Another Apple Security Flaw Found…. This Time In HomeKit

9to5mac is reporting that yet another security hole in an Apple product has been found. This time it’s the HomeKit framework when used with the recently released iOS 11.2. The flaw allowed remote access by those of ill intent to HomeKit devices. So a real world example of this that the miscreant could say, unlock your doors if you had HomeKit compatible smart locks, and then disable your security cameras if you had HomeKit compatible security cameras before pillaging your home.

Clearly this was not a trivial issue.

However, the only good news out of all of this is that Apple has fixed most of the problem as I type this. Some of the fixes are coming on the server side of the fence. The rest of the fixes will show up in a iOS update that is coming next week. The only catch is that remote access for HomeKit users is disabled until that iOS update comes out.

At this point you have to ask yourself what has gone wrong with Apple’s QA as this highlights what I said about it being an #EpicFail. It never used to be this bad and we’ve now had over a week of solid security issues that are hitting the news. Clearly Apple has dropped the ball in a big way and they really need to pull up their socks or they’ll be ridiculed like Microsoft was in the early 2000’s when they went through their security nightmare.

Advertisements

4 Responses to “Another Apple Security Flaw Found…. This Time In HomeKit”

  1. […] you use HomeKit devices, then you’re aware of a HomeKit bug that was disclosed and partially fixed last week that would give the bad guys remote access to your HomeKit devices. For example, they could unlock […]

  2. […] anyone could get root access to a Mac with ease (though that was fixed within a day), followed by vulnerabilities in HomeKit, not to mention numerous other high profile and embarrassing bugs in a variety of Apple products […]

  3. […] could get root access to a Mac with ease (though that was fixed within a day), followed by vulnerabilities in HomeKit, not to mention numerous other high profile and embarrassing bugs in a variety of Apple […]

  4. […] to existing accessories while protecting privacy and security. This is likely a response to the HomeKit vulnerability that was discovered a few weeks ago. That suggests to me that Apple did a rethink of how HomeKit worked to avoid that situation from […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: