The makers of the popular messaging app Confide said Wednesday it has patched multiple security vulnerabilities that could have allowed hackers to intercept messages sent using its secure end-to-end messaging platform.
Tag Archives: imessage
Apple Patches Serious iMessage Crypto Flaws
Johns Hopkins University researchers disclosed crypto vulnerabilities in iOS that put iMessage security at risk to advanced attackers.
“Unicode of Death†Crashes Your iPhone
The newly discovered security flaw on iOS crashes different messaging apps (like iMessage and your SMS app – basically all apps that use Apple’s CoreText library) on your iPhone and possibly your Apple watch when being sent a specific string of text. In addition to that it causes your mobile to reboot immediately. The bug was first reported on Reddit.com where some people were complaining about it.
According to TheRegister, this is what happens once your mobile receives the message containing the “Unicode of Death”, a string of text including Arabic characters and different symbols: “The bug causes CoreText to access memory that is invalid, which forces the operating system to kill off the currently running program: which could be your text message app, your terminal, or in the case of the notification screen, a core part of the OS.”
And sickestdancer98 from Reddit explains: “I can tell you it is due to how the banner notifications process the Unicode text. The banner briefly attempts to present the incoming text and then “gives up” thus the crash. On a jailbroken device, this ultimately leads to safe mode. However, on a stock iOS device, there is no safe mode hence the respring after the crash. That is why this only happens when you are not in the message because the banner is what truly crashes the entire system. Is this a possible vulnerability? Maybe. Has this been around already? Roughly since iOS 6. Can it be fixed/patched? That, my friends, is up to Apple. I hope I cleared things up a little bit if it did help in anyway, shape, or form.“
Apple is already working on fix which they’ll make available in an upcoming software update. Until then there are a couple of workarounds floating around online, one if them being to just turn off the lock screen notifications for now.
The post “Unicode of Death” Crashes Your iPhone appeared first on Avira Blog.
AirDroid Patches Web App Hijacking Vulnerability
Researchers at Bishop Fox disclose details on a patched authentication vulnerability in the AirDroid web application that could give attackers remote control over Android devices.
5 new iOS 8 features that make your iPhone safer than ever
The recent release of Apple’s iPhone 6 was coupled with the upgrade in software to iOS 8. This new operating system has come with a host of new features including these 5 that will make your phone safer than ever.
The post 5 new iOS 8 features that make your iPhone safer than ever appeared first on We Live Security.