Security researcher Charlie Miller outs iOS code signing flaw, security hole

Posted by:
Date: Tuesday, November 8th, 2011, 05:46
Category: iOS, News, security, Software

It’s hard to say if it’s discouraging to see the iOS get spotted on assorted security failures or reassuring to see that security experts manage to notice these and bring them to the public’s attention.

According to Forbes, Mac hacker and researcher Charlie Miller has reportedly found a way to sneak malware into the App Store and subsequently onto any iOS device by exploiting a flaw in Apple’s restrictions on code signing, allowing the malware to steal user data and take control of certain iOS functions.

Miller explains that code signing restrictions allow only Apple’s approved commands to run in an iOS device’s memory, and submitted apps that violate these rules are not allowed on the App Store. However, he has found a method to bypass Apple’s security by exploiting a bug in iOS code signing that allows an app to download new unapproved commands from a remote computer.

“Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” Miller said. “With this bug, you can’t be assured of anything you download from the App Store behaving nicely.”

The flaw was introduced when Apple released iOS 4.3, which increased browser speed by allowing javascript code from the internet to run on a much deeper level in a device’s memory than in previous iterations of the OS. Miller realized that in exchange for speed, Apple created a new exception for the web browser to run unapproved code. The researcher soon found a bug that allowed him to expand the flawed code beyond the browser, integrating it into apps downloaded from the App Store.

Miller created a proof-of-concept app called “Instastock” to showcase the vulnerability, which was submitted to and approved by Apple to be distributed via the App Store. The simple program appears to be an innocuous stock ticker, but it can leverage the code signing bug to communicate with Miller’s server to pull unauthorized commands onto the affected device. From there the program has the ability to send back user data including address book contacts, photos and other files, as well as initiate certain iOS functions like vibrating alerts.

The app has since been pulled and according to his Twitter account, Miller has reportedly been banned from the App Store and kicked out of the iOS Developer Program.

Miller, a former NSA analyst who now works for computer security firm Accuvant, is a prominent Apple researcher who previously exposed the MacBook battery vulnerability and a security hole in the mobile version of Safari.

The researcher has refused to publicly reveal the exploit, reportedly giving Apple time to come up with a fix, though he will announce the specifics at the SysCan conference in Taiwan next week.

Stay tuned for additional details as they become available.

Parallels 7 upgrade goes live, available via retail on September 6

Posted by:
Date: Friday, September 2nd, 2011, 03:30
Category: iOS, iPad, iPhone, iPod Touch, News, Software

parallelslogo1.jpg

Upgrading: It’s not always a bad thing.

Per AppleInsider, Windows virtualization favorite Parallels Deskktop has reached version 7, the new version adding faster performance and new support for Mac OS X Lion, including Windows integration of apps in Launchpad and windows in Mission Control and the ability to run an instance of Lion within Lion itself.

The new update allows users to share iSight or FaceTime HD cameras between Mac and Windows apps, and adds the ability to run Mac OS X Lion as a guest OS. This summer, Apple relaxed its licensing for Mac OS X to allow Lion users to run up to two instances of the client OS on any Mac.

Previously, Apple only allowed Mac OS X Server to run in virtualization, and required that each virtual instance use a different license.

Beginning with Lion and the availability of Mac OS X through the Mac App Store, Server is now an application package that is hosted on Mac OS X Lion, and neither purchase uses serial numbers.

The Mac OS X Lion end user license agreement now states users may “install, use and run up to two (2) additional copies or instances of the Apple Software within virtual operating system environments on each Mac Computer you own or control that is already running the Apple Software,” something virtualization tools can now take advantage of to offer the ability to host Lion as a guest OS.

Additional new features:
Among a list of 90 other enhancements, Parallels Desktop 7 can also take advantage of 1 GB of video RAM to accommodate high resolutions and color depth.

Parallels says graphics performance is up to 45 percent faster in 3D operations, and Windows start, stop and resume features are as much as 60 percent faster than previous versions. The company also claims that copy operations within Windows are now 120 percent as fast as its competitor’s product.

A new Parallels Mobile app for iOS allows iPad, iPhone and iPod touch users to interact and control their Mac or Windows desktop guest OS instances, remotely (over WiFi or mobile) start or stop apps, play back music and audio remotely, and copy and paste data between their mobile device and Windows programs.

The new version, which will sell for US$79.99 in its standard version, US$49.99 as an upgrade to existing Desktop 5 or 6 users, or US$39.99 in a student edition, will enter the retail channel September 6.

