Posts Tagged ‘apple’

Unpatched Mac OS X Zero-day Bug Allows Root Access Without Password

Tuesday, August 4th, 2015

Hackers have their hands on something of your concern. A severe zero-day vulnerability in the latest, fully patched version of Apple’s Mac OS X is reportedly being exploited in the wild by the hackers. The vulnerability could allow attackers to install malware and adware onto a target Mac, running OS X 10.10 (Yosemite) operating system, without requiring victims to enter system passwords, a new report says. The zero-day bug came over a week after security researcher Stefan Esser discovered a privilege escalation zero-day vulnerability in the latest version of Apple’s OS X Yosemite that caused due to environment variable DYLD_PRINT_TO_FILE and dynamic linker dyld, new error-logging features added to the operating system. The developers failed to implement standard safeguards that are needed while adding support for new environment variables to the OS X dynamic linker dyld, allowing hackers to create or modify files with root privileges that can fit anywhere in the Mac OS X file system. OS X Zero-Day Exploit in the Wild Now, security researchers from anti-malware firm Malwarebytes spotted a malicious installer in the wild that was exploiting the zero-day vulnerability to infect Macs with different types of adware including VSearch, MacKeeper and Genieo.

The issue actually resides in a hidden Unix file – Sudoers – which is actually a list of files as to which software are allowed to get root permissions on a computer. However, a modification to the Sudoers allowed the installer to gain root level permissions without the need of password from an administrator. The issue was discovered by Adam Thomas while testing a new adware installer. “The script that exploits the DYLD_PRINT_TO_FILE vulnerability is written to a file and then executed,” Malwarebytes researchers explains in a blog post. “Part of the script involves deleting itself when it’s finished.” “The real meat of the script, though, involves modifying the Sudoers file.

The change made by the script allows shell commands to be executed as root using sudo, without the usual requirement for entering a password.” No Way Out for Mac Users The zero-day flaw affects both the current stable Mac version OS X 10.10 (build 10.10.4) and the recent Beta build OS X 10.10.5 (Yosemite). Good news for Mac users who are running Mac OS X 10.11 El Capitan Beta builds, as it appears that they are not affected by the zero-day flaw. Until Apple patches this critical issue, you don’t have any good options to prevent a skilled hacker from installing malware on your Mac systems, beyond using a patch created by Esser himself, which can be downloaded from here. No doubt, Esser is a respected security researcher, but installing a patch from a third party developer can be a risky. Therefore, we advise you to fully investigate the patch before installing.

Source: Unpatched Mac OS X Zero-day Bug Allows Root Access Without Password

What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users

Wednesday, March 4th, 2015

Researchers have uncovered the latest vulnerability in the way our data is protected online, with the Freak bug potentially putting hundreds of millions of smartphone and tablet users at risk.

The bug, which affects HTTPS encrypted communication online, has been around for decades, but was only uncovered on 3 March, 2015. If exploited the bug could give hackers access to your personal data including login details and evening banking information.

Here, we break down just what Freak is, how it works, and who is vulnerable:

What is Freak?

Freak is the latest security flaw to be discovered in the cryptographic protocols which are used to encrypt your online communications – known as SSL and TLS.

The vulnerability is in particular found in OpenSSL, the same protocol which was at the centre of the Heartbleed controversy last year.

Who discovered it?

The vulnerability, which has been around since the 1990s, was only discovered on Tuesday, 3 March by researchers at the French Institute for Research in Computer Science and Automation, Microsoft Research and IMDEA.

Why has Freak been around for so long?

The problem dates back to the early 1990s when the US government decided that it wanted to weaken the encryption standards on products being shipped overseas by US companies.

It required the companies to downgrade the encryption being used from strong RSA grade encryption to “export-grade” encryption. At the time this “export-grade” encryption was still relatively strong, requiring a supercomputer to be able to crack the 512-bit encryption key, meaning only the US government were likely to be able to exploit the vulnerability.

However with the rapid advance in computing, this is no longer the case, and with access to huge computing power through the likes of Amazon’s cloud computing service AWS, anyone could potentially exploit the Freak bug.

As renowned cryptographer Matthew Green says:

The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography so that intelligence agencies would be able to monitor. This was done badly. So badly, that while the policies were ultimately scrapped, they’re still hurting us today. Encryption backdoors will always turn around and bite you in the ass. They are never worth it.

