Apple hails Omani official for discovering data system flaw
Discovery of loophole adds to Oman National Computer Emergency Readiness Team’s global reputation
MUSCAT: An Omani official from the Oman National Computer Emergency Readiness Team (OCERT) has been thanked by computer giants Apple after discovering a data loophole
Saif Al Hinai, a senior cybersecurity analyst at OCERT, discovered the leak in the Quick Look feature in iPhone 6S phones and later that could lead to a loss of user information.
Saif told Times of Oman: “I am a cybersecurity analyst, interested in finding loopholes in data systems. I do this at the office as part of my work. In my private time, I have online work on a website where I follow technology work and research.”
According to him, any system can be compromised, which is why it is important to make new discoveries and update the systems to improve them.
“As you might imagine, there is no such thing as a perfectly secure system right now, it’s just a matter of time until someone finds a loophole in the system which can be exploited. It’s my personal opinion that there are always flaws in systems that are waiting for the right person to come at the right time to discover them, and there are always issues that no one has discovered yet.”
Saif is thrilled that his discovery was linked to OCERT, which could help prove the centre’s work and abilities on a global level.
“I am extremely proud of this on a personal level, but also as a government employee with OCERT. Of course, this is something that OCERT is credited for, and can add to its list of achievements. The centre has had a number of global achievements, and as someone in the centre this makes me proud.”
He encouraged teenagers in Oman who are talented in technology to pursue a career and nurture their talent in the field of cybersecurity, rather than experimenting by themselves, which could lead to them breaking rules they might be unaware of.
“I urge the young ones in Oman to join or get in contact with official authorities, whether they are in the government or in universities and colleges, to nurture their talents and take courses that can improve their skills.
“This will keep them from making mistakes or getting into trouble with the law”. Saif believes that there are many who are extremely skilled and smart in this field, but do not know where to go to develop their skills.
“Young people should take their skills to universities, colleges, centres, and the government so that they can develop their talents on the right path,” he added.
A statement by OCERT read: “The loophole was an issue in permissions that gave an incorrect permission that would allow user data to be leaked. OCERT, represented by the researcher Saif Al Hinai, Senior Cyber-security Analyst, has been able to discover the security loophole in the iOS system of Apple. The centre contacted Apple to provide the details of this loophole.”
This is not the first time that OCERT has found loopholes in Apple phones. “This is the second discovery of loopholes in the name of an analyst at OCERT. The first was documented on 20 December 2016, with the identification number CVE-2016-7667.”
“Discovering these loopholes in the iOS systems is considered part of the cooperation in cybersecurity between OCERT and global technology companies.”
The centre added that people should always update their software in order to get the latest security features.
Apple worked on resolving the issue and then documented it in the name of Al Hinai and one other man and said that the loophole was in its Quick Look feature and affected iPhone 6S and later phones.