However, upgrades for existing users became available for immediate purchase and download this afternoon.

Parallels 7 requires a 64-bit Intel-based processor, Mac OS X 10.5.8 or later, 2GB of RAM (4GB recommended to run Windows 7), at least 700 MB of space available on the boot volume for Parallels Desktop installation and 15 GB of available disk space for Windows.

If you’ve tried the new version and have any feedback to offer, let us know in the comments.

Microsoft VP highlights Windows 8 interface changes, emphasizes upcoming Ribbon features

Posted by:
Date: Tuesday, August 30th, 2011, 04:18
Category: iOS, News, Software

microsoftlogo.jpg

If Mac OS X 10.7 (“Lion”) was starting to look like Windows 7 (or vice versa), this might be reassuring.

Per a blog entry by Steven Sinofsky, Microsoft’s president of its Windows Division, indicates that one key element of Windows 8 will take the new release in a very different direction than Apple’s outline for Mac OS X.

Sinofsky detailed his thinking behind changes planned for Windows Explorer, which is roughly analogous to Mac OS X’s Finder.

The Windows file system manager originally appeared as “MS DOS Executive,” which exposed DOS commands in a graphical environment with little similarity to the icon-centric Mac desktop.

As Windows began to grow in popularity, Microsoft created an embellished graphical representation of the file system with File Manager. Then, as web browsing became popular, Microsoft brought a browser-like interface to the file system, renaming File Manager as Windows Explorer, complete with a URL-like address bar and prominent back button.

Microsoft has incrementally incorporated Mac-like interface elements in Windows Explorer, with icon-centric file browsing that links documents to their preferred application. Particularly since the release of Mac OS X, Microsoft has incorporated a similar user environment focus that presents the user’s documents, pictures, music and videos rather than just a raw window into the root file system.

Microsoft’s biggest changes in Windows 8 will be an Office-like Ribbon that presents all the major functions in a tall, window-wide control bar. This marks a radical change in thinking compared to Apple’s increasingly minimalistic interface in the Finder, which limits the default buttons to a grouping of view options, a new sorting feature in Mac OS X Lion, a Quick View button, an Action button, and a search field.



Microsoft’s Windows 8 Explorer presents 19 visible buttons in five categories, and that’s just the Home tab. The Ribbon also supplies four other tabs, which function similar to the Mac’s main Menu Bar. Sinofsky explains, “The Home tab is the heart of our new, much more streamlined Explorer experience. The commands that make up 84% of what customers do in Explorer are now all available on this one tab.”

Outside of the graphical interface, Microsoft’s design goals for Windows 8 also mark a new era of computing centered around mobile devices such as tablets. Existing Windows 7 apps won’t run on future ARM-based tablets, but a new secondary environment of web-based apps will, something Microsoft hopes will enable Windows to remain relevant even as the conventional PC market has plateaued and begun to shrink globally.

Apple’s design direction for Mac OS X has opted to incorporate a variety of design elements originally created for iPad, including a simplified, window-less Full Screen mode for apps; limited and simplified control buttons in toolbars; an increasing use of touchpad gestures; and a new security model that encapsulates apps and their documents in a private sandbox.

Apple’s iOS originally appeared on the iPhone without any “file browser,” and even the latest version works hard to avoid any exposure of the underlying file system, despite supporting document-centric apps like iWork. Apps on iOS simply can not present a global view of the underlying filesystem, because all they can see is their own sandbox.

Apple’s iCloud similarly reduces the exposure of file system, replacing MobileMe’s iDisk with a new Documents and Data feature that secures an app’s files and data from access by malware while making the user’s files (and any changes) easier to manage across various devices.

Future versions of Mac OS X will likely continue along the same path, focusing upon self contained apps that create files, rather than a wide open file system (and the security issues related with having any piece of user-level software capable of accessing or wiping out any files in the local user folder).

Yes, the Ribbon shall rule the day after you boot up your Windows partiion either via Boot Camp or your virtualization app of choice.

All hail the Ribbon!!!

Google releases Google+ app with native iPhone/iPod touch support, non-native iPad support

Posted by:
Date: Tuesday, August 9th, 2011, 11:55
Category: iOS, iPad, iPhone, iPod Touch, News, Software

Google has updated its Google+ social networking app, adding native iPod touch and non-native iPad compatibility along with several other minor improvements according to iLounge.

Released last month and similar to Facebook, Google+ provides access to Google’s new social network allowing users to share information with people in their Google+ Circles and keep up to date on what their Google+ friends are doing. The initial version of the app was specifically designed to run only on the iPhone, leaving iPod touch and iPad users unable to load the app on their devices at all; this latest update resolves that issue by adding compatibility with the iPod touch and iPad in 2X mode—native iPad support is not provided.

