iTunes Flaw Allowed Spying On Dissidents

iTunes Flaw Allowed Spying On Dissidents 82

Posted by Soulskill on Friday November 25, 2011 @09:53AM from the but-only-from-a-macbook dept.

Hugh Pickens writes writes "Democracy and free speech activists worldwide have something new to worry about — cyberwarfare via iTunes. The Telegraph reports that Gamma International sells computer hacking services to governments, offering 'zero day' security flaws that allow access to target computers 'with the ability to take control of the target systems functions to the point of capturing encrypted data and communications.' FinFisher spyware, known to be used by British agencies and offered to Egypt's feared secret police, takes advantage of an unencrypted HTTP request that is filed by iTunes when Apple Software Updater is inactive. It redirects users' web browsers to a customized web page that pretends Flash is not installed on the user's computer, then installs a sophisticated piece of spyware that sends info on a user's activities directly to foreign intelligence services. The latest iTunes software update, 10.5.1, released on November 14, appears to have fixed the exploit FinFisher used. A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet Apple 'waited more than 1,200 days to fix the flaw,' writes security researcher Brian Krebs."

iTunes Flaw Allowed Spying On Dissidents

This discussion has been archived. No new comments can be posted.

Search 82 Comments Log In/Create an Account

Comments Filter:

Conspiracy! (Score:5, Funny)

by ryanmcdonough ( 2430374 ) writes: on Friday November 25, 2011 @09:59AM (#38164994)

An amazing way to exploit software that is ubiquitous on many computers. Let's start the conspiracy now that Apple are told by governments not to fix a bug until they find a better 0Day to exploit.

Re:Conspiracy! (Score:5, Funny)

by Chrisq ( 894406 ) writes: on Friday November 25, 2011 @10:02AM (#38165008)

An amazing way to exploit software that is ubiquitous on many computers. Let's start the conspiracy now that Apple are told by governments not to fix a bug until they find a better 0Day to exploit.
You are obviously a government schill who has posed this as a "Lets start a conspiracy" to throw people of the fact that this is exactly what happened.

Re:Conspiracy! (Score:5, Funny)

by Yvan256 ( 722131 ) writes: on Friday November 25, 2011 @10:28AM (#38165124) Homepage Journal

In America
You write haiku, in Russia
The Haiku writes YOU

Proof (Score:5, Funny)

by Yvan256 ( 722131 ) writes: on Friday November 25, 2011 @10:30AM (#38165142) Homepage Journal

Yet another proof that Flash is dangerous! /duck

Seriously? (Score:3, Funny)

by Anonymous Coward writes: on Friday November 25, 2011 @11:24AM (#38165500)

Apple software that redirects you to a webpage where it requests to install Flash Player?
That's like Toyota's website sending you to a page about the Honda Civic.
The flaw may be with iTunes but the spying is done by trojan spyware that passes itself as Flash player. The title of this thing is obviously anti-Apple bashing at its finest.

1,200 days? (Score:5, Funny)

by alexo ( 9335 ) writes: on Friday November 25, 2011 @11:54AM (#38165824) Journal

Apple 'waited more than 1,200 days to fix the flaw
It's even worse than that
The waited more than a HUNDRED MILLION seconds.
I guess "more than three years" does not cut it anymore.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

iTunes Flaw Allowed Spying On Dissidents 82

iTunes Flaw Allowed Spying On Dissidents More Login

iTunes Flaw Allowed Spying On Dissidents

Conspiracy! (Score:5, Funny)

Re:Conspiracy! (Score:5, Funny)

Re:Conspiracy! (Score:5, Funny)

Proof (Score:5, Funny)

Seriously? (Score:3, Funny)

1,200 days? (Score:5, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot