FREAKish apps still have security holes<article>
<section class="page">
<p>
The web security exploit
known as FREAK that I discussed last week was patched by Apple days after it was discovered two weeks ago. FREAK relied on a configuration issue in web servers combined with a flaw for backwards compatibility in many software libraries used to create a secure connection. But the patch only affected Apple’s operating systems—not all apps.</p><p>
This highlights how apps can remain vulnerable due to developers’ choices. And Apple’s FREAK update only fixed the problem in iOS 8.2, OS X 10.8, 10.9, and 10.10. While I addressed part of that last week, there’s more to say.</p><p class="jumpTag"><a href="/article/2898807/freakish-apps-still-have-security-holes.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
FREAKish apps still have security holes
