Wednesday, 9 September 2015

Avira Tool For Lost iPhone Logins Sent Over HTTP

A free tool from antivirus company Avira for finding stolen or lost iPhones appeared to send unencrypted passwords over HTTP. This would allow an attacker who get the network traffic could eavesdrop usernames, passwords and other sensitive information.

It discovered security researcher David Coomber. According Coomber were the passwords that the Avira Mobile Security iOS app sent well protected by the weak MD5 algorithm, but would offer no protection against an attacker could sniff network traffic. Mobile Security is an app that allows users to trace five lost or stolen iPhones. Also, users can check via the tool or their e-mail was hacked, the address book or safe and iOS is up to date. Avira was informed on July 17 and published on September 3 version 1.5.11 in which the issue is resolved.

No comments:

Post a Comment