Gmail users on iOS at risk of data interception2014-07-11 11:09 by Daniela
Tags: Gmail, iOS
Users accessing Gmail on Apple's devices could be at risk of having their data intercepted, a mobile security company said Thursday. Avi Bashan, chief information security officer for Lacoon Mobile Security said that Google has not yet implemented a security technology, known as 'certificate pinning', that would prevent attackers from viewing and modifying encrypted communications exchanged with the Web giant.
According to Bashan, the company notified Google of the problem on 24 February and although Google had recognised, validated and said it would fix the flaw, it remains open. The company published details of the weakness in the hope of pressuring Google into fixing the issue.
Until the time a fix is released, enterprises are advised to check the configuration profiles of devices to ensure they don't include root certificates, ensure that a secure channel like a VPN is used when accessing corporate resources, and perform network and device analysis to detect MitM attacks.
Read more -here-