900 Million iPhones affected by Updated Apple iOS Warning

You should take note if you or your friends or family is an iPhone user

In April, Apple acknowledged that every iPhone released in the last eight years was vulnerable to remote attacks through the iOS Mail app. There was no mention about the iPad but since both the iPad and iPhone run on very similar architecture and operating system, it makes people wonder if the iPad is also affected too.

ZecOps that discovered the issue

ZecOps, a cybersecurity startup, discovered the vulnerabilities and has broken down its findings in detail.

The MailDemon announcement of the vulnerabilities

iOS Update, But Not For Older iPhones

An Original 2nd Generation iPhone

ZecOps discovered that the vulnerabilities and real-world triggers dating back to 2010 on an original 2G iPhone running iOS3.1.3. Apple will deliver a fix in its new iOS 13.5 update but will not deliver a fix the previous versions of iOS to protect older iPhones that can no longer be updated.

Apple CEO Tim Cook

Apple Downplayed the Severity

At the time of the announcement, Apple acknowledged but downplayed the severity of the vulnerability. Apple claims that there is ‘no evidence’ of exploits despite the apparent vulnerability.

Political Pressure from Germany

Germany’s Federal Office for Information Security (BSI) has issued a statement recommending the removal of the iOS Mail app. BSI President Arne Schönbohm states:

“The BSI assesses these vulnerabilities as particularly critical. It enables the attackers to manipulate large parts of the mail communication on the affected devices. Futhermore, there is currently no patch available. This means that thousands of iPhones and iPads are at acute risk from private individuals, companies and government agencies. We are in contact with Apple and have asked the company to find a solution for the security of their products as soon as possible.” iOS 13.5 cannot arrive soon enough.

What can you do? Is it significant?

The truth of the matter is that Apple has a pretty secure operating system in iOS but that doesn’t mean we should ignore the myriad of threats. Furthermore, Apple can definitely do better. On the other hand, what can we do on our part?

1. Refrain from storing sensitive data in your devices. I believe that there will always be a possibility of the existence of a loophole regardless of the device that you are using. So just be careful.
2. Watch out for fake apps and enable two-factor authentication (2FA) for important apps and transactions. Phishing, malware and physical transpassing access should be of greater concern for normal people like us.

Most of the time, most users are not going to have to worry about this kind of high level, targetted attacks that can only be executed by professionals at a high price. But if you are a very important person, yes, you should worry that information on your phone could potentially be targetted.

Case Study: Jeff Bezos’ iPhone X Hacked

The famous Amazon CEO and founder Jeff Bezos’ iPhone X alleged was hacked at the start of the year after receiving a WhatsApp message laden with code that secretly snatched reams of personal data from the iPhone. To do justice for Apple, this was not completely Apple’s fault but it shows that no phone or electronic device is completely invincible. As long as it is connected to the internet there is a high chance that malicious perpetrators will attempt to exploit possible loopholes or weaknesses.

Also, the irony is Trump claims that Huawei is a security threat when Apple is not in any way fully secured.