Back to Blog
Such data can be easily extracted and may include authentication tokens, raw authentication data or personal data. “This mistake extends to sending data too, if developers rely on the device too much it becomes quite easy to forget altogether about the transmission of the data. “It is easy to make mistakes such as storing user data (passwords/usernames) incorrectly on the device, in the vast majority of cases credentials get stored either unencrypted or have been encoded using methods such as base64 encoding (or others) and are rather trivial to reverse,” says Andy Swift, mobile security researcher from penetration testing firm Hut3. If done insecurely, this allows attackers sitting on the same network as an iPhone user, such as a public Wi-Fi network, to potentially scoop up information being sent to and from the app. Insecure dataĭevelopers, whether producing iOS applications for workers or for the wider public, often rely too heavily on the device to store data too. I’ve been working with many pretty well-known papers as well as other big vendors on other applications, like finance and podcasts, and patches are going out.”Īmit is planning to detail some more “neat techniques” for exploiting iOS at the RSA Conference in San Francisco this month, but cannot reveal more as he works with Apple to mitigate the threat. “It’s possible because most applications are loading information or commands from their server to execute on the client with no indication of the actual source. “You can persistently and remotely control how the application is working,” he warns. Even when users left that network, as iOS cached the malicious URL, when they continued to use the application they would still hit that bad site, which could be used to carry out exploits on the user’s phone.Īt least three of the biggest US media outlets had such a flaw in their consumer-facing applications, says Yair Amit, co-founder and chief technology officer of Skycure. Sk圜ure found attackers sitting on the same network as a user of a vulnerable app could easily switch those Internet addresses with their own malicious site. It’s often used when services are switching domains. One notable problem uncovered by an Israeli start-up, Sk圜ure, was the insecure use of what’s known as the “301 Moved Permanently” HTTP feature found in many applications on iOS, which lets developers easily switch the Internet addresses apps use to acquire data. A variety of techniques can be employed by attackers in this respect. If you’ve been reading the Guardian’s coverage of online surveillance by agencies including the NSA and GCHQ, you’ll already know that one way to gather data from smartphones is to exploit vulnerabilities in apps. Given the popularity of Apple’s devices, attackers will be hungry to exploit them. What’s more, there are a myriad of ways outsiders can try to pilfer data from iOS. And while vulnerabilities do not always equate to threats, it’s clear from this data that iOS is far from invincible. When Apple released its iOS 7 software in 2013, it patched a whopping 70 flaws. In a 2013 report, Symantec claimed that there were 387 documented security holes in iOS in 2012, compared to just 13 for Android. First, its iOS software is far from flaw-free. Yet there remain some alarming facts for iPhone owners to take on board.
0 Comments
Read More
Leave a Reply. |