Security flaw that iOS 4.3.5 fixed could expose your sensitive data

When Apple released iOS 4.3.5 to address a security vulnerability in its platform, it wasn't exactly clear how big of a hole in the system's defense was being patched. Well, it turns out that the flaw in iOS was a pretty critical one indeed as it would have given an attacker the chance to easily sniff on your sensitive information.

You see, when you use your iPhone or iPad for something that requires your identification, that is usually done over an encrypted connection. Thanks to a tool called sslsniff, a hacker with access to your Internet traffic can read all that encrypted data, assuming that you have not updated to iOS 4.3.5 yet. That includes the username and password for your PayPal or online banking account, Facebook profile, and anything else that requires your log in credentials. What makes the hacker's job even easier is that sslsniff  works without the victim's awareness and can easily determine whether the targeted device is vulnerable or not.

Updating to iOS 4.3.5, or 4.2.9 if you are a Verizon subscriber, is strongly recommended if you use your iDevice for anything beyond making phone calls and sending text messages. As for those who are still holding on to an iPhone 3G or older, a security fix for those handsets will not be made available.

source: Naked Security via PCMag

Get Visible as low as $20/mo for 1 year. Limited time offer with code: FRESHSTART

$20 /mo

$25

$5 off (20%)

Offer Ends 6.1.2026 at 11.59pm ET. New members get $5/mo off the $25/mg Visible plan, $35/mo Visible+ plan, or $45/mo Visible+ Pro plan for the first 12 months. Promo code FRESHSTART required at checkout.

Buy at Visible