While Apple’s online services were unaffected by the recent Heartbleed OpenSSL vulnerability, its 2013-model AirPort and Time Capsule base stations were subject to the bug, and could allow for interception of sensitive data for encrypted connections to iCloud services such as Apple’s Back To My Mac feature. Continue reading
If you have not heard of the the recent “Heartbleed” bug, this Web snafu is an oversight in the encryption layer commonly used by many Web sites for security, which allows attackers to exploit security keys and gain access to sensitive data.
The flaw exists in OpenSSL, where in an encrypted connection one computer will send out a heartbeat packet that requests a response from the other, to inform each that the connection is still alive. Continue reading