Who is vulnerable to a Freak attack?

iPhone 6 Review
The Safari browser on Apple’s iPhones and iPads is vulnerable to attack(IBTimes UK)

According to the researchers on the user side, Apple’s Safari web browser on its iPhone, iPad and Mac devices is vulnerable as well as almost all versions of Android as Google uses the OpenSSL protocol in its mobile operating system. That means that potentially hundreds of millions of people are at risk.

The Chrome desktop browser, Microsoft’s Internet Explorer or Mozilla’s Firefox are not vulnerable.

On the server side, according to researchers, just shy of 10% of the internet’s top million websites are vulnerable. This is down from 12.2% on Tuesday, meaning that website administrators seem to be fixing the problem.

There are however still many major websites including banking, media and government sites which are affected. These include the websites of American Express, Business Insider, Bloomberg, the Marriot hotel group and indeed IBTimes UK.

The list previously included the FBI’s website for anonymous informants, but this is no longer vulnerable it would seem. However the website remains vulnerable.

The full list can be found here.


via What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users.

Google discloses three severe vulnerabilities in Apple OS X – CNET

Friday, January 23rd, 2015

Google’s Project Zero security team revealed the existence this week of three vulnerabilities with high severity that have yet to be fixed in Apple’s OS X operating system.

Although each of the flaws requires an attacker to have access to a targeted Mac, they could all contribute to a successful attempt to elevate privilege levels and take over a machine.

The first flaw, “OS X networkd “effective_audit_token” XPC type confusion sandbox escape,” involves circumvention of commands in the network system and may be mitigated in OS X Yosemite, but there is no clear explanation of whether this is the case. The second vulnerability documents “OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator.” The third one, “OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice.” includes an exploit related to OS X’s kernel structure.

Each vulnerability, as with any disclosed by the Project Zero team, includes a proof-of-concept exploit.

The vulnerabilities were reported to Apple back in October but the flaws have not been fixed. After 90 days, details of vulnerabilities found by Project Zero are automatically released to the public — which is what happened this week.

Project Zero, which Google officially launched in mid-2014, tasks researchers with uncovering any software flaws that have the potential of leading to targeted attacks on people’s computers.

On Apple’s product security page, the company states: “For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.”

This isn’t the first time Google’s Project Zero has published vulnerabilities that are yet to be fixed. In the past several weeks, the tech giant’s security team has published information about three separate, unpatched security flaws in Microsoft’s Windows operating system.

via Google discloses three severe vulnerabilities in Apple OS X – CNET.

Microsoft Open Sources .NET, Saying It Will Run On Linux and Mac | WIRED

Wednesday, November 12th, 2014

Satya Nadella’s rapid reinvention of Microsoft continues.

In yet another bid to make up lost ground in the long march to the future of computing, Microsoft is now open sourcing the very foundation of .NET—the software that millions of developers use to build and operate websites and other large online applications—and it says this free code will eventually run not only on computer servers that use its own Windows operating system, but also atop machines equipped with Linux or Apple’s Mac OS, Microsoft’s two main operating system rivals.

“We want to have a developer offering that is relevant and attractive and valuable to any developer working on any kind of application,” says S. “Soma” Somasegar, the 25-year Microsoft veteran oversees the company’s wide range of tools for software developers.

With the move, Microsoft is embracing the reality that modern software and online services run atop a variety of operating systems—and that Windows no longer dominates the market the way it once did. At least tacitly, the software giant is acknowledging that so many businesses and developers now choose to run their software atop computer servers loaded with the open source Linux operating system, which, in recent years, has evolved in ways that Windows has not. Most notably, it offers what’s called containers, a new means of streamlining the way applications are built and operated.

“Today, people who are stuck on the .NET platform have to use a server environment that doesn’t have what Linux does,” says James Watters, who, at a company called Pivotal, works hand-and-hand with a wide range of developers and companies as they build large online software applications. “They’re stuck with a generation-behind technology.”

For Watters, Microsoft has ample ground to make up. But in opening sourcing what’s called the .NET Core runtime—freely sharing it with the world at large—the company at least gives itself a fighting chance as it seeks to maintain a hold on the way the world builds and runs software.

In theory, an open source .NET that runs on Linux and Mac OS will expand the use of Microsoft’s developer tools. Then the company can pull in revenue through other channels—through premium versions of its developer tools and through its cloud computing service, Microsoft Azure, a means of building and running software without setting up your own servers.

The move is just the latest in a long line of rather large changes Microsoft has made since Nadella took over as CEO in January—all with an eye towards the rise of rival operating systems and open source software. The company now offers free versions of its Office applications for Apple iPhones and iPads. It provides a free version of Windows for phones and other small devices, hoping to catch up with Google’s open source Android operating system. And it says that the next version of Windows for computer servers will run Docker, a hugely important container technology that was originally built on Linux.

All this seemed unlikely under previous CEO Steve Ballmer—and all can help Microsoft find new relevance in the ever-changing world of online computing.

Chasing Java

Among developers and businesses building websites and other large online services, .NET is one of the primary competitors to Java. It’s widely used among companies that rely heavily on Microsoft software —the company says .NET was installed more than 1.8 billion times over the last year—but according to most estimates, Java is still the more popular tool. And many consider it the more powerful.

According to Watters, about 60 percent of Pivotal’s customers built their apps atop Java, about 40 percent on .NET. “Java is the go-to, and .NET is the legacy,” he says.

via Microsoft Open Sources .NET, Saying It Will Run On Linux and Mac | WIRED.

Android iOS Market Share: July 2014 sees Android top iOS | BGR

Friday, August 1st, 2014

samsung s5

We all know Android’s market share crushes every other mobile platform out there in terms of shipment volume, but Android’s share of mobile usage as recorded by various networks around the world has always lagged Apple’s iOS platform… until now.

Just as we noted would be the case, Net Applications shows that Android’s share of global smartphone and tablet usage has narrowly topped worldwide combined usage of iPhones and iPad tablets. This marks the first time in the platform’s history that it finds itself at the top of the mobile pile.

Net Applications measure global mobile usage, which it refers to as market share, by monitoring traffic across its massive global network.

Screen Shot 2014-08-01 at 9.21.48 AM

In the month of July, the firm shows that Android’s usage share jumped to 44.62% from 43.75% in June. As Android was gaining almost a point, iOS’s share of global mobile usage dipped to 44.19% in July from 45.61% in June.

via Android iOS Market Share: July 2014 sees Android top iOS | BGR.

Can you work on an iPad like Tim Cook? – CBS News

Monday, July 28th, 2014

In a recent speech celebrating a new partnership between his company and IBM (IBM), Apple (AAPL) CEO Tim Cook asserted that he did about 80 percent of his work on an iPad, and suggested that this should work for everyone else as well: "There’s no reason why everyone shouldn’t be like that," he said.

That’s easy for Apple’s chief executive to say. But how realistic is it for ordinary workers to rely largely on a tablet for their computing needs?Actually, he might not be that far off the mark.

Studies show that 28 percent workers’ time is occupied with email correspondence, and the iPad (along with all other major tablet platforms, including Android and Windows 8) can handle most email just fine, including POP, IMAP and Microsoft Exchange.

via Can you work on an iPad like Tim Cook? – CBS News.

Undocumented iOS Features left Hidden Backdoors Open in 600 Million Apple Devices

Tuesday, July 22nd, 2014

ios vulnerable

A well known iPhone hacker and forensic scientist has unearthed a range of undocumented and hidden functions in Apple iOS mobile operating system that make it possible for a hacker to completely bypass the backup encryption on iOS devices and can steal large amounts of users’ personal data without entering passwords or personal identification numbers.Data forensics expert named Jonathan Zdziarski has posted the slides PDF titled “Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices” showing his findings, from his talk at the Hackers On Planet Earth HOPE X conference held in New York on Friday.Jonathan Zdziarski, better identified as the hacker "NerveGas" in the iPhone development community, worked as dev-team member on many of the early iOS jailbreaks and is also the author of five iOS-related O’Reilly books including "Hacking and Securing iOS Applications."The results of his overall research on the iOS devices indicate a backdoor into iOS device’ operating system, although it is not at all that much widely open as a number of reports have suggested.You can protect your iOS device settings, Messages, Camera Roll, documents, saved games, email account passwords, Wi-Fi passwords, and passwords that you enter into websites using iTunes Backup feature. iTunes also allows users to protect their backup data with an encryption.

via Undocumented iOS Features left Hidden Backdoors Open in 600 Million Apple Devices.

Samsung unveils prototype health device a week before Apple’s expected Healthbook launch | mobihealthnews

Thursday, May 29th, 2014

One week before Apple’s World Wide Developer Conference, where the company is widely expected to announce its rumored Healthbook app, Samsung hosted an event called Voice of the Body in San Francisco to show off a couple of digital health projects.

