another reason stick 5.0.1
"you're browsing internet on iphone or ipad when you're prompted personal information. you're no dummy: before enter it, check url bar confirm on trusted site. when you're sure, type in information. careful were, still may have handed sensitive data bad guy.
how possible when you're absolutely you're on trustworthy website? because right can't trust url bar on ios device's mobile safari browser, security exploit.
exploit first discovered david vieira-kurz of majorsecurity. affects mobile safari browser on ios 5.1 , has been tested on iphone 4, iphone 4s, second-generation ipad , third-generation ipad. according vieira-kurz, exploit possible error in how new windows opened using javascript method:
can exploited potentially trick users supplying sensitive information malicious website, because information displayed in address bar can constructed in way, may lead users believe they're visiting website displayed website.
majorsecurity has created demonstration of exploit. can check out following link on device running ios 5.1. after pressing "demo" button on website, see safari open new window displays "http://www.apple.com" in url bar, though website you're viewing hosted on "http://www.majorsecurity.net."
there's no fix issue right now, shouldn't take long apple patch exploit. in meantime, should careful links follow."
http://www.technolog.msnbc.msn.com/...-exploit-lets-hackers-easily-fake-urls-535643
Forums iPhone, iPad, and iPod Touch Jailbreaks and iOS Hacks
- iPhone
- Mac OS & System Software
- iPad
- Apple Watch
- Notebooks
- iTunes
- Apple ID
- iCloud
- Desktop Computers
- Apple Music
- Professional Applications
- iPod
- iWork
- Apple TV
- iLife
- Wireless
No comments:
Post a Comment