Fresh off the Announcement that the United States Air Force is trading in their BlackBerry's for Apple's iPhone, comes an announcement from Cupertino that they've discovered a serious security flaw in their implementation of their SSL/TSL data protection on not only OS X but for their iOS powered devices as well.
In a support document regarding the patch for this specific problem Apple noted that the bug would allow "an attacker with a 'privileged network position' to capture or modify data protected by SSL/TLS."
The security site CrowdStrike actually goes into more detail about how serious the flaw was:
This enables an adversary to masquerade as coming from a trusted remote endpoint, such as your favorite webmail provider and perform full interception of encrypted traffic between you and the destination server, as well as give them a capability to modify the data in flight (such as deliver exploits to take control of your system).
This security flaw and it's potential for exploitation only hammers home what BlackBerry said in a press release last week in response to the USAF announcement of their switch to iPhone:
There is a clear reason why BlackBerry has more government certifications than any other vendor, and the only enterprise mobility management vendor and handset maker to receive the Department of Defense “Authority to Operate” certification. Security is built into everything we do, and we've been doing it longer and better than anyone else.
Perhaps this will cause the USAF to pause and rethink their decision. Given the history of providing secure communications for the DoD that BlackBerry enjoys, the better move for the "Aim High" folks would be to upgrade their aging fleets of Bolds and Curves to Q10's, Z10's and Z30's.
If it's good enough for the Commander-in-Chief, shouldn't a BlackBerry be good enough for the guy (or girl) flying him around in Air Fore One?