HeartBleed vulnerability on AnyConnect for iOS

Similar Messages

• Cisco IOS XE is vulnerable to CVE-2014-0160 - aka Heartbleed CSCuo19730 on Cisco 4500E IOS XE?

  Hello Experts,
  I need to find out what exact IOS XE software version on Catalyst 4507E will affect by Heartbleed.
  Cisco WS-C4507R+E
  WS-X45-SUP7-E
  Thanks in advance.

  @apieper, looking at the bug details, it doesn't look like you are affected.
  Conditions:
  Cisco IOS XE devices running release 3.11.0S, 3.11.1S or 3.12.0S and with the WebUI interface over HTTPs enabled. No other versions of Cisco IOS XE are affected.
  Devices with the WebUI interface enabled and using HTTPs as transport protocol will include the following configuration:
  transport-map type persistent webui http-webui
  secure-server
  ip http secure-server
  transport type persistent webui input http-webui
  Devices running IOS XE release 3.11.0S, 3.11.1S or 3.12.0S but WITHOUT the WebUI interface enabled, or with the WebUI interface enabled but NOT using HTTPs as transport protocol are NOT AFFECTED by this vulnerability.
  Devices running IOS XE release 3.11.0S, 3.11.1S or 3.12.0S and with the HTTPs server enabled (by including in their configuration the line "ip http secure-server") are NOT affected. Both the HTTPs server and the WebUI interface need to be enabled for a device to be vulnerable.

• Heartbleed: Remove Certificate Authority from iOS device

  Hi,
  I am in the process of changing SSL certificates after the Heartbleed bug. As I wasn't able to find a reliable cross platform way to revoke my internal certificates (e.g. Chrome doesn't check CRLs), I'm planning to reissue new certificates based on a new internal certificate authority (CA) and to remove the old CA from all systems. This should render all previous certificates as untrusted.
  This is easy for Linux, Windows and OS X, but how can I do this for iOS 7 devices? I believe the CA certificate was originally deployed to the iOS devices through a configuration profile. However, when I go to Settings > General > Profiles, there is no such profile listed. The iOS Safari shows my internal HTTPs pages without certificate warnings, thus the device must somehow have remembered that CA as trustworthy.
  Here are my questions:
  How can I view and/or modify the trust settings of CAs on iOS 7 devices?
  Where did the configuration profile with the CA go (I know that's a little weird to ask here) and why is the CA still active?
  Why are internal Https pages still trusted even if there is no configuration profile for that?
  This absolutely puzzles me! I always thought that for a custom CA to be active on a iOS device a configuration profile was required to be present. But that does not seem to be the case.
  Thanks for your help!

  The workaround seems to be the following:
  Go to the iPhone Configuration Utility
  Install the profile (again)
  Go to your iPhone and deinstall the profile that was just installed in Settings > General > Profiles
  Certificates signed by that authority are not trusted anymore.
  I consider this to be a major security problem in iOS if there is a way that profiles enable CAs and then get lost sometime later (maybe through an iOS upgrade?).

• Heartbleed virus/vulnerability-I have been hearing about the "heartbleed vulnerability" and told to change all my passwords. Does this apply to Macs? I thought they could not get viruses and this was one of the reasons I got one.

  I have been hearing about the "heartbleed vulnerability" and told to change all my passwords. Does this apply to Macs? I thought they could not get viruses and this was one of the reasons I got one.

  See What is Heartbleed?
  (Fair disclosure: The Safe Mac is my site, and contains a Donate button, so I may receive compensation for providing links to The Safe Mac. Donations are not required.)

• Openssl Heart bleed mitigation for IOS XE

  Can someone suggest, how to mitigate the openssl heart bleed with IOS XE, Please share the process
  am currently using below model
  Cisco Catalyst 4500X-16 SFP+ Switch
  IOS version: cat4500e-universalk9.SPA.03.04.02.SG.151-2.SG2.bin

  I believe you'd only have the HeartBleed vulnerability if ip http secure-server was enabled on your device. If that is not enabled, I believe you're ok. 
  I haven't been able to find out too much information from Cisco except what's in this link:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
  I too am trying to find out what needs to be done to patch my enterprise's IOS-XE (and any additional products Cisco identifies as being vulnerable) devices to a secure version.
  While waiting to hear from Cisco, my team is going through all of our devices to ensure https is disabled.  

