The security vulnerability has been revealed through a new blog post from Google’s Project Zero team member Ian Beer. The post describes a small group of websites that were likely visited thousands of times a week; when users visited the sites on iPhone browsers, malicious code on the sites would seek to gain access to their iPhone devices, and, if successful, install code that would enable the theft of files and the monitoring of location data.
For Apple, the security vulnerability’s revelation is especially embarrassing given the company’s emphasis on strong security and privacy protections for its devices’ users. And it both highlights and undercuts the value of the kind of sophisticated biometric security measures that Apple has implemented for user authentication: On the one hand, a 3D facial recognition system like the iPhone’s Face ID offers no protection against malware designed to quietly infect the device while it’s in use; yet at the same time, Face ID and other forms of biometric authentication can help to keep digital accounts secure even if the passwords in a user’s Keychain have been compromised.
read more at https://findbiometrics.com/security-vulnerabilities-left-iphone-users-open-attack-google-researchers-083011/
Recent Comments