iTunes Flaw Allowed Spying On Dissidents 82
Hugh Pickens writes writes "Democracy and free speech activists worldwide have something new to worry about — cyberwarfare via iTunes. The Telegraph reports that Gamma International sells computer hacking services to governments, offering 'zero day' security flaws that allow access to target computers 'with the ability to take control of the target systems functions to the point of capturing encrypted data and communications.' FinFisher spyware, known to be used by British agencies and offered to Egypt's feared secret police, takes advantage of an unencrypted HTTP request that is filed by iTunes when Apple Software Updater is inactive. It redirects users' web browsers to a customized web page that pretends Flash is not installed on the user's computer, then installs a sophisticated piece of spyware that sends info on a user's activities directly to foreign intelligence services. The latest iTunes software update, 10.5.1, released on November 14, appears to have fixed the exploit FinFisher used. A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet Apple 'waited more than 1,200 days to fix the flaw,' writes security researcher Brian Krebs."
Conspiracy! (Score:5, Funny)
Re:Conspiracy! (Score:5, Funny)
An amazing way to exploit software that is ubiquitous on many computers. Let's start the conspiracy now that Apple are told by governments not to fix a bug until they find a better 0Day to exploit.
You are obviously a government schill who has posed this as a "Lets start a conspiracy" to throw people of the fact that this is exactly what happened.
Re:Conspiracy! (Score:5, Funny)
In America
You write haiku, in Russia
The Haiku writes YOU
Proof (Score:5, Funny)
Yet another proof that Flash is dangerous! /duck
Seriously? (Score:3, Funny)
Apple software that redirects you to a webpage where it requests to install Flash Player?
That's like Toyota's website sending you to a page about the Honda Civic.
The flaw may be with iTunes but the spying is done by trojan spyware that passes itself as Flash player. The title of this thing is obviously anti-Apple bashing at its finest.
1,200 days? (Score:5, Funny)
Apple 'waited more than 1,200 days to fix the flaw
It's even worse than that
The waited more than a HUNDRED MILLION seconds.
I guess "more than three years" does not cut it anymore.