The two new digital health projects included Simband, an “investigational device” — not a product – that is stocked with a variety of health sensors and room for third party developers to add their own. Samsung also unveiled Samsung Architecture Multimodal Interactions, or SAMI, which it described as a “data broker” that future devices based on the Simband and other third party health tracking devices could upload data to that could then be used by app developers to create new apps.

During his presentation Samsung Electronics’ Young Sohn, president and chief strategy officer of device solutions at the company, said that consumer-driven digital health has had three generations so far. The last five years were all about smartphone health apps, while the second generation — the one we’re in now — is focused on connected fitness devices. Next, digital health is moving into the wearable sensor era.

via Samsung unveils prototype health device a week before Apple’s expected Healthbook launch | mobihealthnews.

Cyberattack that locked Apple devices in Australia reaches U.S. – CBS News

Wednesday, May 28th, 2014

First came reports of a widespread hack of Apple devices in Australia — the attacker locked the devices remotely and demanded ransom from the owners. Now, CBS Los Angeles reports the scam appears to have reached the U.S.Earlier this week, many Australian owners of Apple devices began discovering that their iPhones, iPads and Macs had been hacked by someone using the name Oleg Pliss. They were directed to a PayPal account and told to send money to have them unlocked, the Sydney Morning Herald reported.A majority of victims affected by the hack so far appear to be from Australia, according to an Apple support thread, but there were also owners affected in New Zealand, the U.S. and Canada.

One Australian user commented that they had been in London when the threatening message appeared.”I’m in the U.S. Never been to Australia. Hacked last night by the Oleg Pliss nonsense. Currently restoring to try and get back online,” wrote user wheelman2188.The hacker is reportedly targeting Apple products that do not have passcodes — allowing for them to use the “Find My iPhone” function to remotely lock the devices.”I thought it was a joke, and I was like ‘Yeah yeah, whatever’, and went to open my phone, and nothing,” Southern California victim Nathan Sohm told CBS Los Angeles. “The whole reason I got into Apple was to prevent hacks and viruses. And here it is being hacked,” he added.Just like their Australian counterparts, American victims of the hack are being advised to bring in their locked device to an Apple store to be reset. However, this will cause the user to lose everything stored on the device, an employee from a California Apple store told CBS Los Angeles.On Wednesday, an Apple representative told ZDNET that iCloud was not compromised, and urged users to change their Apple passwords.”Apple takes security very seriously and iCloud was not compromised during this incident. Impacted users should change their Apple ID password as soon as possible and avoid using the same username and password for multiple services,” the company said in a statement.The cyber attack happened just as Apple is preparing for its annual Worldwide Developers Conference next week. The company reportedly has plans to unveil a new “smart home” control system at the conference.

via Cyberattack that locked Apple devices in Australia reaches U.S. – CBS News.

Research Project Enables iOS Apps to Run on Android | NDTV Gadgets

Wednesday, May 14th, 2014

A team of six students at Columbia University has created a software framework for Android that allows simple iOS apps to run as if they were native. The technique tricks Android into believing the apps were designed for it, while creating an environment that the apps can run in stably.

The students, Jeremy Andrus, Alexander Van’t Hof, Naser AlDuaij, Christoffer Dall, Nicolas Viennot and Jason Nieh, managed to create Project Cider at the individual processing thread level rather than using a virtualisation layer, which has already been done across various platforms.

In an abstract of the full PDF report posted to Columbia University’s Software Systems Laboratory website (and reported by TheNextWeb), the team describes two new binary compatibility mechanisms, compile-time code adaptation, and diplomatic functions. The abstract reads, “Compile-time code adaptation enables existing unmodified foreign source code to be reused in the domestic kernel, reducing implementation effort required to support multiple binary interfaces for executing domestic and foreign applications. Diplomatic functions leverage per-thread personas, and allow foreign applications to use domestic libraries to access proprietary software and hardware interfaces.”

The team used a Google Nexus 7 tablet to demonstrate the technique, referring to Android as the “domestic OS” and iOS the “foreign OS”. By intervening between iOS apps and Android’s binary app interfaces, the team was able to successfully run various iOS apps side by side with Android apps. Translation occurs for the iOS apps only, without the rest of the system being affected.

Project Cider has its limitations related to app and hardware functionality. It cannot currently translate instructions and interfaces for access to a device’s Bluetooth, GPS, cameras and even cellular radios. iOS apps that can still run with these functions turned off will do so. The team intends to continue development work on this project.

via Research Project Enables iOS Apps to Run on Android | NDTV Gadgets.