App developers not ready for stricter iOS security requirements

Click here to visit Original posting

A month before Apple is expected to enforce stricter security requirements for app communications in iOS, enterprise developers don't seem ready to embrace them, a new study shows.

The study was performed by security firm Appthority on the most common 200 apps installed on iOS devices in enterprises. The researchers looked at how well these apps conform to Apple's App Transport Security (ATS) requirements.

ATS was first introduced and was enabled by default in iOS 9. It forces all apps to communicate with Internet servers using encrypted HTTPS (HTTP over SSL/TLS) connections and ensures that only industry-standard encryption protocols and ciphers without known weaknesses are used. For example, SSL version 3 is not allowed and neither is the RC4 stream cipher, due to known vulnerabilities.

To read this article in full or to leave a comment, please click here

App developers not ready for stricter iOS security requirements

Android 15 could tell you how long your phone’s storage will survive for

LastPass users tricked by hackers posing as staff to steal passwords

Apple HomePod leak suggests a full touchscreen display model is coming, but all I want is next-gen Siri

Best Buy is slashing prices on tech gadgets: OLED TVs, cheap laptops, AirPods and more