iTunes Security Flaw allowed Hacking for 3+ Years

Quietlyawesome94

Quietlyawesome94

Well-Known Member
OP
Member
Level 5
Joined
Dec 4, 2010
Messages
1,150
Trophies
1
Location
The Internet
XP
726
Country
United States
An unpatched security flaw in Apple’s iTunes software allowed intelligence agencies and police to hack into users’ computers for more than three years, it’s claimed.
Click to expand...
ipod_web_1770517b.jpg




A British company called Gamma International marketed hacking software to governments that exploited the vulnerability via a bogus update to iTunes, Apple's media player, which is installed on more than 250 million machines worldwide.


The hacking software, FinFisher, is used to spy on intelligence targets’ computers. It is known to be used by British agencies and earlier this year records were discovered in abandoned offices of that showed it had been offered to Egypt’s feared secret police.


Apple was informed about the relevant flaw in iTunes in 2008, according to Brian Krebs, a security writer, but did not patch the software until earlier this month, a delay of more than three years.


"A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw,” he said in a blog post.


"The disclosure raises questions about whether and when Apple knew about the Trojan offering, and its timing in choosing to sew up the security hole in this ubiquitous software title."
Click to expand...



http://www.telegraph.co.uk/technology/apple/8912714/Apple-iTunes-flaw-allowed-government-spying-for-3-years.html
 
jamesaa

jamesaa

The Prince of Insufficient Light
Member
Level 8
Joined
Jan 8, 2006
Messages
677
Trophies
1
XP
1,337
Sounds similar to evilgrade, iTunes was not the only software with this flaw, there was a whole list - most patched the problem quickly, usually through signing updates and using encrypted connections for update checks/downloading, obviously it seems Apple didn't bother.

EDIT:

Foxi4 said:
Helpful Corn said:
Itunes or not the government can always get into your PC
Click to expand...
Challenge accepted.

*Pulls Ze Magic Internet Cable out, starts using a USB stick to copy data over from "clean" computers onto the "Le Dirty" one.*

Hack-proof, baby.
Click to expand...

lol, i hope you seriously don't think that makes you hack proof? It may hinder online attacks, but it certainly won't stop physical access or programs that can transfer their payload from your "clean" computer to your USB drive.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

ArticBase, a tool to broadcast your 3DS games to an emulator, has been released

Emulation  Nintendo ROMs taken down from vimms lair

Gaming  Nintendo Switch 2 OFFICIAL IMAGES LEAKED Mod edit: Confirmed FAKE!

Automated N64 decompiler, RT64

Sony makes 26 billion dollar offer to buy Paramount

Luma 13.11 Just released

Samsung Imposes Questionable Rules on Independent Repair Shops

Homebrew game "Famidash" gets major beta update

General chit-chat
Help Users
  • BigOnYa @ BigOnYa:
    Yea is sad. His 2 movies were good. Informative about our food industry.
  • BigOnYa @ BigOnYa:
    This was one of the craziest movies I've seen about our food industry, lots of stuff I didn't know. A must see. https://youtu.be/OqzjC-ENrl8?si=GYxmdY5nShzGniVi
  • OctoAori20 @ OctoAori20:
    Oh, that dude?
  • SylverReZ @ SylverReZ:
    @The Real Jdbye, https://www.youtube.com/watch?v=XPYgtVHa8NI
     +1
  • OctoAori20 @ OctoAori20:
    I stopped believing or caring about that dude when I found out about some of the more questionable nonsense he did in his life.
  • BigOnYa @ BigOnYa:
    Like what? I didn't know or hear.
  • K3Nv2 @ K3Nv2:
    You mean like every famous person that ever existed
     +1
  • K3Nv2 @ K3Nv2:
    I get so tired of hearing oh I liked him until...
  • OctoAori20 @ OctoAori20:
    I just know dude was a chronic alcoholic and such.
  • BigOnYa @ BigOnYa:
    I've been to his chicken restaurant he started in his 2nd movie, Holy Chicken, was pretty good. It is only 15-20 miles from me in Ohio. It only lasted 1 yr or so then closed tho.
  • OctoAori20 @ OctoAori20:
    There are very few people I just have just an immense dislike of and he's one of those very few people, the only other example is Gene Simmons. My musician uncle on my mother's side of the family actually met Gene once during some event and said he was the most unpleasant person to be around.
  • K3Nv2 @ K3Nv2:
    I met myself once turns out that guy is a giant piece of shit that doesn't deserve any of my respect
  • BigOnYa @ BigOnYa:
    Damn alcoholics! (Sshhh- Opens another beer)
  • OctoAori20 @ OctoAori20:
    Agreed, Ken
  • OctoAori20 @ OctoAori20:
    I can't say I've ever tried even a sip of beer tbh-
  • K3Nv2 @ K3Nv2:
    You met yourself also and is a giant piece of shit?
     +1
  • OctoAori20 @ OctoAori20:
    Then again, I don't think I'd really enjoy it //shrug
  • OctoAori20 @ OctoAori20:
    I'm sure it's an acquired taste :P
  • K3Nv2 @ K3Nv2:
    Poor lad can never enjoy the amazing taste of four loko
     +1
  • BigOnYa @ BigOnYa:
    Root beer is a gateway drink, don't ever try it either.
  • K3Nv2 @ K3Nv2:
    @BigOnYa, don't you love how smooth MD20 is
  • BigOnYa @ BigOnYa:
    Mad dog 20 20? Oh yea fixed the typo. I haven't seen that or had forever. Do they still make it?
  • K3Nv2 @ K3Nv2:
    I think it's why I'm alive
     +1
  • BigOnYa @ BigOnYa:
    What happens if when playing Paper Mario, you start a fire in-game?
  • K3Nv2 @ K3Nv2:
    https://youtu.be/vja8uoOy5XE?si=d2qo7jYK9TiyaOZ2
     +1
    K3Nv2 @ K3Nv2: https://youtu.be/vja8uoOy5XE?si=d2qo7jYK9TiyaOZ2 +1