When security firm Sophos noted ProtonMail's post back in March 2020, author John Dunn observed, "At least Apple knows about the issue." Two and a half years on, Apple's awareness looks indistinguishable from ignorance.The Android application has a revamped version in beta too, but that one will take a bit longer to arrive. What's more, Horowitz says that Yegor Sak, the co-founder of VPN service Windscribe, got in touch to say his company is aware of the data leak and has submitted multiple reports to Apple. They have not said anything about a fix." They have not said whether they agree on this being a bug. They have not said whether they tried to recreate the problem.
To date, roughly five weeks later, Apple has said virtually nothing to me. In July, he wrote, "Since then, there have been a number of emails between myself and the company (yes, plain old unencrypted email – no security at all). Horowitz reports emailing Apple about VPN data leakage in May when his post first went up. ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested.Mobile networks really hate Apple's Private Relay: Some folks find iOS privacy feature blocked on their iPhones.Apple sues 'amoral 21st century mercenaries' NSO for infecting iPhones with Pegasus spyware.Microsoft patches the patch that broke VPNs, Hyper-V, and left servers in boot loops.It's the same bunker-mentality communications policy that allowed the company to formulate a CSAM scanning plan for iCloud that blew up in its face once the public got wind of the idea. The Register asked Apple to comment and the company has not responded, which is not completely expected.Īpple's long-standing resistance to engaging with the public, the press, and security community, to respond openly to concerns, and to provide status updates about outstanding issues allows issues like this to fester - until the public clamor grows so loud it cannot be ignored.
Then ten days ago, Horowitz updated his post to confirm that iOS 15.6 – Apple's latest iOS release if you don't count the 15.6.1 update that went out yesterday to patch two zero-day bugs – is still vulnerable. His post includes router log data that demonstrates the data leakage.
0 kommentar(er)
