Apple, the tech company whose fans think they are the Osmonds of Silicon Valley, has stumbled yet again. This time they got busted with another bug that affects all iPhones ever made but that’s not all. You see, Apple has known about the bug for over four years and never fixed it.
As usual, Apple waits until an ethical hacker or media coverage brings software bugs to their attention. Apple then will occasionally and reluctantly admit there is a problem. Only then will Apple direct resources to plug the hole—fixing it is another proposition entirely.
This week at the Def Con hacking conference, Check Point revealed that they have found a vulnerability inside the Contacts app that affects all the iPhones. The surprising aspect is that Apple knew about it for at least 4 years but didn’t fix the bug.
Newly discovered vulnerability affects all the iPhones
The security firm noted that the app uses SQLite database engine which can be exploited easily to run malicious scripts. According to a report published by the security firm, researchers bypassed Apple’s trusted secure boot mechanism and gained administrative rights.
The article concludes by saying the hackers “… already forwarded the details to Apple so the company can finally patch the bug.” If Apple has known about this for four years why do the hackers have to send any details to Apple?
Apple’s reputation as a secure platform is an illusion that they have created by never admitting wrong doing. Only when they are outed do things get looked at. Their usual response is, “nothing to see here move along.”
In other bad news, Bloomberg posted a story that the Federal Aviation Administration (FAA) announced that 15-inch MacBook Pro laptops with batteries made between September 2015 and February 2017 are banned from air travel. The batteries are a fire hazard. Link here.
FYI This is the same line of laptops that Apple is moving manufacturing from the United States to China. Link here.