• OpenSSL Heartbleed Vulnerability

  I have received Siemens CERT vulnerability for OpenSSL HeartBleed on Agentry server that is using OpenSSL,So I want to know whether Agentry Server or related components including JRE is affected by OpenSSL HeartBleed vulnerability?
  Before
  After the service has stopped.

  Dear Samuli,
  Thank you for your reply!
  Now I see the Agentry fixed version is 'Agentry 6.0.40.1' in fixed product version list.
  But in "http://software.syclo.com" the newest version is 'Agentry 6.0.36.0', so where can I download the fixed version 'Agentry 6.0.40.1'?
  Best Regards,
  Hu Hongfeng

• How to address a specific time in VOD for iOS

  Using Flash and RTMP it's easy to go to a specific time in a VOD stream served from AMS using the seek method.
  Is there similar ability to seek to a specific time in VOD delivered to Safari on iOS?  The native video player provides a currentTime method, but I've not seen documentation anywhere to suggest currentTime or another method to provide rapid and accurate time based access from AMS.
  FWIW, Wowza documentation provides an answer:
  http://www.wowza.com/forums/content.php?326-How-to-specify-a-play-start-time-and-duration- for-HTTP-streaming
  TIA,
  RT

  Nitin, the link you provided is a bit better than nothing, but it refers to the AVPlayer object in applications, rather than iOS delivered data.  In our experience currentTime is a settable property for the native video player in mobile Safari, using a normal progressive uploaded stream, as the documentation shows:
  http://developer.apple.com/library/safari/#documentation/AudioVideo/Reference/HTMLMediaEle mentClassReference/HTMLMediaElement/HTMLMediaElement.html
  The question is "Are there browser based methods that seek AMS delivered streams more quickly or with better accuracy?" 
  Everyone is aware that mobile is exploding.  On some of our videocentric apps the share for iOS is approaching 20%.  PM Kevin Towes, what are you doing to accomodate this need???

• Keyboard issue using Danish keyboard on Remote app for iOS.

  Hi there.
  I have noticed a quite annoying issue with the Remote Desktop for iOS when using foreign keyboards along with the Remote Desktop app.
  The PC I'm remoting to from my iPad Air is a Windows 7 machine with an English Windows.
  I have a danish keyboard layout installed, and have removed the English keyboard.
  But.. Here comes the strange issue.
  If I connect via Remote Desktop before I log into my PC (from my PC), the special characters like :;/*^%}{ ect. works just fine on my iPad.
  If I then log on to my PC from the PC, the keyboard on the PC has been changed to english, even though there's no english keybord layout installed on my PC.
  The special characters like the danish æøå has been changed out with ; and other wrong characters.
  I then have to press CTRL+SHIFT on my PC to change it back to the danish layout.
  But... If I do so on my PC and afterwards connect via the Remote Desktop app on my iPad Air, the keyboard is messed up on my iPad.
  All the special characters like /:;)(^#%{ is placed wrong and give me a wrong character.
  And that happens even if I change the keyboard on my iPad to English.
  I really hope you will be able to fix this in a future update enabling full support for foreign keyboards between iOS7 and Windows 7.
  Thanks in advance.
  - Bjørn, Denmark

  Hi,
  Why are the characters mixed up in the session?
  This issue can occur if the keyboard language has been switched on the remote PC while running a remote desktop session. In the case you would like to switch to a different keyboard language
  follow these instructions.
  Note: The remote PC selects the system language of the device running the remote desktop client and not the keyboard language. When switching the keyboard language on your device, you need
  to manually switch the keyboard language on the remote PC.
  1. Open settings on your device.
  2. Tap General and then tap International.
  3. Tap Language and select the language running on the remote PC.
  4. Open the RD Client and connect to the remote PC and check if the Windows keyboard language matches the language that you selected.
  http://technet.microsoft.com/library/dn473015
  Hope this helps.
  Jeremy Wu
  TechNet Community Support

• Eos remote app for iOS

  The idea was great, however the development seems to be stopped on this.
  It hasn't been updated since Dec of last year.
  Will there be a new version of EOS Remote app for iOS?
  Features I'd like to see from the upgrade (if there's any)
  1) Full size image transfer
  2) Video file transfer
  3) Indicate if a file is already downloaded to the phone or not.
  Thanks,

