Tag Archives: Apple

Judge: FBI Doesn’t Have to Reveal How It Unlocked iPhone Used by San Bernardino Terrorist

apple-fbi-iphone-unlock

Remember the infamous encryption fight between the FBI and Apple for unlocking an iPhone belonging to terrorist Syed Farook behind the San Bernardino 2015 mass shooting that killed 14 people?

The same Apple vs. FBI case where Apple refused to help feds access data on the locked iPhone and, later the Federal Bureau of Investigation reportedly paid over a million dollars to a vendor for unlocking the shooter’s iPhone.

For keeping the iPhone hack secret, three news organizations—The Associated Press, USA Today, and Vice Media—sued the FBI last year under the Freedom of Information Act (FOIA) and forced the agency to reveal the name of the company and the amount it was paid to unlock the iPhone.

However, unfortunately, they failed.

A US federal judge ruled Saturday that the FBI does not have to disclose the name of or how much it paid a private company for an iPhone hacking tool that unlocked Farook’s iPhone.

Apple vs. FBI was one of the biggest legal battles in which Apple was being forced to build a backdoored version of its iOS that could have helped the agency unlock Farook’s iPhone, but the company refused.

After weeks of arguments, the US government withdrew its motion and announced it had obtained an alternative method to unlock the iPhone from an “outside party.”

A few months later, The Associated Press, USA Today, and Vice Media sued the FBI, arguing that the public have a right to know how the government spent taxpayer funds for the iPhone hack.

The news organisations also claimed the existence of a serious vulnerability in the iPhone could be a danger to the public.

However, U.S. District Judge Tanya S. Chutkan of the District of Columbia ruled this weekend that the information on vendor and hacking tool used is exempt from mandatory disclosure under the government transparency law.

“It is logical and plausible that the vendor may be less capable than the FBI of protecting its proprietary information in the face of a cyber attack,” the judge said.

“The FBI’s conclusion that releasing the name of the vendor to the general public could put the vendor’s systems, and thereby crucial information about the technology, at risk of incursion is a reasonable one.”

Regarding the cost of the hacking tool, the federal judge also agreed with the US government that revealing the price the government paid for unlocking iPhone could harm national security.

“Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilise the technology to access their encrypted devices,” Chutkan said.

“Since the release of this information might ‘reduce the effectiveness of a critical classified source and method’, it is reasonable to expect that disclosure could endanger national security.”

Last year, former FBI Director James Comey indirectly disclosed that the agency reportedly paid around $1.3 Million for the hacking tool that helped the agency break into Farook’s iPhone 5C.

Although Comey said the hacking tool the FBI bought was only effective against an iPhone 5C running iOS 9 and not on later versions of iPhone such as the 5S, 6 and 6S, the agency could theoretically find a way to expand the tool’s effort or build a similar implementation to hack higher models.

Powered by WPeMatico

Apple macOS High Sierra Exploit Lets Hackers Steal Keychain Passwords in Plaintext

keychain-password-vulnerability-macOS-High-Sierra

Apple yesterday rolled out a new version of its macOS operating system, dubbed High Sierra 10.13—a few hours before an ex-NSA hacker publicly disclosed the details of a critical vulnerability that affects High Sierra as well as all earlier versions of macOS.

Patrick Wardle, an ex-NSA hacker and now head of research at security firm Synack, found a critical zero-day vulnerability in macOS that could allow any installed application to steal usernames and plaintext passwords of online accounts stored in the Mac Keychain.

The macOS Keychain is a built-in password management system that helps Apple users securely store passwords for applications, servers, websites, cryptographic keys and credit card numbers—which can be accessed using only a user-defined master password.

Typically no application can access the contents of Keychain unless the user enters the master password.

“I discovered a flaw where malicious non-privileged code (or apps) could programmatically access the keychain and dump all this data …. including your plain text passwords. This is not something that is supposed to happen!,” Wardle said.

The security flaw actually resides in macOS’s kernel extension SKEL (Secure Kernel Extension Loading) security feature, which was disclosed earlier this month, allowing an attacker to run any third-party at kernel level extension without requiring user approval.

Wardle yesterday posted a proof-of-concept video of the exploit, demonstrating how the hack can be used to exfiltrate every single plaintext password from Keychain without requiring the user to enter the master password.

The video shows how a malicious installed application, signed or unsigned, allowed an attacker to remotely steal all the passwords stored in the keychain and does not notify the user of the attack either.

“macOS is designed to be secure by default, and Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval,” said Apple in a statement released today.

“We encourage users to download software only from trusted sources like the Mac App Store and to pay careful attention to security dialogs that macOS presents.”

