With great power comes a great big target painted on your security systems. At-least this is how Apple’s experience with security is evolving. Every time it released a security updated, thousands of hackers (for good and bad reasons) begin spending countless hours trying to break through the code. Some do it for the fun of it, others to jail break their devices and let us not forget those who want to steal your personal details or spread malicious bits of code via the Apple devices. Apple’s relatively small team of tech wizards must feel hopeless outnumbered.
A testament to this fact is the recent Apple security update (iOS 4.3.5), which was released only 2 weeks after yet another security updated. The latest one is said to protect the device from “an attacker with a privileged network position” who may be able to “capture or modify data in sessions protected by SSL/TLS”.
According to security experts, this means that an attacker would already need an access to a network in order to control or modify these SSL sessions.
Put together, this means that an attacker could steal all your data while you are innocently surfing the web but only if he already has access to the network that you are working on.
It is highly recommended that you keep your iOS devices updated at all times. Right now, you need to get attach your device to a computer and updated it by clicking “check for updates” via the iTunes button. However, keep in mind that the 4.3.5 version update is meant for the AT&T iPhone 3GS, iPhone 4, iPad, iPad 2 and iPod Touch devices (3rd and 4th generation devices only). Users on the Verizon network will also get the update but it will be labeled as 4.2.10. Due to the nature of the update, this certainly ranks as high-priority.