  Hi rmpark!
  Thanks for posting.
  The EOS Remote App currently works with up to iOS version 7.  I am not sure if or when the next version of the app will be released, or what features will be added to it, but I have forwarded your suggestions along.  This feedback is very important to Canon.  Please continue to check in the app store from time to time for any updated versions that may be released.
  Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

• OneDrive for Business for iOS Devices - Accessing Non Office 365 Hosted Sites

  Hello,
  I have a SharePoint site that I host on premise and am not using Office 365 at all.  Is it possible for me to access the site using the iOS version of the OneDrive for Business app?  When I specify my username, password and SharePoint 2013 site
  URL i get a login error with username/password incorrect.
  Does the iOS app only support Office 365 implementations of SharePoint?
  Thanks

  what type of authentication you are using, this is the key?
  check this official blog:
  http://blogs.office.com/2014/02/27/introducing-onedrive-for-business-for-ios-v1-2/
  http://social.technet.microsoft.com/Forums/sharepoint/en-US/3ad5b8ca-37e9-43b2-9201-9c5c339d157c/onedrive-for-business-ipad-app-with-onpremise-sharepoint-2013?forum=sharepointadmin
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

• Is there any downside mixing Objective-C with C++ for iOS apps?

  I'd like to use C++ since it's fast and more dynamically in memory reference.
  Is there any downside mixing Objective-C with C++ for iOS apps?
  When googled for info, I only found tutorials about how to let xcode compile Objective-C with C++.
  Thanks for help.

  hokanst wrote:
  Both Objective-C and C++ are (more or less) extensions of C.
  C supports manipulation of pointers and casting of pointers, this implies that both Objective-C and C++ will be able to manipulate C data like arrays, structs ...
  Objective-C has classes like NSData to read/write blocks of bytes from/to file and to access ranges of bytes when the data is loaded into memory.
  C++ probably has similar classes (I'm not well versed in C++ so I don't know).
  If you want to look into using C++ you will probably want to look at Objective-C++, the link below has links to docs on how to use C++ with Objective-C:
  http://stackoverflow.com/questions/3684112/what-is-objective-c
  Thanks for the info, NSData does what I need.
  A replied in the link also mentioned that he's using C++ in his application too. As long as I'm aware of memory management (prevent memory leaks, etc) as @disguise said, it should be fine.
  @etresoft indeed, but C is the base language of ObjC, there are ways to deal with.

• HT201210 My download for iOS 7 was interrupted, it has downloaded but not installed. it goes through routine Terms & Agreements and everything, but when i try to update it tries to verify the update then says that the update is not available.

  I dont understand, when i try to update it will go through routine apple stuff, then it it will say " Software Update Unavailable (under) Software Update is not available at this time. Try again later." The thing is that i was downloading it and my wi-fi had restarted for some unknown reason and it downloaded onto my phone but not installed. and at the moment it is really bothering me because I have waited a long time for iOS 7 and I am not being allowed to update my phone to it and i just wanted to know how to fix it. Thank you.

  I imagine a ton of people are attempting to download it right now. Simple patience, maybe keep trying, and if possible, try a little later. Think of it as all those people lining up at Apple Stores + about a million more.

• How do I delete a file from the Adobe Reader for iOS?

  How do I delete a file from the Adobe Reader for iOS?

  Read this:
  http://forums.adobe.com/thread/1012973?tstart=0

• Problem with GarageBand for iOS 6/7 Iphone 3gs / 4

  Problem with GarageBand for iOS 6/7 Iphone 3gs / 4
  Hello,
  On February 16, bought the GarageBand for iOS which was free and so I find and install it on my 3GS .
  Take the demo: Curtain Call Demo
  and within the instruments :
  audio Recorder
  Sampler
  Smart Drums
  Smart Strings
  Smart Bass
  Smart Keyboard
  Smart Guitar
  Keyboard
  Drums
  Guitar Amp
  1.4.1 is the latest version for ios 6.
  Configure my AppleID on a Iphone 4 and install the program , the version I have the Iphone 4 is the orange ( different from 3gs ) icon and put it on the AppStore : ios 2.0.1 for ios7.
  With these instruments :
  audio Recorder
  Sampler ( to download the instrument )
  Smart Drums ( to download the instrument )
  Smart Strings (Download the instrument )
  Smart Bass ( to download the instrument )
  Smart Keyboard ( to download the instrument )
  Smart Guitar
  Keyboard
  Drums
  Guitar Amp ( to download the instrument )
  and if I give what I need to restore tells me if I bought it I did not restore anything and tells me to buy :
  Complete collection of GarageBand instruments and sound at a price of : € 4.49
  As they are 2 different versions ? More than anything I say because I have to pay for the instruments in the 2.0.1 version of the Iphone 4 ... ?
  And besides not wearing demo Demo Curtain Call : (
  GarageBand 1.x If you are upgrading it using iTunes on a Mac or PC, you can restore the original collection of instruments and sounds. There is no need to buy this collection. Press "You've already purchased?" When displayed on iPhone, iPad or iPod touch.
  this puts on the AppStore but I have tried to restore as I wrote above, and does not work. There is nothing to restore.
  regards

  I've been having the same problem. However, I believe my problem is due to the 3G issues I've been having. I don't have internet access even when the 3G symbol appears, so probably my iphone keeps trying to connect to the network and has its battery drained! Have you been having the same issue?

• Submit: Great Skype for iOS ideas

  The new iOS idea board lets you all share and exchange your ideas on how to improve and develop Skype for iOS.
  Before you start sharing your ideas, here are some guidelines to help you get started:
  Idea Submission Guidelines
  Search before posting. Do a quick search and make sure you are not submitting a duplicate. If the idea already exists show your support by giving kudos to the original idea rather than watering down the potential impact across multiple submissions.
  Draft your idea. Be as clear as possible, tell us what your idea is, how it would benefit users and why you think we should consider it. That will not only help us to better understand what you want, but we may even be able to solve your problem more quickly another way. Please avoid text speak and keep the idea short and to the point. Ideas are available within a limited number of topic sections of the community as they are not discussion threads.
  Currently you can choose one of the following topic labels for your ideas:
  Video
  Video calling is one of Skype’s most popular features. What do/don’t you like about Video calling on Skype for iOS and do you have any ideas for how we can make video calling even better? You can send video messages to family and friends, even when they’re not online. Let us know what you think of Video Messaging in Skype and any ideas you have for how we can make it better. 
  Voice
  Calling individuals and groups is at the core of Skype. Anything you are currently missing with those features? What would make you use the Skype app more for calling?
  Instant Messaging & Contacts
  How can we make it easier for you to find friends and family on Skype and add them as a contact? What are your thoughts on how contacts are managed on Skype for iOS? How to enrich your chat experience? Do you have any recommended improvements?
  Sharing
  Tell us how you would like Skype to be integrated with iOS. Would things be easier if Skype was better integrated with your contacts? Better integrated into other apps? Or in the dial pad? 
  Some things to include:
  Start with a clear title, e.g. "Add XY", ""
  Add appropriate label(s) from the list of labels shown below
  List features and benefits
  Review the ideas of others. Look at other ideas to see what your fellow community members are requesting and feel free to exchange on them in the comments section. While we take into account the numbers of kudos an idea receives, we also consider the amount and quality of member feedback when making our decisions.
  Add value. Vote for those items that you like and agree with by giving the idea a kudos. It's really a significant way to recognize someone's effort. We are using votes as a barometer to find out more about what our contributor community thinks is important, so we can factor this into our prioritization process.
  Submit a new idea. Adding an idea is just like posting a message on a board. To create an idea, click on the “New Idea” button, located on the left side of the page content tab, and in the left column under the actions heading click “create an idea”. Be sure to enter a clear title and description of your idea so others can decide how they would like to vote. Remember, the more complete your thought, the more likely it is to get noticed! You can use simple HTML, format the text, or add links or images. You can also preview your idea and check your spelling before you post the idea.
  Do not be discouraged. Sometimes what seems simple may not be so simple to build. Some ideas take longer than others, and some ideas will not be possible within the scope of what we want to accomplish in the next year or so.
  Be respectful. Comply with the Community Guidelines and Skype etiquette.
  Disclaimer: Skype may or may not use your comments, ideas, or suggestions. Skype reserves the right to use for any purpose including commercial purposes, comments, ideas, suggestions, code, products or services (“Content”) that are posted on this community without any obligation to compensate the individual or entity that provided the Content. By posting any Content in the community, you hereby relinquish any right you may have in such Content and to any future compensation for publication, use, distribution, license or sale of the same. By posting Content, you represent and warrant that you either own or control all of the rights to that Content, and such Content does not violate any third party rights or these Skype Terms of Service. You agree that all opinions expressed by users of this community are expressed in their individual capacities, and not as representatives of Skype.
  Frequently Asked Questions
  What is the Idea Board all about?
  Idea Board is a new part of the Skype Community, where members can share their ideas about existing products and services. Anyone in the community can see and vote on the ideas you post.
