Gmail For iOS Puts Your Data At Risk
Gmail is one of the most popular email clients around and iOS devices are likewise incredibly prevalent. It stands to reason, then, that millions of individuals access their Gmail accounts on their iPhone or iPad. As Jeremy Kirk reports for Computer World, doing so leaves users vulnerable to data theft.
At issue is a lack of a vital security technology that would keep attackers from spoofing security certificates and gaining access to the encrypted communications being sent through Gmail. Any website or application that has users sending potentially valuable personal information uses digital certificates to encrypt that data. Attackers have been able to fake these certificates, however, and decrypt the data.
Google would be able to put a stop to these man-in-the-middle style of attacks by implementing a technology called certificate “pinning”. This involves hard coding legitimate certificate details into an application. While Google has known about this vulnerability since late February, they’ve yet to implement pinning.
Making this more odd is that this vulnerability only affects iOS users because Gmail for Android uses certificate pinning. This is being referred to as “an oversight by Google”.
For the time being, using Gmail on your iPhone is unsafe. There’s always a possibility of your messages being intercepted by a third party.
At Geek Rescue, we offer a number of email solutions for home and business, as well as support for mobile devices, including iPhones and Androids. If you’re having issues with technology, call us at 918-369-435.
July 11th, 2014