In a private interview today, WikiLeaks founder Julian Assange claimed that there is a security flaw built into Apple’s iTunes software that allows surveillance companies to take control of any computer running iTunes, adding that this is one of several techniques that governments are using to surveil the public.
The allegation appears to be based on a report from last month that iTunes had an unencrypted HTTP request when it was running and Apple Software Updater is inactive. Security companies were using this HTTP request to open a website that pretended Flash is not installed, then tried to trick the user into installing spyware on their computers.
Technically speaking the flaw was not a foolproof “back door” but rather a method to attempt a social engineering hack on a remote computer. Still, the flaw is common enough that it was used in several high profile spyware packages, including the one used by both the British and Egyptian spy agencies.
In the end, however, Assange’s warning came a bit late. Even though the bug has been known about in security circles for years, and Apple was reportedly warned about it in 2008, it was left unfixed for years. Still, Apple finally got on the ball in this case, and the 10.5.1 version released in mid-November finally fixed the security hole.
Last 5 posts by Jason Ditz
- US Claims ISIS 'Rebuilding' in Syria as Turkey Invasion Distracts From Fight - March 19th, 2018
- Turkey's Erdogan Vows Wider Offensive Against US-Backed Syrian Kurds - March 19th, 2018
- Russia Demands British Apology as EU, NATO Express Solidarity With Britain - March 19th, 2018
- Trump, Kim Summit Likely to Be Held in DMZ Village - March 19th, 2018
- Afghan Special Forces Slaughter Farmers in Chaotic Errant Attack - March 19th, 2018