“Early July 2012, I reported to Apple numerous vulnerabilities related to their App Store iOS app. Last week Apple finally issued a fix for it and turned on HTTPS for the App Store,” Elie Bursztein blogs. “I am really happy that my spare-time work pushed Apple to finally enabled HTTPS to protect users.”
Bursztein writes, “The following attacks are carried out by an active network attack that is able to read, intercept and manipulate non-encrypted (HTTP) network traffic. Hence those attacks can be carried on any public Wifi networks including airport or coffee-shops networks. Being on the same networks as the victims is all it takes.”
Much more in the full article here.
MacDailyNews Note: Dr. Elie Bursztein is a research scientist who works at Google’s Mountain View, Calif. headquarters, where he works on methods to fix Internet security and privacy problems.