This is very serious. https:// secure protocol will not work due to some bad coding in the OS. Links are in the story:


This week, Apple rushed out a patch for its iOS 7 and iOS 6 operating systems to fix a serious security issue. Before I explain further, let me just say this: If you’ve gotten the prompt to update and you haven’t, do it now. If you’re still running older versions of iOS on your iPhone, iPod, or iPad, update now.

Done? O.K., good.

While you’re at it, go download either Chrome or Firefox for your Mac, and stop using Safari immediately until you see a security update for OS X Mavericks, as well.

[ Updated | Apple issued an update to OS X Mavericks. ]

In a nutshell, Apple has a security hole in both its mobile and desktop operating systems that could let a malicious hacker jump in on what you think is a secure Web transaction if you’re on a public Wi-Fi network like those at a coffee shop, airport or some other location.

Now is a good time. When someone tells you that Chrome is more secure than Safari, that is a serious problem.


Apple’s Serious Security Issue: Update Your iPhone or iPad Immediately (http://bits.blogs.nytimes.com/2014/02/24/apples-serious-security-issue-update-your-iphone-or-ipad-immediately/?src=me)

A bit more...


The vulnerability affects SSL/TLS, or Secure Socket Layer and Transport Layer Security. These are the two technologies that supposedly encrypt the conversation between your browser and the server you’re trying to access when you visit a website. They’re represented by an “https” rather than “http” in your browser’s URL bar, and they’re supposed to mean you’ve got a secure browsing session in effect.

In fact, thanks to this bug, it’s very possible you don’t. The problem lies in validating the security certificates that are sent back and forth when you’re establishing a secure connection. Thanks to this flaw, your browser can’t verify the authenticity of an encryption certificate, meaning someone could easily be pretending to be your bank’s website, your doctor’s office site or a credit card application form.

There are excellent posts here and here about the severity, technicalities and potential of the vulnerability.

From the same link at the NY Times.

Just FYI, the vulnerability only applies to iOS 7 and OS X Mavericks. If you've got older versions of either, you're okay; if not, then you should most definitely update ASAP.

Got an iPad, iPhone or iPod?
Nope.

Samsung S4 clone with Android 4.2.1 on it.

TI-4A