https://miscreants.github.io/blog.trailofbits.com/authors/will-brattain/Recent content in Will Brattain on The Trail of Bits BlogHugoen-usMon, 30 Oct 2023 08:00:57 -0400https://miscreants.github.io/blog.trailofbits.com/2023/10/30/the-issue-with-ats-in-apples-macos-and-ios/Mon, 30 Oct 2023 08:00:57 -0400https://miscreants.github.io/blog.trailofbits.com/2023/10/30/the-issue-with-ats-in-apples-macos-and-ios/Trail of Bits is publicly disclosing a vulnerability (CVE-2023-38596) that affects iOS, iPadOS, and tvOS before version 17, macOS before version 14, and watchOS before version 10. The flaw resides in Apple’s App Transport Security (ATS) protocol handling. We discovered that Apple’s ATS fails to require the encryption of connections to IP […]