Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New iOS Keylogging Vulnerability Discovered

timothy posted about 5 months ago | from the it's-called-eye-phone-duh dept.

Security 72

exomondo writes "Following hot on the heels of the iOS (and OS X) SSL security bug comes the latest vulnerability in Apple's mobile operating system. It is a security bug that can be used as a vector for malware to capture touch screen, volume rocker, home button and (on supported devices) TouchID sensor presses, information that could be sent to a remote server to re-create the user's actions. The vulnerability exists in even the most recent versions of iOS and the authors claim that they delivered a proof-of-concept monitoring app through the App Store."

cancel ×

72 comments

Linux and windows have vulnerabilities (5, Insightful)

bazmail (764941) | about 5 months ago | (#46336983)

apple software has "bugs".

Re:Linux and windows have vulnerabilities (2)

StripedCow (776465) | about 5 months ago | (#46337221)

At least Microsoft is conducting research to reduce bugs.
See for example: http://research.microsoft.com/... [microsoft.com]

Not sure where Apple stands.

Re:Linux and windows have vulnerabilities (1)

kthreadd (1558445) | about 5 months ago | (#46337295)

We don't know because Apple never comments on things. It's a black box.

Re:Linux and windows have vulnerabilities (5, Funny)

Anonymous Coward | about 5 months ago | (#46337313)

Not sure where Apple stands.

On a mahogany patio, looking at a gold-plated Olympic-size swimming pool full of cash, smiling before wading in.

Re:Linux and windows have vulnerabilities (1)

jddeluxe (965655) | about 5 months ago | (#46337477)

Not sure where Apple stands.

On a mahogany patio, looking at a gold-plated Olympic-size swimming pool full of cash, smiling before wading in.

...On the yacht...

Re:Linux and windows have vulnerabilities (1, Interesting)

alen (225700) | about 5 months ago | (#46337251)

this one relies on apps that run in the background and "listen" to touch inputs

since android is multitasking as well i assume it has the same issues

Re:Linux and windows have vulnerabilities (2, Interesting)

Anonymous Coward | about 5 months ago | (#46337373)

Background tasks don't receive touch input. That's why they are in the background.

Unless you are iOS and have this vulnerability.

Re:Linux and windows have vulnerabilities (5, Insightful)

rehtonAesoohC (954490) | about 5 months ago | (#46337551)

You can't assume that because android also has multi-tasking that it also has a security vulnerability... It's a completely different system with completely different designs. That's like saying that because an apple has skin that you should also eat people too.

virus too (0)

Fluffy the Destroyer (3459643) | about 5 months ago | (#46337471)

it has viruses in flash too. be warned apple users, your not invulnurable as you think. You'll need an anti-virus, anti-malware and anti everything to protect your so called inpenetrable OS. "Resistance is futile" lol

Re:virus too (-1)

BasilBrush (643681) | about 5 months ago | (#46338001)

it has viruses in flash too.

That would be quite difficult as flash isn't supported on iOS.

You'll need an anti-virus, anti-malware and anti everything to protect your so called inpenetrable OS.

Dream on.

Re:virus too (1)

Anonymous Coward | about 5 months ago | (#46338279)

Quite a number of applications use Adobe AIR as their framework, which is effectively Flash.

Flash in a Browser is, of course, a different story.

stfu and learn noob (2)

Fluffy the Destroyer (3459643) | about 5 months ago | (#46338573)

Re:stfu and learn noob (3, Informative)

Slashcrunch (626325) | about 5 months ago | (#46340211)

Yeah, that one piece of malware is a real pain.

Yes, malware for OSX and iOS does exist. It is very possible. But the problem seems to be about the same size as malware for Linux at this stage. By that I mean there is very little of anecdotal evidence of widespread, active malware in the wild targeting OSX, iOS and Linux. The same can't be said for Windows.

So far I've never been hit on OSX, iOS or Linux. I've had plenty of Windows machines go down in flames though. I still have friends of family for which this is a fairly regular occurrence. Even myself, I had a fully patched Windows VM just for testing websites in IE. No antivirus installed. Visited some legitimate news and html/css sites... Boom. Malware installed.

Re:stfu and learn noob (0)

Anonymous Coward | about 5 months ago | (#46341437)

Yeah, that one piece of malware is a real pain.

