Second iPhone Worm in the Wild

Posted by:
Date: Monday, November 23rd, 2009, 06:24
Category: iPhone, security

3gs.jpg

We told you not to jailbreak your iPhone, but you had to be super cool and rebellious. Per BBC News, jailbroken iPhones could be vulnerable to a new, malicious worm that can allow remote access and control without the owner’s knowledge or permission. It’s been estimated that hundreds of users are currently affected by a worm that targets users of “jailbroken” iPhones who live in the Netherlands and use the bank ING Direct. But security company F-Secure told stated that the currently isolated issue could easily jump to thousands of handsets. The worm is reportedly spread between phones when they share the same Wi-Fi spot.

In order for an iPhone to be vulnerable to the new worm, they must have willingly modified their handset’s software to allow them to run unauthorized code. Phones can be jailbroken to run applications or modify the system in ways not approved by Apple.

The worm only affects jailbroken phones that have SSH (secure shell) installed, without the default password — “alpine” — changed. It employs the same method as a previous worm, Ikee, that was not malicious. Instead, the wallpaper-changing prank simply changed the user’s background to a picture of 1980s pop star Rick Astley, who sang the 1987 hit “Never Gonna Give You Up.”

The new worm reportedly has botnet functionality and connects to a Web-based command and control center based in Lithuania.

For now, the worm is only aimed at customers who live in the Netherlands and bank with ING Direct. The company has stated that it intends to put a warning on its Web site.

Intego Warns Against Ikee Worm for iPhone

Posted by:
Date: Wednesday, November 11th, 2009, 06:31
Category: iPhone, security

3gs.jpg

It’s not Rick Astley you have to worry about, it’s the Ikee worm.

According to Macworld UK, Intego, which develops and sells desktop Internet security and privacy software for the Mac, claims to have spotted a hacker tool, which potentially copies personal info from users iPhones.

The news comes after the first iPhone worm, known as Ikee, was revealed, which simply adds Rick Astley wallpaper to jailbroken iPhone phones.

Intego claims the new worm is far more dangerous than the Ikee worm. This hacker tool, which Intego identifies as iPhone/Privacy.A, takes advantage of the same vulnerability in the iPhone as the Ikee worm, allowing hackers to connect to any jailbroken iPhone whose owners have not changed the root password.

“It is important to note that standard, non-jailbroken iPhones are not at risk; it is extremely dangerous to jailbreak an iPhone because of the vulnerabilities that this process creates,” claims Intego, who believe 6-8 per cent of iPhones are jailbroken.

The tool reportedly allows a hacker to silently copy user data from a compromised iPhone including email, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone application insists Intego.

This new hacker also tool gives no indication that it has invaded an iPhone warns the company.

“Hackers using this tool will install it on a computer – Mac, PC, Unix or Linux – then let it work. It scans the network accessible to it, and when it finds a jailbroken iPhone, breaks into it, then steals data and records it,” insists Intego.

“This hacker tool could easily be installed, for example, on a computer on display in a retail store, which could then scan all iPhones that pass within the reach of its network. Or, a hacker could sit in an Internet café and let his computer scan all iPhones that come within the range of the wifi network in search of data.|

“Hackers could even install this tool on their own iPhones, and use it to scan for jailbroken phones as they go about their daily business,” Intego adds.

Stay tuned for additional details as they become available and, well, if you were planning on jailbreaking your iPhone in the near future, you might want to give it a second thought.

Apple Files Patent for iPhone Theft Prevention Technology

Posted by:
Date: Friday, September 11th, 2009, 05:58
Category: iPhone 3GS, Patents, security

3gs.jpg

A recently published patent application filed this week by Apple suggests the company is looking to use the device’s accelerometer to detect possible theft of the hardware. Per AppleInsider, in a application entitled “Acceleration-Based Theft Detection System for Portable Electronic Devices,” Apple describes a system that would analyze movement via a device’s accelerometer to determine whether a theft is present. If the system were to interpret fast movement as a theft, it would initiate an alarm.

