Instagram Security Flaw on iOS

Apple fans have always touted how much more secure they are with iOS is in comparison to other mobile operating systems – how the iron fist of the iTunes store also means that you are saved the hassle of having to face malware and viruses.

Well perhaps not so much. A security flaw has recently been uncovered in the Instagram iOS app which could allow a hacker full access to your account.

The flaw comes in the authentication with the Instagram servers. Your account information is stored and transferred in an unencrypted cookie file. If you are on an unsecure network, a malicious individual could technically grab the cookie and have access to your account.

Apparently the person who discovered the flaw has attempted to tell Instagram but has been met with silence for the past month.

It isn’t yet known if the Android app has a similar security hole, and there have not yet been reported cases of hacking, but nor has Instagram released an update to fix the problem.

But hey – I guess most hackers don’t really care about grabbing pictures of breakfast, lunch and dinner…

[via Geeky Gadgets | Image Credit]





6 Responses to Instagram Security Flaw on iOS

  1. That isn't really very insightful, indeed it is quite misleading: the security of iOS is not compromised just because some application has a security flaw. Indeed there will be tonnes of such poorly implemented application on both iOS and Android, and the OSes can do nothing about that – but they are still secure.

      • Yet your very first sentence is about iOS and it's perceived security, when reporting a problem that might grant access to an Instagram account, and not the user account on the device.

      • It also talks about the security and malware of the OS … which this isn't about. "you are saved the hassle of having to face malware and viruses" … Opening with that line is misleading since this is not a case of a virus or malware. This is a case of poorly written software and/or security protocols in the software … which does nothing to the OS itself.

  2. This link bait is ridiculous. The failing is with the Instagram dev team and the security flaw only affects those things that they wrote, their service, their app. This has nothing to do with Apple.

  3. The article just says, apps aren't perfect. There was no claim that the iOS was in danger or anything like that. Stop suckling on the apple and just relax. This showed a flaw in a program. A program that many people have linked to a lot of other information including emails, followers, and a few other things. This isn't a big deal to some, but some business that might have compromised their account may become a big deal.