Oversight in iOS handling of SSL certificates could cause data security problems

Oversight in iOS handling of SSL certificates could cause data security problems

Reports late last month that IT security researchers had discovered a serious flaw in the way Apple's iOS handled SSL certificate validation prompted the company to issue a patch for the issue within days, according to Network World.

Apple's iOS mobile platform - which powers iPod Touch, iPhone and iPad devices - didn't correctly validate all necessary SSL certificates, the tech news publication reported, which would have allowed clever attackers to create their own fake certification and monitor all secured traffic sent from or received by the vulnerable device.

The issue may have been present in the code - and its precursors - for as long as nine years, one mobile executive told Network World, but nobody had bothered to fix it until the exploit was discovered.

While Apple has a solid reputation for data security, some experts say that the lack of high-profile hacks is due more to the dearth of attention paid to the company's devices by cyber criminals than to any inherent property of its products.