“The drive toward miniaturization of electronics has resulted in computer-based systems that are becoming much more portable,” the application reads. “Current portable electronic devices such as laptop computers, hand-held devices such as cellular telephones and personal media devices, such as the iPod from Apple Computer, Inc., and even devices such as compact disc players, are sufficiently compact and lightweight as to make them easily movable. Unfortunately, such ease of transport also implies ease of theft. While the rightful owner of a portable electronic device may conveniently transport it almost anywhere, so can a thief. ”

The patent application goes on to state that traditional theft-prevention methods like mechanical locks are bulky and tether the device, eliminating portability and convenience. In the proposed system, the accelerometer would be used to determine whether the device is currently in a likely theft condition.

“Typically, theft or other large-scale movement of the device results in an acceleration signal having characteristics different from other events such as shock, impact, nearby machinery, etc,” the application reads. “The detected acceleration as a function of time is thus analyzed to determine whether it corresponds to such large-scale movement of the device, rather than an innocuous event such as the impact of a book dropped nearby. If so, an alarm is produced in order to alert others to the theft.”

The described system would have methods to prevent false alarms through “signal conditioning,” which could filter out events such as shock or impact associated with an iPhone being dropped. The system would also allow the phone owner to display a “visual warning” for potential would-be thieves. Such a warning would warn potential thieves that the device “has an active theft detection system protecting it.”

The patent was filed by Apple on May 20th, 2009 and is credited to Paul J. Wehrenberg of Palo Alto, Calif.

Apple Working on iPhone OS 3.0 Mail Bug Fix

Posted by:
Date: Wednesday, August 19th, 2009, 03:00
Category: iPhone, iPhone 3GS, security, Software

3gs.jpg

Following up on the iPhone OS 3.0 mail bug in which the act of deleting an e-mail within iPhone OS 3.0 isn’t enough to destroy its contents, Apple is reportedly aware of the flaw and could be working on a fix.

According to Gizmodo, a source close to the story has stated that the fix will likely come in iPhone OS 3.1 for the iPhone and iPod touch. The problem, occurs when a user attempts to delete an e-mail. Even after emptying the Mail application’s trash, the message, and all of its contents, are still accessible through the phone’s Spotlight search feature.

To test the flaw, delete a message within the iPhone’s Mail software. Remove it from the trash, and check your mail server to ensure it’s erased. Then, search for the subject line of the message in Spotlight, where, in many cases, the entire message can still be read.

“As far as I can tell, there is no way to completely delete emails from iPhone OS 3.0, which isn’t just strange, it’s a disastrous security flaw,” John Herrman writes for Gizmodo.

The site’s internal tipster doesn’t give any certainty, though, only saying Apple will “probably” include a fix in the upcoming iPhone OS update.

iPhone OS 3.0 Mail Bug Revealed

Posted by:
Date: Tuesday, August 18th, 2009, 04:07
Category: iPhone, security, Software

3gs.jpg

A significant security hole in iPhone OS 3.0 may have surfaced, as a recently published YouTube video demonstrates how the Spotlight search cache doesn’t sync message status with the mail client, so you can still pull up old messages with Spotlight if you know the subject line. According to Engadget, user Matt Janssen, who discovered the bug, says he’s been able to pull up emails three or four months old. Current rumors state that the bug is fixed in iPhone OS 3.1, but until then, here’s the video:



Apple Releases Security Update 2009-004 for Mac OS X 10.4, 10.5

Posted by:
Date: Thursday, August 13th, 2009, 02:58
Category: Mac, security, Software

applelogo1.jpg

Late Wednesday, Apple released Security Update 2009 – 004 for Mac OS X 10.4 and Mac OS X 10.5. The new update, which can be located and installed via Mac OS X’s Software Update feature, repairs a vulnerability in software package BIND that could let a remote party interrupt the Domain Name System service. According to Macworld, BIND has previously been the target of hackers, most notably a major vulnerability exposed by security expert Dan Kaminsky in 2008 that was later patched by Apple and other software vendors. On the upside, while BIND is included in OS X (both server and client editions) it’s not enabled by default.

