What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Security flaw in Android, iOS, and Mac

P

pc747

Regular Member
Rescue Squad
hacked-image.jpg

In all the exciting talk about android gaming systems, new phones, smart watches and pocket watches, I have to be a buzz kill and bring down the mood a little. There was a flaw back in the 90s that currently affect Mac, Android, and iOS (I would guess Linux machines since both iOS and Android were not built in the 90s) that forces websites to use a lower grade encryption for HTTPS connections. This exploit could allow hackers to steal personal information and data. Among some of the sites listed are American Express, Bloomberg, Business Insider, Marriott, and Groupon. Apple said they should have a fix out some time this week. Unfortunately Google can not push the fix to all Android devices as they have to deal with manufacturers and carriers.

Source: Security flaw places Android iOS Mac users at risk from hacking on some major websites 9to5Google
 
Hackers will always find ways to hack "same guys who build the system, LOL", once a hole is patched another one pops up, and tomorrows news is...........
 
The only reason 'hackers' do anything anymore: so the press keep talking about them. Ya know for people who want to be sneaky and steal stuff they sure do love publicity.

Anyways, the only shocking thing about this is that it is an exploit from the '90s...Daaaaaaaaaaaaaang. That is going back a ways. C'mon. WINDOWS '95! For shame...for shame.
 
A white hat hacker will hack to find flaws. A black hat hacker usually wants something out of it or is doing something malicious. The lines are crossed often and some remain in the gray area. Hackings is generally good. Because the networks and software we make and maintain are designed by humans, there will always be flaws. Someone needs to find them.
 
grenefroggie said:
A white hat hacker will hack to find flaws. A black hat hacker usually wants something out of it or is doing something malicious. The lines are crossed often and some remain in the gray area. Hackings is generally good. Because the networks and software we make and maintain are designed by humans, there will always be flaws. Someone needs to find them.
Click to expand...

What about the (rumored) flaws that are intentionally put in place for the government?
 
They aren't hackers. The term hacker has been used and abused for a long time now. Kids running scripts they found on the internet call themselves hackers. That is just not the case.

As far as the gov't putting custom firmwares on Cisco routers while in transit, I don't even know what to call it. I promise you they had Cisco's help to do it.
 
grenefroggie said:
They aren't hackers. The term hacker has been used and abused for a long time now. Kids running scripts they found on the internet call themselves hackers. That is just not the case.

As far as the gov't putting custom firmwares on Cisco routers while in transit, I don't even know what to call it. I promise you they had Cisco's help to do it.
Click to expand...
Hacker-White-Hat-vs-Black-Hat.jpg
Good point.

Though they hire hackers.
 
That would be my guess. All of the "back doors" that the gov't has used to "break" in to things would have been a lot more difficult if backbone providers and ISPs didn't just hand over the keys.
 
This exploit was shared privately to all the big software and hosting providers with a time limit to fix before they released the actual hack publicly. Patches are already in the works.
 
grenefroggie said:
They aren't hackers. The term hacker has been used and abused for a long time now. Kids running scripts they found on the internet call themselves hackers. That is just not the case.

As far as the gov't putting custom firmwares on Cisco routers while in transit, I don't even know what to call it. I promise you they had Cisco's help to do it.
Click to expand...
Spot on... Both cases!

I think, therefore I am...
 
CezzBB said:
This exploit was shared privately to all the big software and hosting providers with a time limit to fix before they released the actual hack publicly. Patches are already in the works.
Click to expand...
That is how all exploits should be handled. It is a moral and integrity issue. Exploits should be brought up to the developer/manufacturer/etc. Give them time to make patches and push them. Then announce the exploit. Sadly, this is not always how it works out.

@CezzBB thanks for pointing that out, as I seemed to have missed it.
 
You must log in or register to reply here.

Similar threads

J
Google fixes two serious Android security flaws
Replies
0
Views
3K
Jeffrey
J
C
Security flaw allows hackers to lift data from SD cards in Google handsets.
Replies
9
Views
4K
DroidMastar2
D
W
Android vs. iOS; who has the best security?
Replies
2
Views
3K
WoZzY
W
D
New Security Vulnerability in Android Market, Caught and Squashed by Google
Replies
6
Views
4K
AngryHatter
A
D
Time to Update Flash Again; Google, Microsoft, Twitter & More Scramble to Plug New Security Hole
Replies
1
Views
1K
xsylus
X
Back
Top