[Cryptography] Applications and libraries...iOS (25, 000 applications)
Tom Mitchell
mitch at niftyegg.com
Mon Apr 27 12:18:25 EDT 2015
Numerous applications all with baked libraries is the IOT
problem space in spades. Phones do have an update process
if and only if the software vendor has an update. Embedded
devices do not go through a central software service and do not
have disclosure regarding library versions or tool kits. I wonder how
quickly this will get cleaned up.
"According to a company called SourceDNA, which tracks the use of
third-party components in mobile apps, more than 25,000 iOS applications
are potentially vulnerable because they use AFNetworking 2.5.2 or older
versions."
http://www.pcworld.com/article/2915192/second-https-snooping-flaw-breaks-security-for-thousands-of-ios-apps.html
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150427/a43139b0/attachment.html>
More information about the cryptography
mailing list