Additional improvements include customizable Huddle settings, aggregated add notifications for Circles and performance and stability improvements. Google+ is available via the App Store as a free download.

If you’ve tried the app and have any feedback, let us know in the comments.

Apple begins hunting down, closing device slots of users running unauthorized iOS 5 beta versions

Posted by:
Date: Monday, August 8th, 2011, 04:13
Category: iOS, iPad, iPhone, iPod Touch, News

If you’re using an unauthorized iOS 5 beta, Apple probably wants you to stop.

Per Karthikk.net, Apple has reportedly begun closing the accounts of some developers who have inappropriately sold their account device slots, allowing them to profit from the installation iOS 5 on unauthorized non-developer iPhones and iPads.

Some developers who sold their slots for UDIDs, the unique identification numbers associated with every iOS device, have been tracked down by Apple according to the report. Apple has reportedly sent e-mail warnings to developers, notifying them that their illicit activities have been discovered.

In addition, Apple is said to have begun closing developer accounts for some who have been identified as selling their device slots. Apple has also reportedly flagged UDIDs associated with a developer account found in violation, making the device running iOS 5 “unusable.”

“Once Apple locks your iOS device, the phone will enter the initial setup mode asking you to connect to a WiFi network,” the report said. “And nothing happens more than that.”

Because it is not final, public software, iOS 5 is currently meant only for testing purposes, and is restricted to authorized members of Apple’s official iOS Developer Program. Selling device slots and allowing non-developers to test and run the latest beta build of iOS 5 is a direct violation of the iOS Developer Program rules.

But some developers have ignored these binding terms and have chosen to register another person’s iPhone or iPad UDID in exchange for a fee. Those who pay the developer can receive early access to iOS 5 and test out its new feature base.

iOS 5 is currently available to developers in its fourth beta, released last month. The latest version was issued via the operating system’s new over-the-air update feature, allowing for a much smaller-than-usual 133MB delta update over Wi-Fi.

Members of the general public will not be able to utilize iOS 5 until this fall, when Apple will release the software. The new operating system is expected to become available alongside a new fifth-generation iPhone.

In addition to wireless updates, iOS 5 will also allow for wireless syncing through iCloud. It will also offer an all-new Notification Center for prompting users, a Newsstand application for newspapers and magazines, and system-wide integration with the social networking service Twitter.

Stay tuned for additional details as they become available.

Two Apple patents surface, company looking into inductive charging solutions

Posted by:
Date: Thursday, August 4th, 2011, 10:09
Category: iOS, Patents

applelogo_silver

It’s the patents that make things interesting.

According to Patently Apple, the U.S. Patent and Trademark Office published an Apple patent application on Thursday detailing two specific plans for an “Inductive Charging System” for iOS devices.

Inductive charging is a wireless method using the electromagnetic field to transfer energy over short distances between two objects. In theory, a charging station would send energy through inductive coupling to an electrical device which would store the energy in batteries.

The first Apple solution uses a charging tower in which a user would wrap their earphone cables around the tower and place a new conductive metal mesh earphone on their device to begin charging.

The second Apple solution uses an acoustic charging mechanism, and no tower of doom. In this system, an earphone is fitted into a recess in an acoustic charger. Then, a speaker within the acoustic charger produces an acoustic signal which causes a corresponding speaker in earphone to vibrate. These vibrations generate a current in earphone, and this current could be used to charge the battery of the attached device.

The article points out that, “Instead of creating separate inductive chargers for various media players and tablets as others have done, Apple is trying to create a single inductive charger that would fit the needs of multiple devices.”

Cool stuff if it happens and check back here for additional details as they become available.

Apple begins iOS 5 app approval process

Posted by:
Date: Thursday, August 4th, 2011, 07:56
Category: iOS, iPhone, News, Software

If you’re hankering for iOS 5, it may not be that far off.

Per Cult of Mac, developers have begun updating their App Store software to provide compatibility with Apple’s forthcoming iOS 5 update for the iPhone and iPad, though no applications actually built on new iOS 5 code are yet available.

One of the first applications with iOS 5 compatibility to be approved was “Camera+” from developer tap tap tap. Recently, the release notes for version 2.2.3 of Camera+ noted that the software features “compatibility with that upcoming OS That Must Not Be Named.”

