You probably thinking Apple security is trustworthy; but do you ask your self how much I’m I trusting this company with? I mean Face ID is cool and all. I get it it is cool to send someone an animation of you as a monkey; but do you really trust them with your face? or fingerprint?
Well, Apple security is not doing their best this week considering that Face ID and the neglect on their behalf; when it comes to fixing certain bug issues. This one is pretty serious and if you are one of the 1.4 billion people who own an i phone; this might be something you must know.
Check Point the world-leading provider of generation V cybersecurity; made an announcement that they now have a way to hack into any IOS device. From IOS 8 to the beta version of IOS 13 which is more than eight iPhone generations of weak apple security.
The loophole is in the built-in contacts app; which runs on the standard known “SQLite database”. Which is pretty much in most devices and it is the standard database; in major operating systems like macOS, Chrome, Safari, Android, Windows 10. The issue with the contact app is that whenever the search is active the program produces a vulnerable code.
Problem is that this issue exists for a while now almost four years; it is just that Apple security never put any effort into resolving the issue. This only an issue when the program arbitrary SQL is from an untrusted source; like when you download apps from a browser rather than apple store, which is why they are slacking on it; but since IOS doesn’t have unknown apps it is not much of a threat.
But Check Point’s people were able to make a trusted app; and put it on the App Store that can activate this loophole. Apple selling point it their security so they probably should put more effort into closing these loopholes.