  We encourage you to give kudos and comment on submitted ideas as we are more likely to take the top kudoed and most discussed ones into consideration.
  How do I navigate the Ideas Board? 
  Finding your way around the ideas board is a pretty straightforward task, here are some of the things you will see to help you get around.
  •  New Ideas – The most recent ideas.
  •  Hot Ideas – The most popular ideas right now.
  •  Top Ideas – The most kudoed ideas.
  The sidebar widgets
  In the sidebar you'll find more ways to sort the ideas board, see new and popular ideas and the top rated contributors to the idea board. It's also really easy to view only the ideas with certain status', for instance if you only want to see ideas that are “Accepted”.
  How to check if an idea exists already?
  Use the search function filtering by the ideas board – or click here (direct link to search function)
  What do the votes/kudos mean?
  Just as you can give kudos in the community boards and blogs, you can vote for ideas you like on the Idea Board. Ideas with high vote totals are more likely to be recognized and accepted by the teams at Skype who develop our products and services. You can also leave comments on ideas, but remember to be kind!
  What do the different idea statuses mean?
  We strive to review submitted ideas on a biweekly/monthly cycle. Each idea will go through a life cycle that will be assigned statuses at each milestone. The statuses are explained here:
  New Idea - Sparkly new idea, submitted by you, and ready to be vetted by the community.
  Comments Requested - Items set as Comments Requested will be open to the community for feedback and votes.
  Under consideration - Idea has been forwarded to appropriate business team who is determining feasibility.
  More information needed - More information is needed before our Product Management team can take this forward, please review the comments left by the team.
  Duplicate - Ideas in this status have already been submitted in some form or another. We will link these items over to the other idea so you can review the status or track the progress there.
  Already exists - This is available in the product. 
  Future possibility - Idea is a good one but not something we can include in a near-term product or software release.
  Accepted - Idea has been accepted and has been taken forward for implementation, check back soon for updates.
  Not right now - We like the idea but just not for right now, we will revisit it in the future.
  Implemented - You asked for it, we did it!
  My idea has been accepted. How long will it take to be implemented?
  Sadly, we will not be able to provide dates for the implementation of any accepted ideas within the community due to the number of factors involved. Please be patient and let us make sure it is completely ready before we make it available.
  How will I know if an idea has been implemented?
  You can track the status of your ideas as your ideas are sent to the people here at Skype who can make them happen and you will see the status of your idea is updated. We will be telling you if the idea is something we are working on now or would like to do in the future, or if it’s something that is not feasible for us at this time. To ensure you don’t miss any updates select “Subscribe” from the “Idea Options” menu when viewing your idea.
  What ideas have been implemented so far?
  You can check "Accepted and Implemented ideas" topic here.
  Can I edit or delete my ideas comments?
  No, you can't. Be sure to check your spelling and preview your comment before you post it; you can't edit a comment once it's posted.
  Who and how often moderates/ manages the ideas board?
  The community team is monitoring the board on the weekly basis and product managers will come in on a monthly basis to update statuses of the ideas and post their comments.
  If Skype decides not to pursue my idea, will you tell me why?
  We do not always provide the reasons for our decisions regarding ideas submitted for review but will strive to provide an explanation where possible.
  If I am not comfortable submitting my idea over the Internet, is there another way I can do so?
  No.
  Follow the latest Skype Community News
  ↓ Did my reply answer your question? Accept it as a solution to help others, Thanks. ↓

  I would really appreciate if you guys work on the feature “ custom backgrounds for chat notifications”.
  If users will be able to choose any image of their liking in the custom background feature if would add value. Currently some of the chat messengers provide this facility to the users which makes interesting to the users while improving user friendliness and satisfaction. Options that would include are
  Take a photo
  Choose from albums
  Search from web
  Delete
  That appears to be a reasonably robust selection. In search, a user can use a built in engine to pull up images based on search and then select it as it their choice. Once you chose an image, it will be asked to confirm and ‘set’ as the universal chat window for all contacts.