Wardle claimed that he reported the issue to Apple last month, and made the public disclosure when the company planned to release High Sierra without fixing the vulnerability, which not only affects the newest version but also older versions of macOS.

Powered by WPeMatico

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large aud

CVE-2017-14315 : In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large aud

CVEdetails.com the ultimate security vulnerability data source

In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default “Bluetooth On” value must be present in Settings.

Publish Date : 2017-09-12 Last Update Date : 2017-09-21


CVSS Scores & Vulnerability Types

CVSS Score

7.9

Confidentiality Impact Complete
(There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete
(There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete
(There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Medium
(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required
(Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) OverflowGain privilegesBypass a restriction or similar
CWE ID 119


Products Affected By CVE-2017-14315


Number Of Affected Versions By Product


References For CVE-2017-14315


Metasploit Modules Related To CVE-2017-14315

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE’s CVE web site.

CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE’s CWE web site.

OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE’s OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user’s risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.

Powered by WPeMatico

Apple removes VPN Apps from the China App Store

china-vpn-ban-apple-ios-store

In order to comply with Chinese censorship law, Apple has started removing all virtual private network (VPN) apps from the App Store in China, making it harder for internet users to bypass its Great Firewall.

VPN service providers that provide services in China has accused the United States tech giant of complying with Chinese stringent cyberspace regulations.

In a blog post, the developers of ExpressVPN reported that Apple informed them that their VPN app had been pulled from the company’s Chinese App Store, and it seems all major VPN clients have received the same notice from Apple.

China has strict Internet censorship laws through the Great Firewall of China – the country’s Golden Shield project that employs a variety of tricks to censor Internet and block access to major foreign websites in the country.

The Great Firewall is already blocking some 171 out of the world’s 1,000 top websites, including Google, Facebook, Twitter, Dropbox, Tumblr, and The Pirate Bay in the country.

Therefore, to thwart these restrictions and access these websites, hundreds of millions of Chinese citizens use virtual private networks (VPNs) that encrypt their online traffic and route it through a distant connection.

However, earlier this year, China announced a crackdown on VPNs and proxy services in the country and made it mandatory for all VPN service providers and leased cable lines operators to have a license from the government to use such services.

This 14-month-long crackdown on the use of unsupervised internet connections, including VPNs was launched by the country’s Ministry of Industry and Information Technology, who called it a “clean-up” of China’s Internet connections.

Now, ExpressVPN received a notice from Apple that its app would be removed from the China-based App Store “because it includes content that is illegal in China.”

“We’re disappointed in this development, as it represents the most drastic measure the Chinese government has taken to block the use of VPNs to date, and we are troubled to see Apple aiding China’s censorship efforts,” ExpressVPN said in a statement.

Not just ExpressVPN alone, but another VPN service provider, Star VPN, also received same notice from Apple, the company confirmed via its official Twitter account on Saturday.

“We are writing to notify you that your application will be removed from the China App Store because it includes content that is illegal in China,” Apple said in the notice. “We know this stuff is complicated, but it is your responsibility to understand and make sure your app conforms with all local laws.”

Although Apple did not comment on this issue, it is no coincidence, as the company has severely been implementing various aspects of Chinese law in recent months for its regional operations in the most populated country.

Earlier this year, Apple removed the New York Times (NYT) app from its Chinese App Store because the app was in “violation of local regulations.”

The tech giant has even partnered with a local firm in the southwestern province of Guizhou earlier this month to set up its first data centre in China, which will store all user information for Chinese customers.

Powered by WPeMatico

Does Apple Watch 3 have a chance against the competition?

Apple’s latest smartwatch is expected to hit the shelves early next year, and even though now it is midsummer, the rumors around the product have already begun circulating. Some of the top rumors for Apple’s Series 3 watch suggest that cellular integration will finally arrive for Apple watches. Speculators also mention the latest edition of the product is very likely to have a front facing camera. If true, this would be great news as you will soon be able to make and receive calls, as well as FaceTime without the need of your iPhone. Most of the rumored functions have already been present for years to products from Fitbit, Samsung, Moto, Xiomi, and LG. However, we are surely excited to see how these options would feel and operate on watchOS.

What needs to be improved in this new smartwatch?

