Apple Fixed iOS 11.2 Vulnerability That Allowed Unauthorized Access to HomeKit Devices

Discussion in ' News Discussion' started by MacRumors, Dec 7, 2017.

  1. dan110, Dec 7, 2017
    Last edited: Dec 8, 2017

    dan110 macrumors 6502


    Jul 13, 2013
    Apple's Software Engineering Devision seems to have turned into a bunch of amateurs.

    How can they not have a specific team of people totally focused on security?
  2. jermwhl macrumors regular


    Sep 29, 2014
    San Diego, CA
    I know! It's so work intensive to have to press "Download and Install". Come on Apple, just leave the vulnerabilities open, so we don't have to update our software so much. Stop patching iOS so much, it's inconvenient. Are one of these "/S" required in this case?
  3. Analog Kid macrumors 601

    Analog Kid

    Mar 4, 2003
    First a vulnerability that lets you bypass security to gain superuser access to your Mac, then one that allows you to bypass security to gain superuser access to your home...

    Hasn't been a good month, that's for sure...
  4. jdillings macrumors 68000

    Jun 21, 2015
  5. K. Bayquoi macrumors newbie

    K. Bayquoi

    Sep 8, 2016
    Wow, so much negativity against Apple. When Apple has full control of a product they usually do fantastic work. But in the case of HomeKit, Apple has had to contend with many third-party producers to tie their products into the HomeKit application. I am not surprised that there are not many more problems With third-party’s code stepping all over the Apple code and causing additional problems. At least Apple is pretty good at fixing the problems fast, once they are identified.
  6. avanpelt macrumors 68030

    Jun 2, 2010
    I do agree with you about the lock and the lack of real security it provides. Several years ago, my garage door keypad malfunctioned and it wouldn’t open the door after I got back from taking my dog for a walk. I left without my keys so I was locked out.

    I called a locksmith and the guy who showed up had the lock drilled out, the deadbolt removed, and my door open in about two minutes.
  7. nhmerino macrumors newbie

    Dec 2, 2013
  8. 69Mustang, Dec 7, 2017
    Last edited: Dec 7, 2017

    69Mustang macrumors 603


    Jan 7, 2014
    In between a rock and a hard place
    You read an article about a vulnerability in Homekit's framework but decided to post a comment throwing dirt on 3rd parties? I mean while we're at it, let's just blame the macOS hole and iOS issue on 3rd parties too. Not only do you unfairly disparage 3rd parties, you try to diminish Apple's culpability with "at least they are pretty good at fixing problems fast once they are identified". So they aren't at fault and they fix problems fast. Got it. We should be grateful.

    I gotta preemptively apologize. For some odd reason I am unnaturally and unreasonably triggered by your post. I think it's the blame others but praise Apple's quickness take that's got me sideways. It's either that or the fact that the cat keeps sticking her paw in my scotch glass and drinking from her claw. Little bit of column A, little of column B maybe. Sorry.
  9. OldSchoolMacGuy macrumors 601


    Jul 10, 2008
    Have you watched the Android side at all? Much bigger issues lately. But they don't make news. Because anything Apple makes headlines. And this site makes money the more they turn up the problem and get page views. So everything is the worst in the world and the end of the world. Because that make people click and talk and load page after page. Thats where the blog money is.
  10. kstotlani macrumors 6502a

    Oct 27, 2006
    When your life or life savings depends on it. E.g. the airlines you fly. I think it’s ok to have your phone OS drain your battery quicker, auto correct a to i etc. but people should not trivialize some of the major issues and symptoms that can be a big issue if a good hacker puts their mind to it. I don’t think Apple is doomed etc. they will get the root cause sorted but there are signs that they have to do something better in such cases where your homes could be opened due to a vulnerability. I say this because I am in the technology business and we definitely do lot more additional testing when it comes to critical components of an application. I bet there are a lot of changes happening at Apple as we speak but the mob in us will not be happy till a leadership head roles.
  11. 69Mustang macrumors 603


    Jan 7, 2014
    In between a rock and a hard place
    I'm sure HomeKit users are taking solace in the fact they even though their software had a big security vulnerability Android has problems too. Misery loves company.:)
  12. kstotlani macrumors 6502a

    Oct 27, 2006
    There can be several arguments like these. Let me provide one for fun as I was thinking on the same lines. It would take 100 of those locksmiths to open 100 homes but it would take a long time while a 400 pound guy (Trump Russia hack reference) sitting in his basement could open more than a thousand homes within seconds.
  13. hface119 macrumors member