Yes, malware for OSX and iOS does exist. It is very possible. But the problem seems to be about the same size as malware for Linux at this stage. By that I mean there is very little of anecdotal evidence of widespread, active malware in the wild targeting OSX, iOS and Linux.

Are you kidding? The biggest malware epidemic in modern times in terms of percentage of user base infected was Mac Flashback, infecting 1% of OSX users.

Re:stfu and learn noob (1)

TheGrimmReaper (1927686) | about 5 months ago | (#46349237)

The biggest? Really? I'm hope your using humor.

Re:stfu and learn noob (0)

Anonymous Coward | about 5 months ago | (#46351987)

The biggest? Really? I'm hope your using humor.

Yes, really, in terms of percentage of user base infected. It infected 1% of OSX users [pcworld.com] . Second biggest was Windows Conficker, infecting 0.7% of Windows users. Now someone will say that this is more users, of course it is, but percentage of user base affected is the relevant metric for assessing infection risk for users of that platform.

Now, I'm not saying that Mac users have higher infection risk than Windows users in total, because Windows still have significant more malware adding to the risk. But that Mac users still think it hardly happens to their platform after a massive outbreak like Flashback is very naive.

Btw. versions of Mac Flashback infected with completely drive-by infection, no users intervention or notice, something many Mac users still believe can't happen on OSX.

Yep. I concur. (1)

Wild_dog! (98536) | about 5 months ago | (#46342215)

No virus' or trojans on any of my OSX or Linux boxes over the past 8 or so years. Lots on the windows boxes in the past.
But times are changing as they will.
The higher OSX gets or iOS gets the more likely folks will be seriously targeting these platforms.
Just simple economics really.

Re:stfu and learn noob (1)

Gunboat_Diplomat (3390511) | about 5 months ago | (#46343039)

Yeah, that one piece of malware is a real pain.

Yes, malware for OSX and iOS does exist. It is very possible. But the problem seems to be about the same size as malware for Linux at this stage. By that I mean there is very little of anecdotal evidence of widespread, active malware in the wild targeting OSX, iOS and Linux. The same can't be said for Windows.

So far I've never been hit on OSX, iOS or Linux. I've had plenty of Windows machines go down in flames though. I still have friends of family for which this is a fairly regular occurrence. Even myself, I had a fully patched Windows VM just for testing websites in IE. No antivirus installed. Visited some legitimate news and html/css sites... Boom. Malware installed.

Mac Malware Outbreak Is Bigger than 'Conficker' [pcworld.com]

Re:stfu and learn noob (1)

AmiMoJo (196126) | about 5 months ago | (#46344773)

By that I mean there is very little of anecdotal evidence of widespread, active malware in the wild targeting OSX, iOS and Linux.

Actually iOS seems to be a very popular target for NSA malware. Check out their malware catalogue, they have a lot of stuff targeting iOS.

Get out of your tower of Illusion (1)

Fluffy the Destroyer (3459643) | about 5 months ago | (#46338753)

Its incredible how a mac user (I presume you are but I could be wrong with your antivirus answer) but to think that mac don't need an anti-virus is simple stupid and arrogant at the same time. It's not because you got a mac that your invulnurable on viruses. Phishing works with a browser and every OS as one. my recent link in my post was about the flashback bot which works in browsers. Guess what ? Mac has browsers too and since people know mac don't have an anti-virus guess what will hackers or people with bad intention do ? They' ll probably attack mac users especially since Apple got more popularity in recent years. So mac users should get out of their tower of illusion and embrace reality before its too late. Cause right now WIndows users or most of them made their research, work and studies on viruses and antiviruses and most are ready. How much mac users are ready against the upcoming threats ?

Re:Get out of your tower of Illusion (2)

BasilBrush (643681) | about 5 months ago | (#46338945)

You seem confused as to the topic. I repeat. OSX is not iOS. iOS doesn't have flash, nor flashback, nor any need for anti-virus. Anti-virus could only check for know malware, and known malware is removed by Apple anyway.

Re: Get out of your tower of Illusion (0)

Anonymous Coward | about 5 months ago | (#46340605)

you seem to be living in a dream
world and obviously uneducated about the topic

Re:Get out of your tower of Illusion (1)

AmiMoJo (196126) | about 5 months ago | (#46344757)

So iOS does have anti-virus, in the form of Apple's ability to remotely delete malware based on signatures.