The smartwatch market had continually been expanding since its inception about five years ago; it is not a secret the first two versions of the Apple Watch product have had some rough time reaching their sales targets. Apple is not very keen on sharing numbers, but analysts confirm masses are still not entirely convinced that any smartwatch is worth the $300+ price tag. The overall smartwatch market has been experiencing steady growth but not a real boom. So we were wondering if Apple Watch 3 will be the device that will finally convert smartwatches from being a gimmick to an everyday necessity? Here’s what Apple Watch 3 will need to outshine, or at least catch up with its competitors;

–    Improved battery life

Apple Watch 2 needs charging almost every night. This is almost laughable when compared to the 7-day battery life functionality of Fitbit Surge or the 4-day battery lasting of Samsung Gear S3. If you want to have a device capable of dominating the market, it needs to be fully functional for at least two days in a row. Otherwise, it is just yet another piece of technology that requires charging every night. There is light in the tunnel as the Commonwealth Scientific, and Industrial Research Organisation (CSIRO) recently announced that there might be a way to harvest energy from hand movements. Fingers crossed Apple will integrate similar technology in Apple Watch 3.

–    Fitness and Sleep Tracking Accuracy

One of the main reason for Fitbit to still be part of the leaders in the wearables market is the fact that it accurately tracks sleep, steps, floors, etc.  The fitness tracking accuracy of some of the top smartwatches hasn’t been on a level where we want it to be, and this includes Apple Watch 2. Apple’s current smartwatch does not have integrated sleep and cycling trackers – there are apps, but the functions are not yet integrated. We hope to see these features included in the new Apple Watch.

–    Better security

This is one of the places where Apple can step in their game. CSIRO recently announced there might be a way to add one more layer of protection to the wearable tech – the smartwatches of the future may be able to learn your walking habits and only work with its respective owners. They will be able to recognize your way of movement when compared to someone else’s, making sure all you are the only person able to access information stored on the device. This is where Apple Watch 3 has a real opportunity to outshine the rest of the pack.

Would this be enough?

Most of these factors would simply get Apple to catch up with the rest of the pack unless Apple’s R&D team find a way for watches to start being sufficiently charged from movement; they managed to develop more fitness tracking options, and they increase the level of security. So whoever gets there first, will be the winner as achieving these innovations may be the tipping point that will add smartwatch devices to people’s daily routine! Imagine a future where your watch does not require charging, and you no longer have to take your wallet, phone, and keys with you. All you will need will be an intelligent smartwatch!

The post Does Apple Watch 3 have a chance against the competition? appeared first on Panda Security Mediacenter.

Read More

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS

CVE-2017-7069 : An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS

CVEdetails.com the ultimate security vulnerability data source

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the “Kernel” component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

Publish Date : 2017-07-20 Last Update Date : 2017-07-24


CVSS Scores & Vulnerability Types

CVSS Score

9.3

Confidentiality Impact Complete
(There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete
(There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete
(There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Medium
(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required
(Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Denial Of ServiceExecute CodeOverflowMemory corruption
CWE ID 119


Products Affected By CVE-2017-7069


Number Of Affected Versions By Product


References For CVE-2017-7069


Metasploit Modules Related To CVE-2017-7069

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE’s CVE web site.

CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE’s CWE web site.

OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE’s OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user’s risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.

Powered by WPeMatico

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS

CVE-2017-7068 : An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS

CVEdetails.com the ultimate security vulnerability data source

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the “libarchive” component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted archive file.

Publish Date : 2017-07-20 Last Update Date : 2017-07-24


CVSS Scores & Vulnerability Types

CVSS Score

6.8

Confidentiality Impact Partial
(There is considerable informational disclosure.)
Integrity Impact Partial
(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial
(There is reduced performance or interruptions in resource availability.)
Access Complexity Medium
(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required
(Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Denial Of ServiceExecute CodeOverflow
CWE ID 119


Products Affected By CVE-2017-7068


Number Of Affected Versions By Product


References For CVE-2017-7068


Metasploit Modules Related To CVE-2017-7068

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE’s CVE web site.

CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE’s CWE web site.

OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE’s OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user’s risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.

Powered by WPeMatico

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the “Kernel

CVE-2017-7067 : An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the “Kernel

CVEdetails.com the ultimate security vulnerability data source

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the “Kernel” component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

Publish Date : 2017-07-20 Last Update Date : 2017-07-24


CVSS Scores & Vulnerability Types

CVSS Score

4.3

Confidentiality Impact Partial
(There is considerable informational disclosure.)
Integrity Impact None
(There is no impact to the integrity of the system)
Availability Impact None
(There is no impact to the availability of the system.)
Access Complexity Medium
(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required
(Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Bypass a restriction or similar
CWE ID 284


Products Affected By CVE-2017-7067


Number Of Affected Versions By Product


References For CVE-2017-7067


Metasploit Modules Related To CVE-2017-7067

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE’s CVE web site.

CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE’s CWE web site.

OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE’s OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user’s risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.

Powered by WPeMatico