Calling Nelson Muntz, Calling Nelson Muntz:
Not so long ago the U.S Air Force announced that they decided to switch their devices from BlackBerry to iOS and Android.
On Feb 21st an update was pushed out by Apple and several users found something interesting suggesting something went wrong with SSL/TLS in iOS but there was no details.. Over the 22nd more and more people eyed the code to try and find some information and things became even more frightening.
This code is called when the iPhone connects to an encrypted site over SSL, this code is meant to verify that the encryption key is being digitally signed by the operator of the website. Due to the double fail code it essentially skips the final check thus rendering the process a fail… or if you’re checking twitter as of late a #gotofail;
How long has this double goto fail; been around? as result of this double fail in coding it has been speculated that “hackers” have been able to grab Email, Passwords, Financial details among other highly bits of information from iPhone users…. but wait…. there’s more…. it also effected machines running Mac OS X.
This is not so long after Brig. Gen. Kevin Wooton, Communications Director For Air Force Space Command stated regarding the switch over from BlackBerry Devices:
“The pilot tests we have run have shown positive results with the user communities,”
Personally I couldn’t help laugh, don’t get me wrong it is terrible to lose such details no matter your phone of choice but I stifled a laugh or 10+ as this discovery is also only days after BlackBerry issued the statement of :
“The ongoing threat of cyber attacks requires organizations to be vigilant about mobile security. For customers that have the highest security requirements, such as those in government, there is nothing more secure than a BlackBerry device managed by a BlackBerry Enterprise Server.
There is a clear reason why BlackBerry has more government certifications than any other vendor, and the only enterprise mobility management vendor and handset maker to receive the Department of Defense “Authority to Operate” certification. Security is built into everything we do, and we’ve been doing it longer and better than anyone else.
We’ve been a trusted partner to government agencies for more than a decade, and have more than 80,000 BlackBerry devices in DISA alone. Our competitors have not been tested in the field or subjected to the long term rigors of high stress applications, making their security model difficult to trust. BlackBerry remains the best option for governments around the world.”
Statement Sourced from CB
Apparently a fix is being worked on for All Apple Devices.