Apple Says It's Already Fixed Many WikiLeaks Security Issues

An anonymous reader quotes a report from USA Today: Apple says many of the vulnerabilities to its devices and software that came to light in WikiLeaks' revelations of CIA cyber weapons were already fixed in its latest updates. Late Tuesday, Apple emailed the following statement to USA TODAY: "Apple is deeply committed to safeguarding our customers' privacy and security. The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest OS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates." For its part, Samsung emailed its own statement Wednesday: "Protecting consumers' privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter."

Keep an eye out for Unlocked Phones

[SeattleLawGuy]

I'm glad to see positive response across the board, from Apple, Samsung, and I'm sure others. Especially Apple and Samsung, though, as I have many devices from both of them in my home.

Keep an eye out for updates on "Unlocked" Phones that have switched networks. For some insane reason phones are marketed as "unlocked" when they can be used on another carrier's network, but *the security updates don't work* if you use them on the other network. These should probably be considered unmarketable and therefore not unlocked--and there should be a convenient way to pull signed security updates from the manufacturer instead of the carrier. Samsung and Apple issuing patches doesn't help if Verizon and AT&T fail to talk to each other enough for users on both networks to get the security updates, regardless of who originally installed a given phone's O/S.