iPad Security

Earlier this week it came to light that a widely used encryption software, OpenSSL, has a major security flaw, now known as Heartbleed. Apple today announced that iOS, OSX and other key web services were not affected by the vulnerability.

Heartbleed was discovered independently by a team of security engineers at Codenomicon and by Neel Mehta of Google Security, both of whom reported it to the OpenSSL team. Officially designated as CVE-2014-0160, the Heartbleed bug allows hackers to steal information that would otherwise be encrypted by OpenSSL, the most popular open source cryptographic library used to encrypt internet traffic. At risk are security keys, usernames, passwords, emails, instant messages and documents among other pieces of

9to5Mac discovered a Smart Cover flaw that allows strangers to access your password protected iPad 2. Thankfully the bug doesn't grant the person complete control over your device, but they could steal your personal information if the conditions are right. The Smart Cover enables someone to bypass your password and unlock the last app you used before turning off the device.

For example, if you were using Contacts before you put your iPad to sleep, a person could unlock your device and access all the information. 9to5Mac recreated the flaw in the video below.

Here's how to recreate it yourself. Make sure your iPad is password protected. Lock the device and hold down the power button until it reaches the turn off slider screen. Close and reopen the Smart Cover. Hit the cancel button at the bottom of the screen. You should have access to the last app you used without entering your password.

You may have read some PDF files on your iPad. Well as it turns out, Apple has just released a fix for a pretty serious PDF security hole on the iPad. iOS version 3.2.2 does have one side effect: it makes JailbreakMe 2.0 unusable. The reason for this is that Dev-Team developers used the PDF exploit to make jailbreaking your iPad through the Safari browser possible.

Problem is that since Apple released a fix for the bug to protect everyone who opens PDF files through Safari, Comex has released the source code of the exploit to the public. What does this mean? It means that malicious code can easily be crafted to break into iPads running firmware 3.2.1 or earlier.

Now that there are three million iPads in the wild around the world, users are anxiously waiting for all of the updated features available in iOS 4 such as multitasking and folders. Apple has already announced that the firmware update will come to the iPad in Fall 2010. This latest mobile operating system launched on June 21 for late-model iPhone and iPod Touch owners.

What iPad fans might not realize is that the latest update to Apple's firmware patches a record 65 security holes and bugs. iPhone OS 3.0 fixed 46 different operating system vulnerabilities when it was launched around a year ago. Approximately half of the patches delivered with iOS 4 corrected serious issues.