蘋果操作系統第二個安全漏洞曝光

Second Apple iOS security flaw exposed

Matthew Sparkes The Telegraph 2014-02-26 12:00:00
http://www.telegraph.co.uk/technology/apple/10660203/Second-Apple-iOS-security-flaw-exposed.html

Security researchers warn of a flaw that could expose iPhone and iPad data to hackers, just days after Apple was forced to rush out a software update to protect against a serious SSL vulnerability.

Security researchers have discovered a new flaw in Apple’s iOS that could expose every action the user takes to a third party, even down to each letter and number typed.

A team from security company FireEye have outlined how they were able to get an app onto iOS 7 devices such as iPads and iPhones that would monitor every single tap of the screen and broadcast that information to any remote server.

Such information would potentially give hackers access to every single SMS, email and written note as the location of the screen presses gives away which button is being pressed on the virtual keyboard. The app can also record every home button press, changes of volume and TouchID fingerprint scanner use.

Researchers claim that the attack is only at the “proof-of-concept” stage and there is no evidence that it has been used outside of a lab. And the group have informed Apple of their work and claim to be “collaborating on the issue”.

The attack works on even the latest version 7.0.4 of iOS and on non-jailbroken iPhones.

In a blog post the team said: “Based on the findings, potential attackers can either use phishing to mislead the victim to install a malicious/vulnerable app or exploit another remote vulnerability of some app, and then conduct background monitoring.”

The iOS operating system allows users to select whether or not apps will be able to operate in the background, but the researchers suggest that even if this is turned off then malicious apps could pose as music software and remain able to monitor. This is because music apps are allowed to bend the rules so that they can play music even when the app is minimised.

The iOS flaw is the second to be exposed in recent days. At the weekend Apple released a patch for its mobile operating system after security researchers uncovered a major vulnerability that could allow hackers to intercept encrypted emails and other communications.

The flaw, which was first identified by security firm Crowdstrike, meant that critical checks on the validity of a website’s security (SSL) certificate were overlooked when users tried to establish a secure connection.

This meant that a hacker could potentially masquerade as a trusted site, such as Gmail or Facebook, and intercept encrypted traffic or modify the data in transit, in addition to breaching financial data or finding other sensitive information.

"It's as bad as you could imagine, that's all I can say," Johns Hopkins University cryptography professor Matthew Green told Reuters.

Apple refused to comment.