iPhone Update

YOU NEED TO UPDATE YOUR iPhone RIGHT NOW

Apple released an update to the iOS 7 operating system last Friday. It seemed like a minor one, and it barely made a ripple on the Internet. 

But a closer look reveals that the update was prompted by a coding error that left iPhones and iPads (iOS), as well as Macs (OS X), very vulnerable to attacks. (And that's a huge loophole to be speedily filled up or else....).

In other words, if you want your online information to remain secure, update your phone. Like, right now! And pray for a fix for OS X soon.

That’s the short story. 

The long story begins with the brief explanatory note on “Data Security” that Apple released alongside the iOS 7.06 update Friday:

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS.”

NB: SSL- Secure Socket Layer

       TLS: Transport Layer Security

If you’re a normal(neutral) person, you probably have no idea what that means. 

Let me give you a translation:

SSL is short for Secure Sockets Layer. It’s a tool that keeps all the communication between your browser and your websites’ servers private and secure. 

While TLS, or (Transport Layer Security), does pretty much the same thing. 

As you browse, the two work together as cryptographic protocols to make sure the browser and website servers you’re interacting with are legit (i.e. conforming to the rules and it is legal). They’re sort of like a Secret Service detail for your online activity.

SSL/TLS are actively working in the background of your browsing, paving the way for secure transactions whenever you log into Bank-of-America or make a PayPal payment or on any other online payment website. You can tell these systems are working when a little padlock symbol appears in your browser bar to the left of the website URL you’re visiting, like so:

NB: You're on a more secure network connection if the URL of your destination site has its protocol has "https://" and NOT the usual "http://".

The security breach that Apple so nonchalantly revealed on Friday allows “attackers with privileged network positions” to steal any information during your usually protected online banking sessions, or Facebooking, emailing or OkCupiding.ED

Just how “privileged” does a wrongdoer’s “network position” have to be? Well. In order to eavesdrop on your online activity — otherwise known as launching a “man-in-the-middle” attack — she just needs to be on the same cafe’s WiFi network as you. Not cool.

And while Apple has just released a fix for this error in iOS, there’s nothing to stop a man-in-the-middle attack from happening if you’re using OS X. We do expect that very soon, however.

Apple hasn’t offered details on how this actually happened and thus can’t speak to the specific apps affected, but cryptology experts have warned OS X users to avoid using Safari, iCal or any other app that relies on this security system to keep data secure. 

The only thing you can do to avoid an attack while we wait for an update is to remain on secure networks. You might want to avoid connecting to cafe networks and other WiFi hotspots not in your complete control.

If you’re using  a 3GS or an old iPod Touch and don’t have access to the iOS 7 updater, you can download iOS 6.1.6. 

And, for all of you with iOS 7 Apple devices, here’s a reminder of how to get the update right now for your device:

 Go to Settings: (As shown in the picture below)

From there, tap the "General" icon.

And then tap Software Update

 After all these just make sure your device is connected to to the internet via WiFi (or other means) and it is plugged in. 

Then choose the option to update your software. The update might take a while, and like usual updates, it’ll make the device go blank and look dead.So, you got to exercise some patience in here.

Don’t freak out and interrupt it. 

Let it do its thing.

Hope this helps...

Do drop your comments, it is highly appreciated.

Cheers