Featured Articles

Nvidia GTX 980 reviewed

Nvidia GTX 980 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Nvidia adjusts GTX 980 and GTX 970 pricing

Nvidia adjusts GTX 980 and GTX 970 pricing

It appears that Nvidia has been feeling the pulse of the market and took some note from comments regarding the original…

More...
iPhone 6 and 6 Plus reviews are up and they are good

iPhone 6 and 6 Plus reviews are up and they are good

Apple is dancing the same dance year after year. It releases the iPhone and two days before they start shipping it…

More...
Amazon announces three new tablets

Amazon announces three new tablets

Amazon has just released three new tablets starting with the $99 priced 6-inch Kindle Fire HD6. This is a 6-inch tablet…

More...
PowerColor TurboDuo R9 285 reviewed

PowerColor TurboDuo R9 285 reviewed

Today we will take a look at the PowerColor TurboDuo Radeon R9 285. The card is based on AMD’s new…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 14 June 2013 10:48

iPhones should not go on Wi-Fi

Written by Nick Farrell

Jobs’ Mob security strikes again

Apple is so lacklustre on its security and networking that it makes plugging in the iPhone jolly risky. Security firm SkyCure has found feature in iPhone devices running on certain networks, including Vodafone, that would connect automatically to a Wi-Fi network with a specified SSID, such as ‘BTWiFi’.

While this sounds like a wonderful feature, it means that a crook can get you to connect to any station you like and listen to your calls or gain access do your Coldplay collection. You might think that this sort of security threat would be one of those bugs that people find and then fix, the security industry has known all about it for years. Indeed on other most other phones it is fixed. But the way in which iOS devices are hooking up to certain Wi-Fi networks automatically is a real concern.

The case highlights another weakness in the way Apple protects traffic managed by its Safari browser. At the moment the rest of the world is moving towards the HTTPS protocol through a mechanism called HTTP STS, Apple is not. HTTP STS was released in 2012 and already Chrome and Android supports it.

Of course Apple could be sensible. It could, for example, roll out HTTP STS. It could also recommend the use of an app such as those offered by Shield and Onavo, which isolate devices from malicious networks. Needless to say it probably will not. So far Vodafone based IPhones can be seen as safer. Vodafone uses an embedded configuration to control things within the iPhone. These are ‘1WiFiVodafone1x’ and ‘Auto-BTWiFi’ are locked to ‘EAP-SIM’ authentication which is a bi-directional authentication protocol.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments