“Apple makes some of the most user-friendly products on the planet but that sometimes comes at the cost of security,” Thomas Fox-Brewster reports for Forbes.And researchers from Tsinghua University Beijing and Indiana University Bloomington have discovered how to exploit that tradeoff, devising ways to pilfer photos, texts and other data with some clever ‘man-in-the-middle’ attacks that they will detail in full at the Black Hat conference in Las Vegas next week.”
“They focused on Apple’s use of so-called zero-configuration technologies,” Fox-Brewster reports. “These combine the likes of Bluetooth, Airdrop, Bonjour and other wireless systems to quickly pair, and therefore trust, devices on the same network as a user’s iPhone or Mac. For instance, this allows a Mac to quickly sync with an iPhone or a printer.”
Fox-Brewster reports, “For at least the last year, though, the researchers have known there are not enough authentication processes to prevent a hacker from deploying malicious software that pretends to be one of those legitimate devices and thereby steal data.”
Read more in the full article here.
MacDailyNews Take: Excellent find! Every one of these discoveries eventually makes Apple’s operating systems even more secure.