If you're new to AirPods, considering buying a pair, or just want to pick up some new tips.
Apple Fixed iOS 11.2 Vulnerability That Allowed Unauthorized Access to HomeKit Devices
A HomeKit vulnerability in iOS 11.2 that allowed unauthorized access to HomeKit accessories that included smart locks has been fixed by Apple, the company told 9to5Mac in a statement today.
Apple was able to address the vulnerability server side as it affected the HomeKit framework rather than individual HomeKit products. Though the vulnerability impacted all HomeKit devices, it is of particular interest to HomeKit users with smart locks and other HomeKit-enabled devices that allow access to the home, as someone able to exploit this kind of problem could gain entry to a dwelling without a physical key.
9to5Mac says that Apple was first informed about the security issue and other related HomeKit vulnerabilities in October. Some of the problems were addressed in iOS 11.2 and watchOS 4.2, while the rest were fixed server side. HomeKit setups with at least one connected iPhone or iPad running iOS 11.2 and signed into a HomeKit user's iCloud account were impacted.
Since its launch in 2014, HomeKit has seen many major improvements and its adoption has grown steadily. A wide range of manufacturers have embraced HomeKit, and there are HomeKit lights, outlets, switches, thermostats, window coverings, fans, sensors, cameras, locks, and garage door openers.
August, Friday, Koogeek, Kwikset, Schlage, and Yale all make HomeKit-enabled smart locks that can be controlled via Siri voice commands and HomeKit apps.
"The issue affecting HomeKit users running iOS 11.2 has been fixed. The fix temporarily disables remote access to shared users, which will be restored in a software update early next week."To patch the vulnerability, which was reportedly difficult to reproduce, Apple disabled remote access for shared users, something the company says will be reintroduced in a software update that's set to be released early next week.
Apple was able to address the vulnerability server side as it affected the HomeKit framework rather than individual HomeKit products. Though the vulnerability impacted all HomeKit devices, it is of particular interest to HomeKit users with smart locks and other HomeKit-enabled devices that allow access to the home, as someone able to exploit this kind of problem could gain entry to a dwelling without a physical key.
9to5Mac says that Apple was first informed about the security issue and other related HomeKit vulnerabilities in October. Some of the problems were addressed in iOS 11.2 and watchOS 4.2, while the rest were fixed server side. HomeKit setups with at least one connected iPhone or iPad running iOS 11.2 and signed into a HomeKit user's iCloud account were impacted.
Since its launch in 2014, HomeKit has seen many major improvements and its adoption has grown steadily. A wide range of manufacturers have embraced HomeKit, and there are HomeKit lights, outlets, switches, thermostats, window coverings, fans, sensors, cameras, locks, and garage door openers.
August, Friday, Koogeek, Kwikset, Schlage, and Yale all make HomeKit-enabled smart locks that can be controlled via Siri voice commands and HomeKit apps.
Tag: HomeKit
[ 112 comments ]
Top Rated Comments
(View all)
17 months ago
Does Apple even have a quality assurance department at this point? The latest releases of iOS and macOS are downright embarrassing.
We share remote access in our family to access all of our HomeKit smart devices and now we're all unable to control our items until sometime next week. Absolutely ridiculous.
We share remote access in our family to access all of our HomeKit smart devices and now we're all unable to control our items until sometime next week. Absolutely ridiculous.
17 months ago
Apple's policy to rush out new versions of IOS each year is pathetic. Their quality control is complete garbage and before someone says, well IOS is a complex operating system having to support both current and many legacy devices ... I don't give a damn.
Apple used to stand for quality, but IOS has become a bloated operating system where the hype is always about new emojis. Apple needs to get off the annual release of major IOS versions and concentrate on efficiency and bug fixes.
Apple used to stand for quality, but IOS has become a bloated operating system where the hype is always about new emojis. Apple needs to get off the annual release of major IOS versions and concentrate on efficiency and bug fixes.
17 months ago
I miss Forstall.
I do too. He should have stayed at Apple and not got asked to leave. It really does show
17 months ago
apple software used to have a reputation
It still does - just maybe not the same one you're referring to.
17 months ago
apple software used to have a reputation
It still does. It’s simply switched direction. :apple:
17 months ago
For all the people saying “No HomeKit, no buy” because of HomeKit’s top-notch security, just keep this incident in mind. There are almost surely other security holes lurking in the code just as there are in virtually every software. Apple needs to do some serious self-examination after the macOS and iOS bugs of late. Having 10 or 15 public betas is not a replacement for doing thorough, in-house code reviews and testing.
17 months ago
Wow, so much negativity against Apple. When Apple has full control of a product they usually do fantastic work. But in the case of HomeKit, Apple has had to contend with many third-party producers to tie their products into the HomeKit application. I am not surprised that there are not many more problems With third-party’s code stepping all over the Apple code and causing additional problems. At least Apple is pretty good at fixing the problems fast, once they are identified.
You read an article about a vulnerability in Homekit's framework but decided to post a comment throwing dirt on 3rd parties? I mean while we're at it, let's just blame the macOS hole and iOS issue on 3rd parties too. Not only do you unfairly disparage 3rd parties, you try to diminish Apple's culpability with "at least they are pretty good at fixing problems fast once they are identified". So they aren't at fault and they fix problems fast. Got it. We should be grateful.I gotta preemptively apologize. For some odd reason I am unnaturally and unreasonably triggered by your post. I think it's the blame others but praise Apple's quickness take that's got me sideways. It's either that or the fact that the cat keeps sticking her paw in my scotch glass and drinking from her claw. Little bit of column A, little of column B maybe. Sorry.
[ Read All Comments ]
Apple today released a new update for Safari Technology Preview, the experimental browser Apple first introduced three years ago in March 2016. Apple designed the Safari Technology Preview to test...
Apple today announced that all new and updated iPhone and iPad apps submitted to the App Store on and after March 27, 2019 must be built with the iOS 12.1 SDK or later and support the iPhone XS Max...
T-Mobile kicked off a new promotion today that lets new and existing customers get the 64GB iPhone XR at no extra cost when they add new voice lines and trade in a qualifying device.
...
Satechi, known for its line of accessories for the iPhone, iPad, and Mac, today announced the launch of two new USB-C accessories designed for Macs and iPads.
The Type-C Headphone Jack Adapter...
If you don't have a vehicle with CarPlay installed natively, there are a number of third-party aftermarket CarPlay receivers from companies like Alpine and Pioneer, which can be an affordable way...
Apple today announced the launch of a new media literacy initiative that's designed to encourage critical thinking and empower students to be better informed.
Apple is teaming up with...
Amid the launch of brand-new iPads this week, there are quite a few deals on older models for users who don't mind purchasing previous generation devices. Along with these sales, you can also...
