Georgia Institute of Technology security researchers prove App Store security flaw via “Jekyll and Hyde” attack

Posted by:
Date: Tuesday, August 20th, 2013, 07:18
Category: iOS, News, security, Software

The good news is that it’s getting a bit harder to sneak malware into the App Store.

The bad news is that it can still be done and Apple might need to invest in more security/screening features.

Per 9to5Mac and Ars Technica, researchers from the Georgia Institute of Technology managed to get a malicious app approved by Apple and included in the App Store by using a ‘Jekyll & Hyde’ approach, where the behaviour of a benign app was remotely changed after it had been approved and installed.

It appeared to be a harmless app that Apple reviewers accepted into the iOS App Store. They were later able to update the app to carry out a variety of malicious actions without triggering any security alarms. The app, which the researchers titled “Jekyll,” worked by taking the binary code that had already been digitally signed by Apple and rearranging it in a way that gave it new and malicious behaviors.

The researchers presented their findings in a paper at the USENIX Security Forum.

“Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process. Once the app passes the review and is installed on an end user’s device, it can be instructed to carry out the intended attacks. The key idea is to make the apps remotely exploitable and subsequently introduce malicious control flows by rearranging signed code. Since the new control flows do not exist during the app review process, such apps, namely Jekyll apps, can stay undetected when reviewed and easily obtain Apple’s approval.”

An Apple spokesman stated that changes have been made to iOS as a result of the exploit, but it’s not yet clear whether the change is to iOS 7 or the older iOS 5 and 6 versions that had been attacked. The researchers only left their app in the store for a few minutes and said that it was not downloaded by anyone outside the project in that time.

Apple Senior Vice President Phil Schiller tweeted back in March about a study revealing the rising incidences of malware on Android. The study showed that Android accounted for 79 percent of all mobile malware in 2012, while iOS came in at less than 1 percent.

Stay tuned for additional details as they become available.

Waze realtime incident data now incorporated into Google Maps following acquisition earlier this year

Posted by:
Date: Tuesday, August 20th, 2013, 07:57
Category: iOS, iPad, iPhone, News, Software

waze_logo

This is one of the better sides of companies buying each other out.

Per AppleInsider, crowd sourced traffic data from Waze, a company that Google acquired earlier this year, is now included in the official Google Maps application for iPhone and iPad.

The company announced on its official Lat Long blog on Tuesday that real time incident reports from Waze users will appear in the official Google Maps apps for both iOS and Android in the U.S. and U.K., as well as France, Germany, Switzerland, Mexico, Brazil, Panama, Peru, Chile, Colombia, and Ecuador.

Google has also updated the Waze app for iOS, as well as Android, to add Google Search functionality. Google’s data now joins other search providers in being integrated into Waze.

Finally, Google also announced that the Waze Map Editor has been updated with Google Street View and satellite imagery. This will make it easier for users in the Waze community to correct map errors. Google announced it had acquired Waze, a crowd-sourced traffic and navigation service, in June.

Google announced in June that it had acquired Waze, a popular cross-platform, crowd-sourced traffic and navigation service to bolster its own Google Maps. As of April, Waze had more than 40 million people actively using its service and contributing data.

The Waze iOS application was highlighted by Apple >last year following the launch of iOS 6, when the company promoted alternative mapping applications and apologized for the substandard quality of its own Maps.

Google, in turn, has been working to greater monetize users of its own mapping software on iOS, as the company rolled out new banner ads for the official Google Maps application earlier this month.

If you’ve seen the realtime incident reporting in action and have any feedback to offer about it, let us know in the comments.

Cocktail updated to 6.7

Posted by:
Date: Tuesday, August 20th, 2013, 06:53
Category: News, Software

10909

On Tuesday, shareware developer Maintain released version 6.7 of CocktailCocktail (Mountain Lion Edition), the popular shareware utility program that allows for additional Mac OS X system tests. The new version, a 5.6 megabyte download, adds the following fixes and features:
- Improvements on the “Clear System caches” procedure. Added clearing of CVMS and Core symbolication daemon caches. XPC Helper Agent cache is now forced to be rebuilt – this can fix many of media plug-in issues, including issues with Aperture and iPhoto.

- Improvements on the “Clear Java caches” procedure. Added compatibility with the latest version of Java.

- Improvements on the “Clear Kernel caches” procedure. Addresses an issue in which kernel cache could not be rebuilt, “Can’t create kext cache under / – owner not root” error.

- Improvements on the “Clear QuickLook caches” procedure.

- Improvements on the “Clear QuickTime caches” procedure.

- Addresses an issue in which Cocktail may not be able to change Launchpad background blur radius.

- Addresses an issue in which number of CPU cores may not be displayed in the Specifications window.

- Added OS X 10.8.5 compatibility.

- Updated Automator actions.

- Updated Help files.

Cocktail 6.7 retails for a US$19.00 shareware registration fee and requires an Intel-based Mac running Mac OS X 10.8 or later to install and run.

If you’ve tried the new version and have any feedback to offer, please let us know in the comments.