If (app_id == KNOWN_MALWARE_72) uninstall();

Re:Get out of your tower of Illusion (1)

BasilBrush (643681) | about 5 months ago | (#46348489)

Well probably not based on signatures, no. There's no need when each app has a unique App ID.

Now as anyone interested in security knows, security is not a single defensive wall. It's a series of walls, such that whilst an attacker might break through one, they are then met with another wall. As a final wall in the iOS security, Apple does have the ability to kill malware remotely. There's not been the need to use it as yet.

Re:Linux and windows have vulnerabilities (1)

tero (39203) | about 5 months ago | (#46337543)

You didn't even read the summary? That's very /. of you

" iOS (and OS X) SSL security bug comes the latest vulnerability in Apple's mobile operating system"

Re:Linux and windows have vulnerabilities (1)

bazmail (764941) | about 5 months ago | (#46337961)

I tried to be all-inclusive and use the lowest form of wit as the basis for a joke, but it seems to have passed clear over your head.
I will try to include pie-in-the-face gags and poop in my next humor-based post.

NO SLASHDOTTER LEFT BEHIND!!!!

Re:Linux and windows have vulnerabilities (1)

Slashcrunch (626325) | about 5 months ago | (#46340225)

Hehe you missed a fairly thick joke there :)

No one is denying that another vulnerability was found. Vulnerabilities will be found in any software.

Re:Linux and windows have vulnerabilities (2)

FlopEJoe (784551) | about 5 months ago | (#46337799)

apple software has "bugs".

It's a glitch.

Re:Linux and windows have vulnerabilities (1)

idontgno (624372) | about 5 months ago | (#46338363)

It's a "You're doing it wrong!".

Re:Linux and windows have vulnerabilities (1)

PNutts (199112) | about 5 months ago | (#46342963)

apple software has "bugs".

It's a glitch.

And the Bobs fixed it.

This site sucks (0)

Anonymous Coward | about 5 months ago | (#46337859)

Probably less bugs than Beta has:

"Shazbot! We ran into some trouble getting the comments.
Try again... na-nu, na-nu!"

Re:Linux and windows have vulnerabilities (0)

Anonymous Coward | about 5 months ago | (#46338689)

Vulnerabilities usually come with the word "known". An update a day keeps the doctor away. And that's something the Apple guys are doing pretty well.

Re:Linux and windows have vulnerabilities (1)

0xdeadbeef (28836) | about 5 months ago | (#46338729)

And if they allow privilege escalation they're called "jailbreaks".

But how are users treated? (1)

jbn-o (555068) | about 5 months ago | (#46339805)

Any complex software has bugs and perfection is never available. The important question remains: how are the users treated? If the software respects a user's freedoms to run, inspect, share, and modify the software [gnu.org] , users are treated well. If these freedoms are not respected, the user is subjugated. This is an ethical issue with technical ramifications.

Non-free programs (such as Microsoft Windows and Apple's OSes) are designed and licensed to prohibit anyone but the proprietor from understanding how the software works. Nobody but the proprietor can fix bugs or improve the program (I use the word "improve" purposefully subjectively here). And the proprietor could have included a variety of other problems (from the user's perspective) because proprietary software is often malware [gnu.org] . A free software system (such as a GNU/Linux system on which nothing but free software is installed) can be fully inspected, shared, and modified by the users. Free software lets users treat each other ethically, non-free software leaves even the most expert users who are willing to do technical inspection/bugfixing work in the dark and prevents them from sharing with others, thus preventing them from helping others.

Software freedom is a far better arrangement for the user. Where non-free software users have to wait for a proprietary binary to patch a problem (possibly introducing new problems and leaving other known problems unfixed such as Apple did for over 3 years with an exploitable iTunes bug during which time governments used the hole to invade people's computers [stallman.org] ), a free software user has additional options. One can choose to learn to program and fix bugs themselves, one can get someone else to fix software for them (even commercially, by hiring someone trustworthy and appropriate just as one would do to fix other things). No one person can understand all the software they need, there's way too much software to do that. But together we can (and do!) maintain free software systems very well.

Re:But how are users treated? (0)

Anonymous Coward | about 5 months ago | (#46340521)

The important question remains: how are the users treated? If the software respects a user's freedoms to run, inspect, share, and modify the software [gnu.org] , users are treated well. If these freedoms are not respected, the user is subjugated.

That is just your subjective opinion and given that users are not "subjugated" - because that is just a gross over-exaggeration - your opinion has little value, users are not under "complete control", that is just FUD and you know it. Try presenting your argument in a more balanced way. The reason people often (but not always) choose proprietary software is that choosing to not exercise a particular freedom for a period of time in the context of using a particular product (sometimes even just a particular feature of that product) is more beneficial to them than using an inferior product (I am not saying free software as a whole is inferior but if a non-free product is functionally superior users will choose that) and having that freedom in that context at that time that they do not want/need anyway.

People would rather have a product that works well and does not offer them the freedom to change it than a product that does not work well and offers them the freedom to fix it themselves. You do not need to pontificate about software freedom, if the software is good enough then people will use it, if not then your product is obviously not good enough.

This is an ethical issue with technical ramifications.

Ethics are subjective and if people do not see things from your point of view (and demonstrably most do not) then arguing ethics is obviously pointless.

A free software system (such as a GNU/Linux system on which nothing but free software is installed) can be fully inspected, shared, and modified by the users.

The benefit for most end users there is very little because the systems are so complex that even the original architects and key developers often do not fully understand them much less end users with no development experience at all, this is why the vast majority of people do not choose systems based on whether it is open or not. We have seen privilege escalation bugs exist in both free Linux and non-free Windows for over a decade before being fixed for example.

Free software lets users treat each other ethically, non-free software leaves even the most expert users who are willing to do technical inspection/bugfixing work in the dark and prevents them from sharing with others, thus preventing them from helping others.

Use of non-free software does not preclude your ability to help others, that is just more FUD.

Software freedom is a far better arrangement for the user.

In theory yes I agree but in practice it is a lot less so.

One can choose to learn to program and fix bugs themselves

And therein lies the problem. End users want a tool to do a job, they do not want to develop and repair it themselves.

one can get someone else to fix software for them (even commercially, by hiring someone trustworthy and appropriate just as one would do to fix other things).

How much is a person expected to pay for this? And while you correctly point out that with non-free software a patch could "possibly introducing new problems and leaving other known problems unfixed" you fail to mention this is exactly the same with patching free software, so more biased arguments.

All of these supposed benefits could be realized now, there is nothing stopping you from building free software that is better than proprietary software and that is what will win over users. Pontificating about software freedom will not win people over even if you think it should, just as proprietary vendors need to unseat the incumbents with products that are significantly better so does free software.

Re:Linux and windows have vulnerabilities (1)

Anubis IV (1279820) | about 5 months ago | (#46340033)

I shouldn't need to be explaining this on Slashdot, but the two are not necessarily the same, and one is not a polite euphemism for the other. A bug may lead to a vulnerability, or it may not, since it could be as benign as unexpected output for the provided input or as dangerous as the stuff we hear about here each day.

In contrast, vulnerabilities are always dangerous, though to varying extents, and they may not always be caused by software bugs (though I suppose there is an argument to be made that you cannot have a vulnerability in the absence of bugs, such as bugs in the design spec that lead to vulnerabilities, even when implemented "correctly").

Anyway, even if we set aside all of that, the summary refers to this issue as both a "vulnerability" and a "bug" in the span of the first two sentences (both of which appear to be applicable in this case), so I don't know why you're getting wound up.

Re: Linux and windows have vulnerabilities (0)

Anonymous Coward | about 5 months ago | (#46342679)

Still waiting for "I'm a Mac" to come back, turn around and see his pants are ripped. Or maybe he's the king with new clothes? :)

No worries (0, Funny)

Anonymous Coward | about 5 months ago | (#46336989)

It is a security bug that can be used as a vector for malware to capture...

Good thing there is no iOS malware. All hail the walled garden!

Goes to show... (5, Insightful)

jones_supa (887896) | about 5 months ago | (#46337053)

As Apple products keep gaining larger market share, also the number of discovered vulnerabilities increases day after day. Having a UNIX base does not mean that you are automatically invincible.

Re:Goes to show... (1)

Anonymous Coward | about 5 months ago | (#46337469)

gaining a larger market share?

they are going backwards.....

the only place that buys apple products in a large quantity is the US....

9% market share..... yep everyone is buy them

Re:Goes to show... (0)

Anonymous Coward | about 5 months ago | (#46337503)

iOS has had a massive market share for a long time so your point is stupid.

Re:Goes to show... (1)

Anonymous Coward | about 5 months ago | (#46339003)

Actually, they haven't. They've never dominated the marketplace.

