Half of All iPhones Are Insecure

According to researchers at the security firm Duo Labs, 50% of all iPhones are running an old OS with known vulnerabilities that could compromise a corporate network. Duo's program manager Mike Hanley writes in his blog that half of all iPhones are running iOS version 8.3 or lower. By the standards of many cellphone users, version 8.3 is relatively recent (it was released only five months ago); however, users with version 8.3 are missing more than 100 security updates that have appeared in versions 8.4 and 8.4.1.

According to Manley, two vulnerabilities patched in version 8.4.1 are particularly important: the Ins0mnia bug, which lets the attacker steal data and drain batteries, and Quicksand, which "exposed enterprise credentials and sensitive configuration details … ."

Thirty-one percent of all iPhones are running version 8.2 or lower and are missing patches for 160 or more vulnerabilities. The report also points out that 20 million iPhones in the world today can't even receive updates because they are too old and the hardware is no longer supported. The end of support for Windows XP received detailed coverage in the press, but the gradual phase-out of security support for smartphone hardware often goes unnoticed.

Users, and especially corporate admins who support iPhone and Android devices, are encouraged to rid their networks of phones that can't be patched and to make sure the patchable phones are patched regularly. Manley adds that smartphones are often clogged with videos, photos, and music files, and the lack of available free space slows the update process. Clearing some space can often make the update faster and, therefore, less disruptive for the user.

More Online

Linux Magazine


Off the Beat * Bruce Byfield

The Rise of Open Hardware

Free and open source software has a long list of accomplishments to its name. However, when the history of technology comes to be written, the greatest of those accomplishments might be inspiring open hardware. It might even be that open hardware will eventually become even more successful and influential than free software itself.

Microsoft and Linux Detente

For as long as I can remember, Linux and Microsoft have indulged in mutual paranoia. So, naturally, when the news broke this morning that Microsoft had developed what seems to be a Linux-based operating system to assist Azure, social media was full of the story. It was a typical story of its kind: A vague muddle of one-upmanship and the memory of past wrongs, and all I could do was yawn and wish that everyone would get over it. The news is at least 10 years too little and too late.

Apache OpenOffice: Not Dead Yet

It's taken a year, but Apache OpenOffice finally seems to be moving forward. However, whether the progress will be enough to make the project a success remains impossible to predict.

Productivity Sauce * Dmitri Popov

UrlHosted: Publish Content through URLs

Sometimes you need to share a text snippet or a blog post quickly without going through the rigmarole of dealing with a full-blown web publishing platform. In this situation, UrlHosted can come in rather handy.

A Foto Finder: A Lightning Fast Photo Browser for Android

When you have thousands of photos on your Android device, you might want to use something more speedy and efficient than Android's default photo gallery app. In this case, A Foto Finder might be just the tool you need.

Instant Web Stats with GoAccess

A web log analyzer can come in rather useful when you run a web server on your own host. And if you need an uncomplicated and easy-to-deploy web log analyzer, GoAccess is what you need. This tool runs in the terminal and provides real-time web log analysis.


Improved Performance with Parallel I/OJeff Layton

Understanding the I/O pattern of your application is the starting point for improving its I/O performance, especially if I/O is a fairly large part of your application's run time.

ADMIN Online

LDAP Integration with Popular Groupware Suites * Andrej Radonic

Your LDAP directory holds user data for the whole network. Why not save time and avoid duplication by integrating the LDAP directory with your groupware environment?

The Aurora Mesos Framework * Udo Seidel

Apache Aurora is a service daemon built for the data center.

Handy Windows Tools for Sniffing Network Traffic * Thomas Joos

You don't need expensive software to study the traffic on your network. We look at some handy sniffers for Windows environments, including SmartSniff, SniffPass, Open Visual Traceroute, and Microsoft Message Analyzer.

Shell Practice: Introduction to the sed Stream Editor * Harald Zisler

With sed, you can edit text data without an interactive user interface, using pipes, or input redirection. Sed lets you execute extensive editing commands on a single line.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More