If you’ve tried the update and have any feedback to offer, let us know in the comments.

Apple Releases Security Update 2009 – 003

Posted by:
Date: Thursday, August 6th, 2009, 04:34
Category: security, Software

applelogo1.jpg

Along with yesterday’s release of the long-awaited Mac OS X 10.5.8 update, Apple also released four security updates for users of OS X 10.4.

According to Macworld, the updates for the PowerPC version of Tiger, the Intel version of Tiger, the PowerPC version of Tiger Server, and the Universal version of Tiger Server address security issues that could have cause applications to quit unexpectedly or arbitrarily execute code. Those issues include decompressing maliciously crafted data, viewing a maliciously crafted image with an embedded ColorSync profile, viewing a maliciously crafted OpenEXR, or processing a maliciously crafted PNG image. The update also addressed a format string issue in Login Window that could lead to an unexpected application termination or arbitrary code execution.

The updates can be located and installed via Mac OS X’s built-in Software Update feature and require Mac OS X 10.4.11 to install and run.

iPhone 3GS Hardware Encryption Cracked in Two Minutes

Posted by:
Date: Monday, July 27th, 2009, 05:35
Category: iPhone 3GS, security

3gs.jpg

As cool as the recently-released iPhone 3GS may be, there may be room for improvement. According to a blog entry over on Wired’s Gadget Lab, iPhone Forensics expert Jonathan Zdziarski describes how the hardware encryption of the iPhone 3Gs can be worked around and demonstrates how both the passcode and backup encryption can be bypassed in about two minutes.

Zdziarski goes on to comment that all data on the iPhone, including deleted data, is automatically decrypted by the iPhone when it’s copied, allowing users and law enforcement agencies alike access the device’s raw disk as if no encryption were present. A second demonstration features the recovery of the iPhone’s entire disk while the device is still passcode-locked.

Stay tuned for additional details as they become available and if you’ve heard anything about this, let us know in the comments.

Apple Releases Security Update 2009-002 for Mac OS X 10.4.X Users

Posted by:
Date: Wednesday, May 13th, 2009, 09:34
Category: security, Software

applelogo1.jpg
If you’re still running Mac OS X 10.4.x (“Tiger”), there’s no reason you shouldn’t feel as secure as a user running Mac OS X 10.5.7 with all its inherent updates. According to MacNN, Apple released Security Update 2009-002 for the previous operating system.
The update patches several areas of Tiger, including Apache, CoreGraphics, CUPS, Disk images, Flash Player plug-in, Help Viewer, Spotlight, X11, and more and fixes problems ranging from keeping PDFs opened in CoreGraphics from executing malicious code to preventing maliciously crafted Mach-O executables from causing the Finder to repeatedly terminate and relaunch.
There are four variants of the update (one each for Mac OS X 10.4.x on PowerPC and Intel-based hardware as well as two server versions) that can be located and installed via Mac OS X’s built-in Software Update feature.

TomTom Looking for Developers to Help Create iPhone Application

Posted by:
Date: Monday, May 11th, 2009, 08:46
Category: iPhone, security

3giphone.jpg
Navigation and not-getting-as-lost outfit TomTom is apparently stepping up its efforts to create a turn-by-turn application for the iPhone.
Per Electronista, a jobserve.us job listing doesn’t mention the company but asks for someone to develop navigation software in Amsterdam, the location of TomTom’s headquarters. The ideal candidate would start in May or June and work on developing the application for at least six months.
TomTom was one of the earliest GPS device makers to express an interest in iPhone applications, confirming its attempts a month ahead of the App Store’s launch last July.