{"id":15817,"date":"2013-03-09T01:18:11","date_gmt":"2013-03-09T00:18:11","guid":{"rendered":"http:\/\/iphonejailbreak.fr\/?p=15817"},"modified":"2013-03-09T11:47:19","modified_gmt":"2013-03-09T10:47:19","slug":"apple-bouche-une-faille-vieille-de-six-mois-dans-lapp-store","status":"publish","type":"post","link":"http:\/\/iphonejailbreak.fr\/?p=15817","title":{"rendered":"Apple bouche une faille vieille de six mois dans l&rsquo;App Store"},"content":{"rendered":"<p style=\"text-align: justify;\"><div class=\"embed-container\"><iframe title=\"iOs App Store password stealing attack\" width=\"944\" height=\"531\" src=\"https:\/\/www.youtube.com\/embed\/b7MQjLVkekg?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe><\/div><\/p>\n<p style=\"text-align: justify;\">En juillet dernier, un des chercheurs en s\u00e9curit\u00e9 de Google, Elie Bursztein, pr\u00e9venait Apple d\u2019une faille de s\u00e9curit\u00e9 dans l\u2019AppStore. <strong>Certains services de la boutique en ligne utilisaient le protocole HTTP non s\u00e9curis\u00e9<\/strong>, alors qu\u2019il aurait \u00e9t\u00e9 de bon ton de la part de Cupertino d\u2019employer l\u2019HTTPS. Cette vuln\u00e9rabilit\u00e9 pouvait potentiellement servir \u00e0 des hackers pour subtiliser des mots de passe, forcer les utilisateurs \u00e0 installer une application sp\u00e9cifique plut\u00f4t que celles qu\u2019ils souhaitaient (notamment les plus on\u00e9reuses), ou encore \u00e0 t\u00e9l\u00e9charger des mises \u00e0 jour bidon &#8211; il pouvait m\u00eame \u00eatre possible d\u2019emp\u00eacher l\u2019installation de logiciels. Bref, il fallait qu\u2019Apple s\u00e9curise un peu mieux son affaire, ce que la soci\u00e9t\u00e9 a fait\u2026 le 23 f\u00e9vrier. Soit plus de six mois apr\u00e8s avoir \u00e9t\u00e9 pr\u00e9venu par Bursztein\u00a0! Ce dernier n\u2019a pas ch\u00f4m\u00e9 en livrant quelques vid\u00e9os d\u00e9monstratives de la faille (cf la vid\u00e9o)<\/p>\n<p style=\"text-align: justify;\">Les transactions sur l\u2019AppStore sont d\u00e9sormais enti\u00e8rement s\u00e9curis\u00e9es via HTTPS par d\u00e9faut. Apple n\u2019a pas manqu\u00e9 de souligner le travail du chercheur lors de la communication sur le correctif apport\u00e9 le 23 f\u00e9vrier.<\/p>\n<p style=\"text-align: justify;\"><strong>Merci \u00e0 MacPlus pour l&rsquo;info !<\/strong><\/p>\n<p><a href=\"http:\/\/forum.iphonejailbreak.fr\/index.php\/topic,5457.msg38320\/topicseen.html#msg38320\" rel=\"attachment wp-att-12430\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-12430\" alt=\"on en parle\" src=\"http:\/\/iphonejailbreak.fr\/wp-content\/uploads\/2013\/02\/bouton-blog1-copie.png\" width=\"200\" height=\"40\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>En juillet dernier, un des chercheurs en s\u00e9curit\u00e9 de Google, Elie Bursztein, pr\u00e9venait Apple d\u2019une faille de s\u00e9curit\u00e9 dans l\u2019AppStore. Certains services de la boutique en ligne utilisaient le protocole HTTP non s\u00e9curis\u00e9, alors qu\u2019il aurait \u00e9t\u00e9 de bon ton de la part de Cupertino d\u2019employer l\u2019HTTPS. Cette vuln\u00e9rabilit\u00e9 pouvait potentiellement servir \u00e0 des hackers &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"http:\/\/iphonejailbreak.fr\/?p=15817\">Lire la suite<\/a><\/p>\n","protected":false},"author":18,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[10],"tags":[5940,11129,11137,6555,6548,308,6541,187,6556,6542],"_links":{"self":[{"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/posts\/15817"}],"collection":[{"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15817"}],"version-history":[{"count":7,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/posts\/15817\/revisions"}],"predecessor-version":[{"id":15904,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=\/wp\/v2\/posts\/15817\/revisions\/15904"}],"wp:attachment":[{"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15817"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/iphonejailbreak.fr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}