Their phones only passed Blackberry's highest marketshare only in 2012 / 2013.

Re:Goes to show... (0)

Anonymous Coward | about 5 months ago | (#46340733)

so...
apple had a market share of over 50% at one stage when they brought out a new shiny phone
android has annihilated apple, and now apple's market share is around 9-12%....android is around 82%.

even microsoft is gaining in market share, and close to apple..

but... no... 12% must actually mean billions of their phones are being brought, and they are the highest used phone of all time.

nokia had a "massive market share for a long time".....

apple's curiosity factor is but a blip on the mobile phone radar......

wouldn't want to point out the "stupid" obvious point....hey....

Re:Goes to show... (0)

Anonymous Coward | about 5 months ago | (#46337667)

Futher more, when they use BSD license to release binary only form, where vulnerability is most likely not in the BSD licensed part of software - is in no way different, than usual binary for Microsoft OS. IMHO, IANAP.

Can we just go back to the gotofail bug for a sec? (0)

Anonymous Coward | about 5 months ago | (#46337069)

Sweet pickles... doesn't anyone else think it's INSANE that this hasn't been fixed yet on OS X?! This isn't a minor issue, and there are all kinds of privacy concerns, financial concerns, etc. on the line here, plus this creates uncertainty about the legitimacy of future updates and the security of everything on OS X moving forward....

Since the offending code is open sourced, has any trusted third party (EFF or someone) built and implemented a fix, signed with GPG?

Now we find out any app can start keylogging on iDevices?! Security fails are to be expected, but for stuff like this "the flaw remains unfixed in OS X 10.9.0 and 10.9.1. Apple has yet to say when a patch will be released." is absolutely unacceptable and shakes my confidence in Apple's concern for its customers to the core. (NPI)

Re:Can we just go back to the gotofail bug for a s (4, Informative)

Cinder6 (894572) | about 5 months ago | (#46337229)

They just released the patch for OS X, actually.

http://appleinsider.com/articl... [appleinsider.com]

Re:Can we just go back to the gotofail bug for a s (-1)

Anonymous Coward | about 5 months ago | (#46337351)

How do we know that this "patch" don't open up a new "NSA backdoor" somewhere else?

Re:Can we just go back to the gotofail bug for a s (2)

jo_ham (604554) | about 5 months ago | (#46340315)

How do we know that this "patch" don't open up a new "NSA backdoor" somewhere else?

Because the piece that was patched is open source.

Go have a look through the code if you like.

Re:Can we just go back to the gotofail bug for a s (0)

Anonymous Coward | about 5 months ago | (#46341511)

Sweet pickles... doesn't anyone else think it's INSANE that this hasn't been fixed yet on OS X?!

It has been fixed on OS X. The update was released this morning.

can you see us? {;^)-)--(-(^;)= (0)

Anonymous Coward | about 5 months ago | (#46337357)

no need for malware attacks when using POT (Personal Open Terminal) even textual vdo is viewable by all loggers right on their screen. thanks moms... goes without saying

Is this a real vulnerability or hype? (2, Insightful)

Ronin Developer (67677) | about 5 months ago | (#46337421)

The method of how the app was installed on a non-jail broken device was not discussed. While I would say that being able to capture touches and such by an background app is a potential threat, getting the software on a device is easier said than done.

Mobile Management Systems (MMS) have access to APIs that can also do these sorts of things.

I would venture that this was one using either developer mode or as an enterprise app and not through the the AppStore. Jailbroken devices are, clearly, more at risk.

Now...a bigger question. Can the same be done on Android devices? I am betting "Yes"????

 

Re:Is this a real vulnerability or hype? (0)

Anonymous Coward | about 5 months ago | (#46337683)

I guess you missed the part about getting it to work on non-jailbroken devices through getting an app into the app store?

Re:Is this a real vulnerability or hype? (1)

R3d M3rcury (871886) | about 5 months ago | (#46337843)

Now...a bigger question. Can the same be done on Android devices? I am betting "Yes"????

I'd be willing to bet that it can as well.

So what does that mean? iOS is just as vulnerable as Android?

Re:Is this a real vulnerability or hype? (2)

fsck-beta (3539217) | about 5 months ago | (#46338021)

iOS is just as vulnerable as Android?

Not quite. It just means that iOS isn't as invulnerable as many claim.

