Apple iTunes flaw ‘allowed government spying for 3 years’

Yet another reason why I think Apple totally sucks. Aside from the fact I can’t build one from off the shelf parts the way I can build a PC.

From The Telegraph UK: http://www.telegraph.co.uk/technology/apple/8912714/Apple-iTunes-flaw-allowed-government-spying-for-3-years.html

An unpatched security flaw in Apple’s iTunes software allowed intelligence agencies and police to hack into users’ computers for more than three years.

By , Technology Correpsondent
24 Nov 2011

A British company called Gamma International marketed hacking software to governments that exploited the vulnerability via a bogus update to iTunes, Apple’s media player, which is installed on more than 250 million machines worldwide.

The hacking software, FinFisher, is used to spy on intelligence targets’ computers. It is known to be used by British agencies and earlier this year records were discovered in abandoned offices of that showed it had been offered to Egypt’s feared secret police.

Apple was informed about the relevant flaw in iTunes in 2008, according to Brian Krebs, a security writer, but did not patch the software until earlier this month, a delay of more than three years.

“A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw,” he said in a blog post.

“The disclosure raises questions about whether and when Apple knew about the Trojan offering, and its timing in choosing to sew up the security hole in this ubiquitous software title.”

On average Apple takes just 91 days to fix security flaws after they are disclosed, Mr Krebs wrote.

Continue reading at:  http://www.telegraph.co.uk/technology/apple/8912714/Apple-iTunes-flaw-allowed-government-spying-for-3-years.html

Posted in Uncategorized. Comments Off on Apple iTunes flaw ‘allowed government spying for 3 years’
%d bloggers like this: