Why Apple's Huge Security Flaw is So Scary

By Brian Barrett on at

On Friday, Apple quietly released iOS 7.0.6, explaining in a brief release note that it fixed a bug in which "an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS." That's the understated version. Another way to put it? Update your iPhone right now.

Oh, and by the way, OS X has the same issues—except there's no fix out yet.

If you understand what that release note meant in full, chances are you were first in line for the iOS update. If it means nothing to you, here's what the implications are for your Apple devices.

SSL stands for Secure Sockets Layer, and it's what helps ensure that communication between your browser and your favourite websites' servers remains private and secure. TLS, or Transport Layer Security, is a more recent protocol that does essentially the same. In brief, SSL/TLS is a cryptographic key that lets the Safari and a server know they are who they say they are, a secret digital handshake that keeps your financial information safe when you make an Amazon payment, for instance.

This all happens in the background; your only direct interaction with SSL/TLS is when you notice the lock icon in your search bar has clamped shut. That means you've got a direct, private, secure line.

The Apple bug in question—which, again, has been patched in iOS but not yet in OS X—means that Safari can't actually know for sure if the servers it's talking to are who they say they are. Which leaves you and everything you transmit over the web vulnerable to a Man in the Middle attack.

A Man in the Middle Attack, which we'll call MitM from here for brevity's sake, is basically high-tech eavesdropping. An MitM attacker intercepts the communication between your browser and a site, monitoring, recording, seeing everything that transpires between you.

Gmail. Facebook. Financial transactions. Match.com flirting. All of it read, in real-time, by a complete stranger. Here it is in oversimplified chart form:

Why Apple's Huge Security Flaw Is So Scary

Normally attacks like this are are foiled by SSL/TLS (encrypted handshakes are hard to get between), or at least rendered too difficult to be worth it. But this Apple bug makes it painfully easy. That "privileged network position" an attacker needs to be in, referenced in the release notes? That just means he's in the same Starbucks as you.

And this has been going on since September. Of 2012.

If you're still scratching your head over what all of this means and how bad it is, the simplest way to explain it is that developers who understand it deeply weren't even willing to talk about it openly, for fear of giving hackers more ammunition than they already had:

That same Matthew Green, a Johns Hopkins cryptography professor, also explained to Reuters that it was "as bad as you could imagine, that's all I can say." So there you go.

You can afford to take a little bit of a deep breath; obviously there's not a hacker lurking in every coffee shop, and your personal information is never as interesting to others as you think it is. And if you've updated your iPhone or iPad to 7.0.6, you're fine.

But knowing that that this has been going on for a year and a half is troubling just on principle. And knowing that it's been this widely publicised and hasn't yet been fixed for MacBooks means it's worth taking extra precaution.

Nobody knows how exactly it came to happen, and Apple's understandably not saying. But theories range from the plausible to the tinfoil hatted. Let's start with what probably happened and work our way up.

Google's Adam Langley detailed the specifics of the bug in his personal blog, if you're looking to stare at some code. But essentially, it comes down to one simple extra line out of nearly 2,000. As ZDNet points out, one extra "goto fail;" statement tucked in about a third of the way means that the SSL verification will go through in almost every case, regardless of if the keys match up or not.

Langley's take, and the most plausible? That it could have happened to anybody:

This sort of subtle bug deep in the code is a nightmare. I believe that it's just a mistake and I feel very bad for whomever might have slipped in an editor and created it.

It doesn't take too much of a stretch of the imagination, though, to draw a few shaky lines between this bug and the NSA's PRISM programme. No less an Apple devotee than John Gruber did just that last night, pointing out that the "goto fail;" command first snuck into iOS 6.0, which shipped just a month before Apple was reportedly added to the spy agency's info-snooping PRISM program.

If you want to go full tinfoil hat based on that timing, you're welcome to, but it's highly unlikely that Apple intentionally added this bit of code. What's more plausible? That the NSA found out about it before Apple did, and secretly exploited it for its PRISM purposes.

If you're on an iOS device, you need to download 7.0.6 immediately. If you've got a 3GS or an old iPod touch, you can download iOS 6.1.6 instead. And if you were looking for an indication of just how seriously Apple is taking this, the fact that they're supporting an iOS version that they are incredibly eager to phase out should be as good an indicator as any.

So far, though, you're out of luck if you're on OS X. The vulnerability is still there, and now that it's been widely publicised, bad guys are going to be keen to take advantage while they can. There's an unofficial patch floating out there, but please know that it's not for beginners. Your best option in the meantime is to make sure you stay on secured networks. And to hope that the next update is right around the corner.

Top image credit: Twitter

MitM diagram: Wiki Commons/Miraceti