    Oct 24, 2012
    I have been racking my brain trying to figure out why my Hue light automations were not working via Home, and realized I couldn’t connect to them on LTE when it always used to work - I too was going to reset HomeKit this weekend to see if it would fix it. I’m just relieved it was on Apple’s side and they’re actively addressing it. I only wish they would have told us sooner considering they’ve known since October. Would have saved the wondering and perhaps some people time if they went the reset/reconfigure route to no avail.
  14. iamtheonlyone4ever Suspended


    May 27, 2016
    ok now seriously with all these bugs who wants to volunteer to try the apple car
    beta or not I'm not getting on that car
    I just don't trust ICAR OS
    I like KITT from night rider better, now that's a self driving car you can trust
  15. neliason macrumors 6502

    Oct 1, 2015
    Yep. If someone is intent on breaking into a home, which is a serious crime, they have the options of picking a lock or just kicking the door in which is surprisingly easy. Not that a bug in software that protects or has the ability to record video and audio in your home isn’t serious.
  16. sunwukong macrumors regular


    Jan 2, 2002
    It's starting to get another one.
  17. M2M macrumors 6502


    Jan 12, 2009
    They have a new reputation now. „We‘ll break it, we’ll fix it”. Long gone is the “it just works” mindset.
  18. alexhardaker macrumors member

    Sep 12, 2014
    I really do hope they’re getting back into to the “it just works” mindset. It’s anazing how much has changed since Forstall’s departure :(
  19. Diving Capers macrumors 6502

    Diving Capers

    Jun 10, 2017
    It is unfortunate that Cook’s vision for what Apple should be appears to be the iPhone and quick iOS releases. The main hurdle Apple is currently facing is the limited vision of its senior management team, the issue is that, as long as the iPhone continues to do so well, there will be no hope of change.

    The Mac and macOS will continue to suffer, silly design choices will continue to be made and the focus will continue to be on the fashion side instead of usability, quality and customer experience.

    It is sad that Coook’s Apple is unwilling to see past the quick profits generated by the iPhone’s success. Maybe they believe that the future is in smartphones only and their roadmap is one that slowly neglects the Mac until the only real option for Apple fans is the iPhone, the iPad and whatever accessories they occasionally pump out.

    It would be great to see Forstall back, however the chances are slim to none as long as Cook and Ive are still part of the company.

    Apple urgently needs someone with a real vision for innovation and a no nonsense approach to quality control.

    Hopefully their recent performance is just a bump in the road, however it is unlikely there will be real change as long as Cook is in control.

    Cook’s only achievement is milking Job’s vision for every penny and bogging down everything Apple once stood for. Shame on him.
  20. WatchFromAfar macrumors 65816


    Jan 26, 2017
    No-one says complex code is going to be bug-free but it's kinda embarrassing when you're a Company that likes to pride itself on being secure and having things "just work".
  21. krazzix macrumors member


    Jun 15, 2010
  22. PBRsg, Dec 8, 2017
    Last edited: Dec 8, 2017

    PBRsg macrumors 6502


    Aug 12, 2014
    The overdid it with the cow manure...
  23. NightFox macrumors 68020


    May 10, 2005
    Shropshire, UK
    Do you not think the practice of pushing out a new version of iOS every year is driven by customer demand and expectation, rather than an arbitary decision by Apple? The problem is, people expect a revolutionary, magical new iPhone every year and a new version of iOS packed with new features. Fail to provide and you lose customers, many more than you'll lose due to bugs that the majority of your customers aren't even going to know or care about.

    And as for the emoji comment, I'm sure you know that that's not Apple's decision, and the hype surrounding emojis is generated by sites like MR; Apple themselves don't make that much of it.
  24. PBRsg macrumors 6502


    Aug 12, 2014
    So true, but you may be in the wrong place making that comment. Half of the comments here are: "Apple, give me something new to play with". Making an iPhone which looks like the previous one (even if the internals are completely different) is a cardinal sin. My priority, on the other hand, are devices which do not give me any problems and let me get on with what I want to do. Welcome to modern society, where everything is play and people have the attention span of a goldfish.
  25. Sevendaymelee macrumors 6502


    Mar 27, 2016
    I don't care if it ruffles feathers. Anyone who allows access to their car or home via app is a fool.

Share This Page