Mistakes happen—even at the world’s leading companies—as the raft of security announcements for Microsoft, Apple and Google platforms in recent weeks shows all too well. And so, accepting that, it comes down to what you do when it happens. And Apple is arguably leading the way in the speed and effectiveness of its responses.
On Monday [August 26], Apple released an emergency fix for the iPhone. In a highly-publicized and embarrassing error, the Cupertino tech giant had accidentally reopened a vulnerability in its iOS 12.4 release that enabled a current-generation iPhone to be jailbroken and therefore hacked. Now iOS 12.4.1 slams that particular door shut once again.
The issue for users was that the vulnerability (while open) could allow a dangerous hack to be installed on devices through downloaded apps, with the usual protections to prevent the malware mounting an attack across the device being down.
There was a shock (and some excitement) in the Infosecurity community at such a glaring error from Apple. Yes, the vulnerability leaving devices open to attack was a potential disaster for the company. But the idea of a modern jailbroken iPhone was an unexpected gift for some in the community. A jailbreak had been released very efficiently as soon as Apple left its backdoor open.
Read More
