«
»

Another Apple Security Flaw Found…. This Time In HomeKit

9to5mac is reporting that yet another security hole in an Apple product has been found. This time it’s the HomeKit framework when used with the recently released iOS 11.2. The flaw allowed remote access by those of ill intent to HomeKit devices. So a real world example of this that the miscreant could say, unlock your doors if you had HomeKit compatible smart locks, and then disable your security cameras if you had HomeKit compatible security cameras before pillaging your home.

Clearly this was not a trivial issue.

However, the only good news out of all of this is that Apple has fixed most of the problem as I type this. Some of the fixes are coming on the server side of the fence. The rest of the fixes will show up in a iOS update that is coming next week. The only catch is that remote access for HomeKit users is disabled until that iOS update comes out.

At this point you have to ask yourself what has gone wrong with Apple’s QA as this highlights what I said about it being an #EpicFail. It never used to be this bad and we’ve now had over a week of solid security issues that are hitting the news. Clearly Apple has dropped the ball in a big way and they really need to pull up their socks or they’ll be ridiculed like Microsoft was in the early 2000’s when they went through their security nightmare.

This entry was posted on December 7, 2017 at 8:21 pm and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Another Apple Security Flaw Found…. This Time In HomeKit”

  1. Apple Releases iOS & tvOS Update That Fully Fixes HomeKit Exploit | The IT Nerd Says:
    December 13, 2017 at 1:19 pm

    […] you use HomeKit devices, then you’re aware of a HomeKit bug that was disclosed and partially fixed last week that would give the bad guys remote access to your HomeKit devices. For example, they could unlock […]

    Reply
  2. 2017: Year In Review | The IT Nerd Says:
    December 30, 2017 at 9:01 am

    […] anyone could get root access to a Mac with ease (though that was fixed within a day), followed by vulnerabilities in HomeKit, not to mention numerous other high profile and embarrassing bugs in a variety of Apple products […]

    Reply
  3. What I Would Do To Fix Apple’s Quality Problems | The IT Nerd Says:
    January 11, 2018 at 9:30 am

    […] could get root access to a Mac with ease (though that was fixed within a day), followed by vulnerabilities in HomeKit, not to mention numerous other high profile and embarrassing bugs in a variety of Apple […]

    Reply
  4. Apple Previews iOS 11.3…. Which Includes The “Batterygate” Fix & More Security For HomeKit | The IT Nerd Says:
    January 24, 2018 at 11:15 am

    […] to existing accessories while protecting privacy and security. This is likely a response to the HomeKit vulnerability that was discovered a few weeks ago. That suggests to me that Apple did a rethink of how HomeKit worked to avoid that situation from […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading