Joseph Menn of Reuters reports:
A major flaw in Apple software for mobile devices could allow hackers to intercept email and other communications that are meant to be encrypted, the company said Friday.
If attackers have access to a user’s network, such as by sharing the same unsecured wireless service offered by a restaurant, they could see or alter exchanges between the user and protected sites such as Gmail and Facebook, experts said.
“It’s as bad as you could imagine, that’s all I can say,” said Johns Hopkins University cryptography professor Matthew Green.
Read more on Reuters.
Update: Matthew Green has tweeted a link to test to see if your device is vulnerable:
Use this link to test if your Apple devices are vulnerable. If you get an SSL error, you’re fine. https://t.co/cgexCvRWa0 via @agl__
— Matthew Green (@matthew_d_green) February 22, 2014