Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News Categories

Tumblr Issues Security Patch for iOS App

By Wong Chung Wee - on 19 Jul 2013, 9:28am

Tumblr Issues Security Patch for iOS App

Tumblr, the popular microblogging and social networking portal, has released an emergency patch for its iOS application. The patch will address "an issue that allowed passwords to be compromised in certain circumstance." For precaution, the company also advised users to change their passwords.

The Register reported on this security issue when one of their sources discovered this security flaw of the Tumblr iOS application during a security audit. The person was in charge of screening iOS applications that are safe for use on their corporate smartphones. He inadvertently discovered Tumblr's iOS application "failed to log users in through a secure (SSL) server...."

(Image Source: The Register)

As a result, the user's Tumblr authentication information, which is sent in plain text, can be easily tapped from any unsecured Wi-Fi network he is connected to. Granted, the hacker needs to be on the same wireless network as the user, and at the same time, utilize a data packet analysis software to extract the user's information. The person who discovered this security flaw only approached The Register after he claimed that Tumblr failed to respond to his warning.

However, the company has already issued an emergency patch to address this security issue, and for added precaution, Tumblr has advised all users of its iOS application to change their passwords. For more information on this patch, please head over to Tumblr's official blog here.

(Source: Tumblr via The Register)