Less coy about iOS 5 support was “Mashable,” which updated its own iPhone application this week to version 1.5.4 and advertised that the software now has “iOS 5 compatibility.”

The software updates have led to wishful speculation that the release of iOS 5 could come sooner than expected, perhaps earlier than the fall debut Apple previously announced.

However, while some software may now be “compatible” with iOS 5, the latest builds released on the App Store are likely still based on the iOS 4.3 application programming interface provided by Apple. Developers are able to test application compatibility with iOS 5 by using the latest beta of the forthcoming software update.

There is no indication that Apple has begun approving applications based on the iOS 5 API. For example, last year Apple began accepting applications based on the iOS 4.0 API only 10 days before the update became publicly available, allowing software to take advantage of new features such as multitasking.

That means any iOS 5 software currently available on the App Store likely does not yet take advantage of new features in the forthcoming update. With iOS 5, developers will be able to take advantage of new functionality such as Notification Center for prompting users; Newsstand for purchasing, organizing and updating newspapers and magazines; and system-wide Twitter integration.

Stay tuned for additional details as they become available and let us know what’s on your minds via the comments.

Apple releases iOS 4.3.5 update

Posted by:
Date: Tuesday, July 26th, 2011, 03:38
Category: iOS, iPad, iPhone, iPod Touch, News, security, Software

On Friday, Apple released iOS 4.3.5, the latest incarnation of its iOS operating system for its iPhone, iPod touch and iPad devices. The updates fix a security vulnerability with certificate validation and arrive in two versions, thanks to the different flavors of the iPhone 4. iOS 4.3.5 applies to the iPad and iPad 2, the third- and fourth-generation iPod touch, the iPhone 3GS, and the iPhone 4 (GSM model); users of the CDMA model of the iPhone 4 instead get iOS 4.2.10.

These updates can be snagged by plugging in your respective iOS device and checking for updates in iTunes.

If you’ve tried the updates and noticed any differences, please let us know in the comments.

Google works around Maps bug, quietly reposts fixed travel/arrival times

Posted by:
Date: Monday, July 18th, 2011, 06:24
Category: iOS, News, Software

Well, this was a little awkward.

Per PC World, Google has removed a service that predicted travel times with traffic from the browser-based version of Google Maps.

Google Community Manager Daniel Mabasa announced the change in the Google help forum in response to a question from a user who noticed that ETA with traffic had disappeared from Google Maps.

“…We have decided that our information systems behind this feature were not as good as they could be,” Mabasa said. “Therefore, we have taken this offline and are currently working to come up with a better, more accurate solution.”

Apparently the “information systems behind” the feature weren’t bad enough to remove the service from mobile. Google Maps for Android and iOS both still predict travel times with traffic.

Oddly enough, Google Maps’ Navigation Android App was recently updated to help steer users clear of traffic jams. The data reportedly comes from others who are using Google Maps on their smartphones.

In a 2009 blog post, Google stated that a phone with an active Google Maps App “sends anonymous bits of data back to Google describing how fast you’re moving. When we combine your speed with the speed of other phones on the road, across thousands of phones moving around a city at any given time, we can get a pretty good picture of live traffic conditions. We continuously combine this data and send it back to you for free in the Google Maps traffic layers.”

Unfortunately, this doesn’t go all the way and tell you when you’ll get to where you’re going…

Which is kind of the other piece of the puzzle.

Apple releases iOS 4.3.4 update, addresses PDF security issues

Posted by:
Date: Friday, July 15th, 2011, 10:54
Category: iOS, News, Software

On Friday, Apple released iOS 4.3.4, the latest incarnation of its iOS operating system for its iPhone, iPod touch and iPad devices. The updates, which somewhat function as a response to the German government’s regarding PDF-related security vulnerabilities in MobileSafari fix the same three vulnerabilities, the patch arriving in two versions, thanks to the different flavors of the iPhone 4. iOS 4.3.4 applies to the iPad and iPad 2, the third- and fourth-generation iPod touch, the iPhone 3GS, and the iPhone 4 (GSM model); users of the CDMA model of the iPhone 4 instead get iOS 4.2.9.

Per Macworld, the issues addressed in the updates include the aforementioned PDF problem within Apple’s CoreGraphics framework, which exploits FreeType’s TrueType and Type 1 fonts to execute malicious code, and a conversion problem within the IOMobileFrameBuffer framework, which could allow code to inadvertently gain system privileges by posing as the user.

These updates can be snagged by plugging in your respective iOS device and checking for updates in iTunes.

If you’ve tried the updates and noticed any differences, please let us know in the comments.