TRENDING ON ONEINDIA
- Weather Forecast For Dec 19: Cyclone Phethai Weakens; Winter Chills To Continue In Delhi
- IPL Auction 2019: Live Updates
- More Items To Be Included In Sub-18% Tax Slab — Narendra Modi
- Most Searched Cars In India 2018 — Here's The Full List
- Vikendi Snow Map Yet To Arrive On PUBG Mobile India Even After 1.6GB Update
- Manikarnika Trailer — Kangana Impresses As Rani Laxmibai!
- Secunderabad — Get Transported To A World Of Nostalgia
- Smelling His Own Socks Gave This Man Lung Infection
Here's some serious security concern for all those of you currently owning an Apple-made iPhone or iPad. According to reports, a major flaw in Apple's iOS operating system for mobile devices could allow hackers to compromise email and other personal data that are meant to be encrypted, the company acknowledged in a Friday afternoon announcement.
While Apple recognized the problem in its software for mobile devices and major threat it poses to all its users, the company did not mention when or how it recognized the flaw - which is in the way iOS handles sessions in what are known as secure sockets layer or transport layer security. The company also didn't say whether the flaw was being exploited.
"It's as bad as you could imagine, that's all I can say," said Johns Hopkins University cryptography professor Matthew Green.
Without the fix, a hacker could easily fake a protected site and start pulling the strings as email or financial data goes between the user and the real site, Green added.
Now, as it stands, if attackers have access to a user's network, which can be done by sharing the same unsecured wireless service offered by a open network area such as a restaurant, they could easily view or alter exchanges between the user and protected sites such as Gmail and Facebook, experts said.
And although the problem seems like a pretty big one with users' personal information and other encrypted data hanging in the balance, Apple own statement to address the problem didn't help the issue. The company wrote that the software "failed to validate the authenticity of the connection."
More on this is expected to arrive shortly.