usenix.jpg

Carnegie Mellon's Collin Jackson and Eric Chen Referenced in Apple iOS 8 Security Update

October 06, 2014

Bookmark and Share

Collin Jackson, an INI adjunct professor, and Eric Chen, an ECE doctoral student at Carnegie Mellon's Silicon Valley campus, along with David Silver, Suman Jana and Dan Boneh, all from Stanford University, were mentioned in a recent Apple iOS 8 security update, based on a paper authored by the researchers.

According to Chen: "We discovered an issue with mobile Safari's password manager that allowed a man-in-the-middle attacker (e.g., a coffee shop's Wi-Fi that the user is connected to) to automatically extract the user's stored passwords on various sites specified by the attacker. This attack is completely automated and invisible to the user."

The paper explaining this work is published in the Proceedings of the 23rd USENIX Security Symposium.

Related Links