“As a result, attackers with the ability to manipulate the traffic passing between the end user and the server—say, an adversary on the same Wi-Fi network—can inject malicious code into the communication,” Goodin reports. “A security engineer who goes by the name Radek said that the attack is viable on both the current El Capitan Mac platform and its predecessor Yosemite.”
“The challenge many app developers have in plugging the security hole, combined with the difficulty end users have in knowing which apps are vulnerable, makes this a vexing problem to solve. People who aren’t sure if an app on their Mac is safe should consider avoiding unsecured Wi-Fi networks or using a virtual private network when doing so,” Goodin reports. “Even then, it will still be possible to exploit vulnerable apps, but the attackers would have to be government spies or rogue telecom employees with access to a phone network or Internet backbone.”
Read more in the full article here.
MacDailyNews Take: Yes, use a VPN when using public Wi-Fi networks (see related articles below). Or tether to your iPhone if at all possible.
Why you should avoid free VPNs – January 29, 2016
How to easily turn that old Mac into an inexpensive personal VPN – November 19, 2015
How and why you should use a VPN to protect your data’s final mile – January 16, 2015