Re:Is this a real vulnerability or hype? (0)

Anonymous Coward | about 5 months ago | (#46339239)

Explain. Not quite? Software is software. A bug that is exploitable will compromise the platform it's on.

As a matter of fact, if you can root or jailbreak a device, that means there's a privilege escalation bug / security hole ready to be exploited in said platform.

How long has any platform gone without being hacked?

Re:Is this a real vulnerability or hype? (0)

Anonymous Coward | about 5 months ago | (#46338917)

Well as the article says: "FireEye successfully delivered a proof-of-concept monitoring app through the App Store that records user activity and sends it to a remote server. We have been collaborating with Apple on this issue." My guess would be that the appstore was used ;)

record this for more or less posteriority (-1)

Anonymous Coward | about 5 months ago | (#46337531)

what's this about anyway?
Symbol Price Change % Chg Volume
VZ 46.52 +0.29 +0.63% 106,344,512
GRPN 8.44 +0.66 +8.35% 52,060,154
BBRY 10.59 +0.76 +7.73% 46,912,538
BAC 16.43 -0.09 -0.42% 43,754,437
ITMN 36.61 +22.65 +162.25% 41,521,180

Slashdot is dying and it is good (0)

Anonymous Coward | about 5 months ago | (#46338213)

This site has become so enamored with Apple that when a vulnerability is discovered in one of its products, Apple praised for fixing it so quickly instead of receiving criticism. I'm glad Dice took over Slashdot and fucked it over, it was a long time coming. This site is nothing like its roots back in the early 1990s-2000s era. It is full of stupid and should die a horrible death.

Re:Slashdot is dying and it is good (0)

Anonymous Coward | about 5 months ago | (#46338331)

If you leave, you'll be part of the cure.

So far /. is at 3% reading comprehension rate (2)

JohnnyComeLately (725958) | about 5 months ago | (#46338875)

35 messages on this thread as I read it, and only ONE says in any detail anything that shows the issue and what the vulnerability has as an underlying assumption. Here it is for those who did read the article (RTFA), you have to install a rogue app. So, someone who's breaking the ToS (not being rogue) has to put an app out, then you have to install it, and then it's scraping inputs. This isn't a security vulnerability as most responses on here opine about. My car has a gas pedal. Does the ECM for engine management have a "security vulnerability," because I can press hard on the right pedal and do 180mph (illegal by federal law)?? No. It's functioning as designed. Press hard on gas, go faster. App installed and running in background, can accept device inputs. For example, have a GPS app? It is allowing inputs from other applications (e.g. you can listen to music on the GPS app I have without kicking out to Music app) and inputs (buttons).

Nothing significant to see here. Yeah, more restrictions from Apple development guidelines coming due to asshats being asshats. *sigh*

Re:So far /. is at 3% reading comprehension rate (2, Interesting)

Anonymous Coward | about 5 months ago | (#46339745)

So, someone who's breaking the ToS (not being rogue) has to put an app out, then you have to install it, and then it's scraping inputs.

Oh so it's not a security vulnerability if it's against the Terms of Service, wow Microsoft should implement a ToS and then most of their Windows security issues will cease to exist.

This isn't a security vulnerability as most responses on here opine about.

Of course it is, how do you figure that a process running in the background being able to break out of the sandbox restrictions and capture all inputs is not a security vulnerability? You would have to be a complete Apple shill to be in such denial about a bug like this.

My car has a gas pedal. Does the ECM for engine management have a "security vulnerability," because I can press hard on the right pedal and do 180mph (illegal by federal law)?? No. It's functioning as designed.

Yet the application sandboxing in iOS is clearly not working as designed as it is allowing background processes to capture all inputs. Since you clearly don't understand the concept of sandboxing it is obvious why you would not see the security problem here.

It only works on jailbroken phones (0)

Anonymous Coward | about 5 months ago | (#46343503)

It only runs on Jailbroken phones. Once you Jailbreak your phone, you have no expectation of it running properly, reliably or securely. This exploit does NOT work on non-jailbroken phones.

So sandboxing on non-jailbroken phones works just fine.

Jailbreaking a phone allows you to read the keychain and such and do other things that are not possible on non-jailbroken phones.

Since probably 99% or more of iOS users run non-jailbroken phones, this isn't a major issue. And since jailbreaking a phone renders any security guarantees null and void, it's not really a bug since Apple doesn't make any promises about how jailbroken phones behave ...

