Tag Archives: IPhones
Have you used a friend’s laptop to charge your iPhone and gotten a prompt that says, “Trust This Computer?” Say yes, and the computer will be able to access your phone settings and data while they’re connected. And while it doesn’t feel like your answer really matters—your phone will charge either way—researchers from Symantec warn that this seemingly minor decision has much higher stakes than you’d think.
In fact, the Symantec team has found that hacks exploiting that misplaced “Trust” comprise a whole class of iOS attacks they call “trustjacking.” Once a user authorizes a device, they open themselves to serious and persistent attacks while their phone is connected to the same Wi-Fi network as a hacker, or even remote attacks when the devices are separated.
Adi Sharabani, Symantec’s senior vice president of modern operating system security, and Roy Iarchy, the modern operating system research team leader, will make that case Wednesday, in a presentation at the RSA security conference in San Francisco.
“Once this trust is established, everything is possible,” Sharabani told WIRED last week. “It introduces a new vector of attack.”
Sharabani and Iarchy’s presentation focuses largely on a feature known as iTunes Wi-Fi Sync, the tool that lets iOS devices sync with desktop iTunes over Wi-Fi. For this process you physically connect a mobile device to a computer once, indicate that the iOS device can trust the computer going forward, and then enable iTunes Wi-Fi Sync from the PC. After that the two devices can sync and communicate whenever they are on the same Wi-Fi network without any further approval from the iPhone or iPad.
It’s a reasonable and useful feature when used as intended. But an attacker could also plant a malicious computer—perhaps one shaped like a charging station or external battery—and trick people into connecting their devices and granting trust out of confusion or disinterest.
Once a trusted Wi-Fi Sync connection is established, attackers can not only do basic syncing, but also take advantage of controls meant for developers to manipulate the victim iOS device. A hacker could work quickly to install malware on the phone, or initiate a backup to gather data like a victim’s photos, app information, and SMS/iMessage chats. Attackers with trust privileges could also start watching a target device’s screen in real-time by initiating screenshots on the phone and then syncing them to the attack computer. Or they could play a long game, silently retaining their trusted status until it is long forgotten, for a future attack.
“We discovered this by mistake actually,” Sharabani says. “Roy was doing research and he connected his own iPhone to his own computer to access it. But accidentally he realized that he was not actually connected to his own phone. He was connected to one of his team members’ phones who had connected their mobile device to Roy’s desktop a few weeks before. So Roy started to dig into what exactly he could do and find out if he were an attacker.”
You can imagine a number of scenarios where this could work as a targeted attack. Everyone has places they visit regularly: an office, a coffee shop, the local library. Attackers could anticipate that a victim iOS device would regularly connect to the same Wi-Fi network as the trusted attacker computer—enabling clandestine, malicious backups with iTunes Wi-Fi Sync. The researchers point out that an attacker wouldn’t necessarily be geographically limited; after gaining a foothold, they could combine trustjacking with a type of attack called “malicious profiles,” which takes advantage of how iOS manages configuration packages for apps to get around access restrictions, establish continuous remote access. Beginning in iOS 10, though, Apple started making it harder for hackers to carry out malicious profile attacks.
It’s tempting to put the onus on the iPhone owner here; you shouldn’t, after all, connect with sketchy computers an trust them in the first place. And Apple, which declined to comment for this story, seems to agree. When Sharabani and Iarchy disclosed their findings to the company, it did add a second prompt in iOS 11 to require a device’s passcode as part of authorizing a new computer as trusted. This makes it more difficult for anyone other than the device owner to establish trust.
But Sharabani and Iarchy argue that it’s unreasonable to put it entirely on the user to make the correct choice about trusting a device, especially since the authorization persists indefinitely once it’s established. There’s also currently no way to see a list of devices that have outstanding trusted status.
In these transactions, iOS’s wording is also unhelpful. The prompts say, “Trust this computer? Your settings and data will be accessible from this computer when connected,” which might seem to mean that nothing will be exposed when the devices are no longer physically connected. In fact, given that Wi-Fi sync can be enabled in desktop iTunes without any involvement of the mobile device, there’s much more potential for long-term connection than users may realize.
Consider, too, that an attacker who successfully infects a target’s PC with malware can exploit the trust a victim grants his own computer. A user will obviously trust their own computer, and their phone and PC will frequently be on the same Wi-Fi network. So an attacker who has infected a target’s computer can get a two-for-one of also having regular access to the victim’s iOS devices.
“Apple took the very quick act of adding the passcode,” Sharabani notes. “With that said, this is a design problem. They could better design the future behavior of the features, but it will take them time to implement. That’s why it’s so important to alert users and raise awareness. Users need to understand the implications.”
Sharabani and Iarchy say they haven’t seen trustjacking attacks in the wild so far, but that doesn’t mean they aren’t out there or coming. And though Apple doesn’t offer a list of the computers an iOS device trusts, it is possible to scrub the trusted computers list entirely. In iOS 11 users can go to Settings > General > Reset > Reset Location & Privacy to get a clean slate, after which people can start to be more cognizant of which computers they authorize. (Note that doing this reset also revokes all specially granted app permissions.) Another helpful defense for users is to encrypt iOS device backups with a strong password. With this turned on, an attacker abusing Wi-Fi Sync can still make their own backups of a victim device, but they will be encrypted with whatever password the target chose.
