File photo Kai Jacobson / The Ubyssey
Some time ago, somebody discovered a massive flaw in Apple OS X and iOS’s secure networking protocols. Last week, Apple admitted to this problem in an update to iOS and released a fix for OS X yesterday.
Yawnfest, right? Well, what that really means is that your out-of-date computer could be broadcasting your credit card number and personal information to thieves on campus, without your knowledge.
It’s called a man-in-the-middle attack. In this case, Mac’s are getting a little too friendly, and instead of only shaking hands and sending your credit card information to the place you want it to go, it will shake hands with anybody. All it requires is for the thief to be within wifi range, and they can even pass it on to its intended destination, so you don’t even know it’s happening.
It could also mean the thief could steal your Campus Wide Login (CWL). Even if you don’t care about someone knowing your GPA, this could wreak havoc, especially since your Social Insurance Number, bank account information and address are all accessible via the Student Service Centre (SSC).
UBC would be a perfect place to implement this sort of attack. While the network that most students connect to “ubcsecure” is safe, connecting to “ubcvisitor” could put your information at risk.
Luckily, Apple has quickly patched both OS X and iOS to stop it. So go update your computer for once, this time it’s kind of important. Check your email for how to do it, or follow this link.
