As reported on techreport.com, yet another vulnerability has been discovered within ios8 and this time it is within the mail application. It was discovered back in January in ios version 8.1.2 by security researcher Jan Souček, who promptly reported it to Apple. Almost 5 months later, this vulnerability still remains as Apple didn’t fix it even though they have released several updates.
In the ios 8 mail app, there is a serious flaw in the way it handles inline HTML. It enables various simulated pop-up login pages such as iCloud, Facebook and many others to be loaded by a would be attacker. Once the user enters his or her credentials, the hacker now has the information to gain access to his or her account.
We understand that bugs can occur in software, but the fact that it was reported to Apple in January and almost 5 months later they have not fixed it is inexcusable. On the Apple.com website on its privacy page, there is a message from CEO Tim Cook that includes the following statement:
Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay.
Unfortunately this does not seem to be the case where Apple is concerned!
For those ios 8 users who really value security and are frustrated by Apple’s slow response to fix these vulnerabilities, now is the time to come #BackToBlack. BlackBerry has a reputation of having the “gold standard” for security and you can rest assured that they will not leave you open to vulnerabilities such as the one plaguing the ios8 mail app for almost 5 months.
Do yourself a favor and put that iDevice in the bin or sell it on eBay and replace it with a BlackBerry 10 device. You will be glad that you did