Apple IPhone5 iOS6 – new features same vulnerabilities…

Well, Here is something that Samsung “didn’t steal” and “left” on Apple side, a very bad security design…

The iPhone 4S, and the iPhone 5 as well, are vulnerable to same attacks from malicious Web pages that can steal the user’s pictures, contact information and browsing history and send it all to a remote server.

Wednesday, at the Mobile Pwn2Own contest at the EUSecWest conference in Amsterdam, a pair of Dutch security researchers successfully exploited a completely patched iPhone 4S.

The duo, Daan Keuper and Joost Pol from The Hague-based computer security company Certified Secure, said their proof-of-concept hack works on both iOS 5.1.1 and the version of iOS 6 that was given to developers several months ago, and made available to users Wednesday.

Keuper and Pol said iPads are also vulnerable to this attack. While the two haven’t had a chance to test an iPhone 5 running the final build of iOS 6, it is likely also at risk, they told Computerworld.

The malicious code — technically, a drive-by download — took only a few weeks to create and can be embedded anywhere on a website to work, Pol said.

When placed in a graphic or advertisement on a blog visited by Mobile Safari, the code figures out a workaround for Safari’s sandboxing and signing mechanisms.

Users don’t need to do anything but visit the booby-trapped page for the malware to work. While the attack is able to steal a lot of sensitive data, email and SMS messages are separately encrypted and are not vulnerable to this particular attack.

Keuper and Pol wouldn’t reveal exactly how their attack works, but told that it involved a zero-day exploit, one that’s not yet known to most security specialists.

They also told that they wouldn’t do it again.

“We shredded it from our machine,” Pol said. “The story ends here. … It’s time to look for a new challenge.”

Despite this chink in the iPhone’s armor, Pol said he still thinks the iPhone is more secure than any other mobile device.

He said that BlackBerry and Android devices, which that run the same WebKit rendering in their browsers as iOS’s Safari, could also be open to this exploit, but haven’t been tested. Pol hopes Apple fixes the exploit soon and that users download the patch as soon as possible.

Last year, security researcher Charlie Miller snuck a malicious proof-of-concept app into Apple’s iTunes App Store that could also steal data from iPhones.

For their successful hack of Mobile Safari, Pol and Keuper together took home $30,000.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s