Tag Archive: iPhone Repair Abbotsford BC


Apple finally fixes App Store flaw by turning on encryption

Apple has finally fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications.

The flaw arose because Apple neglected to use encryption when an iPhone or other mobile device tries to connect to the App Store, meaning an attacker can hijack the connection. In addition to a security flaw, the unencrypted connections also created a privacy vulnerability because the complete list of applications installed on the device are disclosed over Wi-Fi.

It also allows the installation of apps, including extremely expensive ones that top out at $999.99, without the user’s consent, which can create serious consequences because Apple doesn’t give refunds. To do this, an attacker needs to be on the same private or public Wi-Fi network, including, for example, a coffeeshop, hotel, or airport network.

Security researcher Elie Bursztein discovered the vulnerability and reported it to Apple last July. Apple fixed the problem in a recent update that said “content is now served over HTTPS by default.” Apple also thanked Bernhard Brehm of Recurity Labs and Rahul Iyer of Bejoi.

Bursztein, who works at Google, in Mountain View, Calif., but emphasized this was work done at home in his spare time, published a personal blog post today that described details about the App Store vulnerability and included videos of how an attacker was able to steal passwords or install unwanted apps.

Publicizing this flaw, Bursztein said, highlighted how necessary encrypted HTTPS connections were. “Many companies don’t realize that HTTPS is important for mobile apps,” he said. But if they rely on Web connections or Webviews, he added, they are vulnerable to attacks: “Providing a concrete example seems a good way to attract developer attention to the issue.”

As a postdoctoral researcher at Stanford University, Bursztein published research that included demonstrating flaws in Captchas and the Web interfaces of embedded devices. At the Defcon conference in Las Vegas two years ago, he demonstrated how to bypass Windows’ built-in encryption that Web browsers, instant messaging clients, and other programs used to store user passwords.

Bursztein’s blog post comes a day after Apple’s marketing chief, Phil Schiller, took a security-related swipe at Google on Twitter by pointing to a report on the rise of Android malware.

 

Source: CNET

iOS loophole gives developers access to photos, sources say a fix is coming

Another day, another iOS security concern. Today’s confidence-defeating news comes from Nick Bilton at the New York Times. Bilton writes at the paper’s Bits blog that a loophole has been discovered in iOS which allows third-party developers access to your iPhone, iPad, or iPod touch’s photo and video location data… as well as the actual photos and videos themselves. It appears that if an app asks for photo location data on your device (and you approve the request for permission), that application will also be able to slurp down the photos and videos stored on your phone without any further notification. The Times report mirrors an earlier story from 9to5 Mac which detailed security issues on the platform.

Bilton had an unnamed developer create a dummy application which would replicate the offending functionality, and the developer was able to easily poach location information as well as photos and video from a test device. Other developers — such as Curio co-founder David E. Chen — sounded off on the issue. Chen told the Times that, “The location history, as well as your photos and videos, could be uploaded to a server. Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.” Camera+ developer John Casasanta said that, “It’s very strange, because Apple is asking for location permission, but really what it is doing is accessing your entire photo library.” The article also suggests that this loophole may have been introduced with the release of iOS 4 in 2010.

We reached out to Apple about the issue, but the company declined to comment.

All hope might not be lost, however. We spoke to sources familiar with the situation, and were informed that a fix is most likely coming for the loophole. According to the people we talked to, Apple has been made aware of the issue and is likely planning a fix with an upcoming release of iOS. Those sources also confirmed that the ability to send your photos and videos to a third-party is an error, not an intended feature. If we had to guess, the fix will likely come alongside a patch for Apple’s other recent security issue — the ability for apps to upload your address book information without warning.

This story has clear echoes of that controversy, which came to light when a developer discovered that the app Path was downloading all of your device’s contact information to the company’s servers. In a follow-up report, we discovered that Path wasn’t the only app grabbing your info.

It will be interesting to see how Apple reacts to security breaches of this nature in the future. The company has long made it clear that it’s working to respect user’s privacy; at a glance it looks like these recent slip-ups are exceptions, not the rule.

Source: The Verge