Close X
Log In
If you are not a member,
register now
Email
Password
Forgot Your Password?
New User? Register now
to gain member-only access to all of IT World Canada's premium content & community portals.
Log in for Full Access |
Log In
|
Subscribe Now!
Follow
IT World Canada
Knowledge Centres
Community
Publications
Events
Services
Media
Communications Infrastructure
•
Carriers and Cellular
•
Networking
•
Voice, Data, and IP
Security
•
Alerts, Patches and Fixes
•
Disaster Recovery
•
Hacking and Viruses
Enterprise Business Applications
•
Business Intelligence
•
Enterprise Resource Planning
•
Open Source and Linux
Enterprise Infrastructure
•
Data Centre
•
Servers and Mainframes
•
Virtualization
Government
•
Case Studies and Best Practices
•
Collaboration
•
Policy
Leadership
•
Budgeting / IT Alignment
•
Industry News
•
Issues for CIOs
Information Architecture
•
Data Warehousing
•
Databases
•
Messaging and Collaboration
Integrating IT
•
Development Environments
•
Middleware - Utilities
•
Project Management
Green IT
•
E-Waste and Recycling
•
Green thinking
IT Workplace
•
Careers and the Job Market
•
Consulting and Contracting
•
Human Resources Issues
•
Women in IT
Departmental and End User Computing
•
Future Technology
•
Help Desk and End-User Support
•
Mobile Applications
All IT World Blogs
Featured Blogs
•
All things Android
•
Career Corner
•
Enterprise Insights
•
Security
ComputerWorld Canada Blogs
•
Shane Schick's Computerworld
•
World Wide Webb
•
Blogosphere
•
Techbuzz
CIO Canada Blogs
•
CIO Canada
•
Candid CIO
NetworkWorld Canada Blogs
•
Network World
•
Industry Watch
Guest Blogs
•
Stuff IT Managers Like
•
CDN Varbose
•
Making IT Work
Wikis
•
IT job Descriptions
•
CWC In Conversation
Groups
•
Finance
CIO Canada
ComputerWorld Canada
Network World Canada
Computer Dealer News
Direction Informatique
IT Business.ca
Click Here to Subscribe Now!
ComputerWorld Canada Events
•
Computerworld Interactive
•
Computerworld IT Leadership Awards
•
Computerworld Technology Insights
Feature Events
•
Visability - Social Media
•
Technicity
Events for Government
•
GovSym Symposium
•
Lac Carling
Computer Dealer News Events
•
CDN Channel Elite Awards
•
CDN Top 100
•
Computer Golf
Events for CIOs
•
CIO Exchange
•
CIO Frankly Speaking Breakfasts
•
CIO Frankly Speaking @ Your Desk
More Information on
IT World Canada Events
IT World Canada Curated
Job and Career Resources
•
Canadian IT Jobs
•
IT Sales Jobs
•
Salary Calculator
•
Tech Learning Space
Knowledge Services
•
CDN ProFIT - Turnkey Marketing solutions
•
Visability
•
Knowledge Store
Subscribe Now- Register
Slide Shows
Videos
White Papers
Webinars
Hot Topics:
analytics
•
Microsoft
•
broadband
•
social networking
•
databases
•
software developers
•
business intelligence
•
Search
SHARE
Home
»
Blogs
»
Security
Advantage Apple – Saves face with timely iPhone patch
Posted
Aug 02 2007, 09:08 AM
by
Joaquim Menezes
By Joaquim P. Menezes -
Whew!
That was a close one…for Apple.
But the company has certainly pulled off a coup, releasing fixes for serious iPhone “vulnerabilities” days after they were first detected.
That's not just significant from
a security perspective, but from a “corporate reputation” standpoint as well.
By releasing the fix before briefings began at the Back Hat Conference in Las Vegas, Nevada (where details of the flaw were disclosed on Thursday) Apple managed to save face big time.
The
exploit, which is delivered via a malicious Web page opened in the Safari browser on the iPhone
was
first reported
by the New York Times on July 23.
And it wasn’t small potatoes.
Detected by researchers working for an ethical hacking firm
Independent Security Evaluators
– the “vulnerability” would enable someone to take control of iPhones through a WiFi connection, or by tricking users to visit a Web site that contained malicious code.
The hacker would then be able to access all the information the iPhone contained.
Initially Apple reps themselves wouldn’t say if the company would be able to deliver a patch before details of the flaw were disclosed at Black Hat.
The fact that the company pulled it off may have something to do with the fact that when notifying Apple of flaw,
Independent Security Evaluators
also proposed a fix.
Apple's fix, however, accomplishes much more than rectifying critical flaws in the handset.
It also searches for and eradicates changes made to the firmware of the phone, according to some hackers – who have sought to unlock the iphone.
Charlie Miller, principal security analyst at
Independent Security Evaluators
provided a detailed disclosure of the exploit at Black Hat on Thursday.
Check out his
Power Point slide deck
as well as
the
technical paper
the company has posted on its Web site
describing the attack.
Tell us what you think by posting a comment below.
Please enable JavaScript to view the
comments powered by Disqus.
blog comments powered by
Disqus
Security
Home
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go
Recent Posts
Pharmaceutical spam hides under Google mask
The new MSRC is a good thing
The upside of G8/G20 for security pros
Still skeptical on cloud security
Want a job with Facebook?
Tags
E-mail accounts
Facebook
Failure
Feature
Federal laws
Feeling
File sharing
Finance
Financial management
Findings
Firefox
Firms
Fixes
Flaws
Fsam
Gamers
Games
Gaming edition
Gartner
Gift card
Google
Microsoft
Risk management
Security
Spam
View more
RSS Feed
Loading...
View more
Archives
February 2011 (1)
July 2010 (1)
June 2010 (1)
May 2010 (1)
April 2010 (1)
February 2010 (1)
January 2010 (3)
November 2009 (4)
October 2009 (5)
September 2009 (10)
August 2009 (9)
July 2009 (13)
June 2009 (11)
May 2009 (3)
April 2009 (15)
March 2009 (5)
February 2009 (5)
January 2009 (4)
December 2008 (3)
November 2008 (6)
September 2008 (7)
August 2008 (10)
July 2008 (4)
June 2008 (3)
May 2008 (5)
April 2008 (4)
February 2008 (1)
January 2008 (2)
December 2007 (2)
November 2007 (1)
October 2007 (3)
September 2007 (4)
August 2007 (11)
July 2007 (8)
Blog Recent Posts
Pharmaceutical spam hides under Google mask
The new MSRC is a good thing
The upside of G8/G20 for security pros
Still skeptical on cloud security
Want a job with Facebook?
Close X