than 85 percent of all apps with potential password theft.

Threats Avoided Through the New Patch

Patching your iPhone 5 the moment a new update becomes available is the best way to prevent the flaws and hacks that the previous version had within the operating system. One of the more famous flaws that the recent patch eliminated was a weakness in cryptography that allowed hackers to eavesdrop on communications. Other flaws that the patch destroys includes remote code execution and unauthorized termination of apps, a few of the more than 20 fixes applied to version 8.4 of the iOS.

Making sure your iPhone 5 has its software up to date helps get rid of security flaws that lead to a serious hack. While the app store does closely monitor incoming programs for malware, all the different security flaws recently revealed suggest that it’s best not to download apps that you may not be familiar with, even if they’re within the walled garden of the Apple store.

Previous Post
Innovation at Its Best: Full Disk Encryption Market Outlook
Next Post
Vulnerability of Samsung Galaxy S5 Places Workers at Risk

Related Posts

Enterprise Encryption for Linux

Enterprise Encryption for Linux

Linux has built in encryption for several years now, yet enterprises still struggle with encryption on Linux laptops.  Why is that? To answer this question, let’s first review the disk encryption capabilities that are built into Linux: (more…)

Identity and Access Management

At WinMagic data protection is our strong suit and we often talk about it on this blog. At the same time it’s good to remember that ensuring security of data at rest using encryption and strong key management are just…

Crypto-Currencies

Bitcoin, the first and most successful virtual currency has had an impressive year. Not only did its exchange value rocket up to over $1000 US, but also it expanded outside the world of online shopping into brick and mortar stores.…

Waging the War on Passwords

We have seen large password hacks recently including: LinkedIn, eHarmony, and Yahoo. Hacks so large some in the industry call this the Password Wars. Unfortunately for the general public—we are losing. However, before the trumpets play, let’s give them a…
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.

Menu