The researchers see iOS’s authorization prompts as a single point of failure, where the operating system could provide a few more prompts in exchange for more layers of defense against trustjacking. No one wants one seemingly insignificant mistake to blow up in their face weeks or months later. But while users wait for Apple to architect long-term solutions, their best defense is to become discerning and extremely selective about doling out trust.
Chinese customs officers have arrested smugglers who attempted to drop millions of dollars worth of iPhones from drones into China.
Twenty-six suspects were arrested in China recently after they tried to use drones to fly two 660-foot cables from Hong Kong to Shenzhen, according to Reuters. Those cables were going to be used to lift iPhones worth 500 million yuan ($ 79.6 million) to the mainland, where they could be sold via the black market for a hefty profit, according to the report. A local Chinese report from the Legal Daily said it was the first time drones were employed to smuggle phones.
The operation was set to go off at night, where smugglers would pack small bags with approximately 10 iPhones and attach them to the drones. Those drones would then fly from Hong Kong to the mainland in just a matter of seconds. According to Reuters, the smugglers had the ability to transport up to 15,000 iPhones each night.
Get Data Sheet, Fortune’s technology newsletter
Smuggling of high-value products—like iPhones, jewelry, and luxury products—is nothing new in China. In fact, the government has been working hard to crackdown on the practice and do a better job of breaking up what has become an increasingly powerful black market.
Smuggling gangs often steal devices or buy them at a deeply reduced rate and sell them for a higher price in China. They’re careful, however, to keep their prices below the going rate for those who purchase products legitimately. The result is a profitable business for smugglers and an opportunity for Chinese consumers to get authentic goods at a cheaper price.
Despite breaking up the drone attempt, Shenzhen officials warned that smuggling would continue. According to Reuters, the customs officers are planning to use several types of equipment to thwart other attempts by the smugglers.
If you’re an Apple iPhone user who also enjoys Twitter, listen up.
Pranksters on the social media service have been sharing a character from the Indian Telugu language that causes iPhones to crash, according to Mashable. The offending users have been putting the character into their Twitter usernames and tweets and encouraging people to share them with their friends. If the character lands in a user’s Twitter feed, it will cause the social app to crash. The app will continue to crash after users try to boot it back up, ultimately stopping victims from accessing the service on their iPhones.
Last week, reports surfaced saying that a single Telugu character was enough to wreak havoc on iPhones. When the character is sent via any messaging or social networking app, the affected user’s app will crash. While it’s an obscure bug that only affects Apple’s iOS 11, it’s one that pranksters and those trying to cause harm are exploiting across the Internet. Worst of all, there’s no fix at the moment and unsuspecting victims needn’t do anything to be affected.
Get Data Sheet, Fortune’s technology newsletter
Apple acknowledged the Telugu bug last week and has promised a fix. The company hasn’t yet delivered, though, and it’s impossible to say when it’ll be released.
According to Mashable, which tested the bug on Twitter, the only way for affected users to regain access to the app is to log in via Safari and block the person that shared the character. At that point, the character won’t show up in their feeds and Twitter will be accessible.
(Reuters) – Apple Inc has addressed claims from an app company that says the maker of iPhones slows down the performance of older phones.
On Monday, the blog Primate Labs, a company that makes an app for measuring the speed of an iPhone’s processor, published data that appeared to show slower performance in the Apple’s iPhone 6s and iPhone 7 models as they aged.
Apple on Wednesday acknowledged that the company does take some measures to reduce power demands – which can have the effect of slowing the processor – when a phone’s battery is having trouble supplying the peak current that the processor demands.
The problem stems from the fact that all lithium-ion batteries, not just those found in Apple products, degrade and have problems supplying the big bursts as they age and accumulate charging cycles, Apple said in a statement. The problems with peak current draws can also occur when batteries are cold or low on charge.
”Last year we released a feature for iPhone 6, iPhone 6s and iPhone SE to smooth out the instantaneous peaks only when needed to prevent the device from unexpectedly shutting down during these conditions,“ Apple said in an emailed statement to Reuters. ”We’ve now extended that feature to iPhone 7 with iOS 11.2, and plan to add support for other products in the future.”
When an iPhone’s processor makes a big current draw from a flagging battery, the battery can deliver the current in spikes that can potentially damage the phone’s electronics. As a result, iPhones would suddenly shut down to protect the pricey processor from being damaged by the power spikes.
The sudden shutdown problem became widespread among iPhones in late 2016, forcing Apple to issue a software fix that had the net result of slowing the phone somewhat with an old, cold or low-charged battery, the company said.
The problem can be remedied by replacing the phone’s battery. Apple charges $ 79 to replace batteries not covered under the phone’s warranty. The company has long faced criticism from repair advocates for making its batteries difficult for users to replace on their own.
Reporting by Stephen Nellis; editing by Diane Craft