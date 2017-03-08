Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Operating Systems Security Government IOS Privacy Software Apple Hardware Technology

Apple Says It's Already Fixed Many WikiLeaks Security Issues (usatoday.com) 29

Posted by BeauHD from the one-step-ahead-of-you dept.
An anonymous reader quotes a report from USA Today: Apple says many of the vulnerabilities to its devices and software that came to light in WikiLeaks' revelations of CIA cyber weapons were already fixed in its latest updates. Late Tuesday, Apple emailed the following statement to USA TODAY: "Apple is deeply committed to safeguarding our customers' privacy and security. The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest OS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates." For its part, Samsung emailed its own statement Wednesday: "Protecting consumers' privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter."

Apple Says It's Already Fixed Many WikiLeaks Security Issues More | Reply

Apple Says It's Already Fixed Many WikiLeaks Security Issues

Comments Filter:

  • Good. (Score:3)

    by BronsCon ( 927697 ) <social@bronstrup.com> on Wednesday March 08, 2017 @05:04PM (#54002633) Journal
    I'm glad to see positive response across the board, from Apple, Samsung, and I'm sure others. Especially Apple and Samsung, though, as I have many devices from both of them in my home.

    • Re: (Score:1, Insightful)

      by fustakrakich ( 1673220 )

      "Apple is deeply committed to safeguarding our customers' privacy and security..."

      "Protecting consumers' privacy and the security of our devices is a top priority at Samsung."

      Always with the boilerplate response. Bullshit is the new sublime

    • I'm glad to see positive response across the board, from Apple, Samsung, and I'm sure others. Especially Apple and Samsung, though, as I have many devices from both of them in my home.

      Keep an eye out for updates on "Unlocked" Phones that have switched networks. For some insane reason phones are marketed as "unlocked" when they can be used on another carrier's network, but *the security updates don't work* if you use them on the other network. These should probably be considered unmarketable and therefore not unlocked--and there should be a convenient way to pull signed security updates from the manufacturer instead of the carrier. Samsung and Apple issuing patches doesn't help if Veriz

      • You can often get updates direct from the manufacturer for Android phones; you just don't get them OTA. Even if not made generally available, they're more than happy to supply them to you if you call in and tell them you've managed to brick your firmware and need a factory image to restore from. thus far, I've been able to get them one way or another from Motorola (both pre- and post-acquisition), HTC, LG, and Samsung. I haven't yet not been able to get updates directly from a manufacturer.

    • Re: (Score:1)

      by Gr8Apes ( 679165 )
      Having both, I keep my Apple devices updated, and my Samsung devices disconnected from the internet. Why, because only 1 of my Samsung devices is still supported by Samsung, as most are more than 18 months old and therefore unsupported.
      • I tend not to keep devices for that long, save for my TV which is going on 6 years now, so that's not really a concern for me. In fact, this is the longest I've kept a cell phone in nearly 2 decades. I won't disagree that it can be an issue for others, though.

  • And we believe them... (Score:1)

    by Anonymous Coward

    why? Because they don't opensource a thing.

    • Re: (Score:2)

      by tlhIngan ( 30335 )

      why? Because they don't opensource a thing.

      Because it's testable? The vulnerabilities are known now. You can easily take an iOS device, update it and test to see how many vulnerabilities are fixed and how many are still open.

      And Apple opensources the core - the kernel and low level code is open source. Not that it means it's bug free (Heartbleed anyone? Shellshock?) since many can exist for years before discovery and exploit.

      See the open source stuff for Apple here: https://opensource.apple.com/ [apple.com]

  • Not Buying It (Score:4, Insightful)

    by PeteJanda ( 1481299 ) on Wednesday March 08, 2017 @05:10PM (#54002657)
    Anyone other than me believe that Apple, Samsung et al. (at a minimum) didn't look the other way before the Wikileaks dump? The OS-level issues really were unknowns for a long enough time that the CIA and other agencies could develop and deploy a playbook for hacking high value targets? What about the other elephant in the room... firmware?

    • Re: Not Buying It (Score:1)

      by Anonymous Coward

      CIA et al didn't develop this. They bought them from black hats.

    • Re: (Score:1)

      by Anonymous Coward

      According to the Apple announcement, the vulnerabilities were patched prior to the leak, so your insinuation doesn't fit with the facts.

      • According to the Apple announcement, the vulnerabilities were patched prior to the leak... What 'facts' are you talking about?

        • Re: (Score:3)

          by larkost ( 79011 )

          That would be pretty silly for Apple, since now anyone who cares to download and figure out the exploits can test them for themselves. Someone checking them on this would be easy, and a huge black eye for Apple. You really are off into conspiracy theory territory.

      • Which could have been just after they were tipped off rhat they were going to be leaked.

    • Anyone other than me believe that Apple, Samsung et al. (at a minimum) didn't look the other way before the Wikileaks dump?

      Nope.

      Just you.

    • Re: (Score:1)

      by Anonymous Coward

      > What about the other elephant in the room... firmware?

      I honestly wonder if Intel's IME & AMD's equivalent wasn't designed by the government. Hmm, so you have a processor on my processor that's totally a black box and it can control the entire machine? Who here doesn't believe they own that thing completely?

    • Re: (Score:2)

      by AHuxley ( 892839 )
      The crypto held as so many smart people around the world use it and international conferences have faith in quality crypto.
      Re "The OS-level issues really were unknowns for a long enough time that the CIA and other agencies could develop and deploy a playbook for hacking high value targets? What about the other elephant in the room... firmware?"
      The trendy device is the "elephant in the room". Interesting people want to carry and be seen with a US designed device. A powered device with a mic, camera, gps,

  • Since the CIA & FBI are keeping the vulnerabilities they find secret, these companies just need to start planting spies in the CIA & FBI to find out what bugs they have on their software.

Slashdot Top Deals

There must be more to life than having everything. -- Maurice Sendak

Close