By Giacomo Martiradonna Thursday 27 February 2020
A hardware breach put millions of iPhones, iPads, and Macs at risk of a hacker attack. To protect yourself, just install at least one of these versions of iOS and macOS
Surprise. Only today we discover that the Cypress Semiconductor and Broadcom WiFi chips installed on millions of iPhones, iPads and Macs suffering from a hardware flaw could be exploited by an attacker to decrypt sensitive data transmitted over a wireless connection. Just an update to protect yourself.
Activation lock, so much more security that has a cost for the environment
Activation Block A godsend against thieves, but it also has a dark side we never thought about: it can become a problem for the environment. That's why.
The flaw known as Kr00k, and is based on a weakness in the release system from the access point. "If the user's access point or device is vulnerable, pieces of data will be inserted into a transmit buffer and sent." Instead of using the communication encryption key, however, affected devices use a key made entirely of zeros, making it the decryption process is immediate.
Both the chips created by Broadcom and those of Cypress are affected by the defect; and the rip off that such circuits are installed in a large number of trinkets: "From our tests we confirm that, before the software patches, Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi) were affected ), as well as the Asus and Huawei access points. "
The good news is that, before they went public, this information was passed on to producers who got to correct the shot. therefore here's how to protect yourself: just install at least iOS 13.2 and macOS 10.15.1, or later. Any previous version of the software, however, puts you at risk, therefore update immediately.