Re:It only works on jailbroken phones (0)

Anonymous Coward | about 5 months ago | (#46344581)

FFS, the title of TFA is "Background Monitoring on Non-Jailbroken iOS 7 Devices — and a Mitigation" you dense fucktard

Re:So far /. is at 3% reading comprehension rate (1)

Anonymous Coward | about 5 months ago | (#46340257)

you have to install a rogue app.

That is how most malware works, unless you have a privilege escalation bug. And iOS has had at least one such web-based drive-by bug (jailbreakme.com) so there are probably more undiscovered ones.

So, someone who's breaking the ToS

I can't imagine people looking to infect devices with keylogging malware are living in fear of the terms of service.

This isn't a security vulnerability as most responses on here opine about.

Of course it is. Background processes capturing touch input most certainly is a bug in the iOS application sandbox.

My car has a gas pedal. Does the ECM for engine management have a "security vulnerability," because I can press hard on the right pedal and do 180mph (illegal by federal law)??

No. Just because it does not prevent you from doing something illegal does not make it defective. Your analogy certainly is defective though, the application sandbox defines what an application can and cannot do, in this case an application can subvert those restrictions hence the sandbox is defective.

For example, have a GPS app? It is allowing inputs from other applications (e.g. you can listen to music on the GPS app I have without kicking out to Music app) and inputs (buttons).

Wrong! The GPS app isn't accepting music input at all and the music application is playing in the background but is not accepting inputs. The volume is a system level process, the button presses are handled by the system to control the volume, not by the app in the background.

Re:So far /. is at 2.5% reading comprehension rate (1)

Dr. Evil (3501) | about 5 months ago | (#46343367)

FTFY

Re:So far /. is at 3% reading comprehension rate (1)

AmiMoJo (196126) | about 5 months ago | (#46344861)

You entirely missed the point. There is no "log all keyboard input" permission for apps to request. I don't think the TOS are very likely to prevent a black hat deploying the exploit. Since Apple doesn't examine every line of code in apps they approve they now need to either close the hole or develop a tool to detect when compiled code tries to make use of it.

I expect a few apps will be getting updates to remove this exploit now, before Apple closes it off and notices them crashing.

How to get compromised .. (1)

DTentilhao (3484023) | about 5 months ago | (#46339155)

01. Download malware .. 02. Install malware ... 03. Get infected ....

Re:How to get compromised .. (2)

Doug Otto (2821601) | about 5 months ago | (#46339357)

04. Wipe hands on pants.

Re:How to get compromised .. (1)

Anubis IV (1279820) | about 5 months ago | (#46340189)

The real danger here is the ability for the system to automatically update apps to the latest version, which has been a feature since the release of iOS 7. The threat comes from when a developer of an existing app sells it to another company intent on updating that app to include this piece of malware. Suddenly, that little-known game you play every day is a trojan just waiting to infect you the next time you play it. So while the steps that you outlined are still the same, the change here is that steps 1 and 2 are transparent to the user in situations like these, making it all the easier to get infected.

We've seen this form of attack more recently in the last few months, notably with Chrome extensions [slashdot.org] that were being purchased by third-parties and then updated to include adware or malware. I'd expect that we'll be seeing similar reports coming from Android and other platforms that allow auto-updating.

Re:How to get compromised .. (1)

Smerta (1855348) | about 5 months ago | (#46341805)

Yes, but isn't that under the user's control? The iOS user decides if apps auto-update or not, correct?

Re:How to get compromised .. (1)

Sancho (17056) | about 5 months ago | (#46346217)

You can opt-out, certainly. How many will? How many will not just hit the "update all" button if they do opt out?

Not a new thing (1)

rabtech (223758) | about 5 months ago | (#46340699)

There have always been holes in the App Store and sometimes you can sneak things through.

The difference is if you try such things and you app becomes even remotely popular, Apple can pull your app and even your developer account so the actual window where your fraud or evil tricks can result in some kind of gain is very small.

I'm not sure why people constantly fail to recognize this.

Similarly with the SSL flaw... Apple pushes iOS updates in a way Android users can only dream of; within a month more than 90% of all iOS devices still in use will have the patch applied. Compare that with the web view remotely exploitable hole just revealed for Android... at least half of all Android devices will still have that hole a year from now!

So in theory yes, Apple is just the same as everyone else. In reality, the actual user experience will be quite different.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...