iOS 5, still slowly rolling out to users after its launch on Wednesday, not only brings new features–it also brings a number of important security fixes for iPhone, iPad, and iPod touch users. The update removes trust for any and all security certificates from hacked certificate authority DigiNotar, and drops support for certs with MD5 hashes and updates TLS to version 1.2 to improve security of SSL connections.
Dutch certificate authority DigiNotar was hacked in July by a hacker calling himself ComodoHacker, who used DigiNotar’s servers to generate hundreds of fraudulent security certificates. Though the company had believed that it had deleted all of them from its servers, the company ended up missing at least one certificate. That particular certificate allowed the hacker to put his servers between Gmail users and Google’s Gmail servers in order intercept e-mail from a number of Iranian citizens.
Once news of the hack spread, Mozilla, Google, Microsoft, and others issued patc