Apple’s iBoot source code is leaked online

Apple is a company well known for it’s secrecy surrounding upcoming products and features. The company has it’s own dedicated Global Security team, tasked with monitoring possible leaks and tracking down the source. So it was a shock to many when the source code behind iBoot, the second-stage bootloader responsible for securely launching iOS, was leaked February 7th, 2018.

The source code that leaked was from a version of iBoot that ran alongside iOS 9.3, making it outdated by a couple of years. This may make it sound like there is little to no risk, given that Apple reports that only 7% of all active iOS devices are using a version of iOS less than 10. However, this code still holds significance in the world of mobile security, allowing security researchers and hackers alike to directly view the code responsible for checking code signatures and launching iOS on the iPhone, iPad, and iPod Touch.

Although the most up-to-date version of iBoot may eliminate some of the flaws that can be found in the leaked code, it is still entirely possible for vulnerabilities to still exist between both versions, and if not, the code still provides valuable insight for a low-level system process that could be used to compromise, or jailbreak, an iOS user’s device. Information learned from the source code could also lead to the future emulation of iOS on unsupported platforms.

The leak originated from a Reddit post made with a throw-away account in September of 2017 on the r/jailbreak subreddit, linking to a download of the source code. The post made little traction due to the subreddit’s policy for new users, however the leak gained publicity when links to the post began appearing on Twitter. Shortly after the original link was taken down, the code was re-uploaded to GitHub, and has continued to show up on the site despite Apple’s multiple DMCA take-down requests.

The iBoot leak itself also makes a statement for Apple’s security, which within the past week has dealt with numerous leaks of internal files and information, including future Apple Watch firmware, development Apple TV firmware, a large leak of private links to Apple sales material, and even the source code for the Baseband from iOS 9.3. Leaks like these can come from unsecured web servers as well as employees who either accidentally or purposefully give away the information. Apple has reportedly led investigations within the company to find leakers through their Global Security team, sometimes taking years to track down the source of an information leak. What Apple does now about their security in response to the breaches mentioned has yet to be seen.

Sources:

-Alex Noel

Advertisements

Way to go VTech.

One month ago a hacker revealed that he had broken into the toymaker VTech and retrieved a lot of information that was disturbing. Apparently, VTech had been storing  images, chat logs, home addresses, emails, names, genders and even birthdays of every customer. This would include the parents and their children who the products were most likely being used by.  Around 4,000,000 parents and 200,000 of the children using the products information was readily available for anyone who knew what they were doing. The hacker did not relinquish the way he was able to break into VTech, probably in an attempt to keep this information secret from people who want it but do not know how to hack, but has commented that he retrieved 190GB worth of photos and shared 3832 images with motherboard, a blogging site, with all the faces blocked out.VTech has yet to concretely say what their exact reasoning was but the wording of their attempt to justify it was so that they can send the password to the user directly. You know because that is such a GREAT idea, instead of just having them reset their password every time they forgot it because the company made it entirely impossible for them to access it on their own and with ease, I will just send you it back. The person that thought this was a good idea should get fired, like, two years ago.

https://nakedsecurity.sophos.com/2015/12/01/photos-of-kids-and-parents-chatlogs-audio-files-stolen-in-vtech-breach/

Security in Healthcare

According to a recent survey, Healthcare is the latest favourite of the hacking community. There’s a shortage of security professionals in the healthcare business, and while many respondents involved in tech are worried about personal records and other data, the ones who aren’t involved in tech, while worried, do not believe their corporations to have been hit.

The tech respondents have a right to be worried. Recently, it’s come to light that Healthcare experiences 340% more security attacks and incidents than any other sector, and advanced malware is suspected in 1 of every 600 attacks, making Healthcare four times more likely to be hit by advanced malware than any other sector.

There are many ways that hackers can get in. With the digitalization of patient records, as well as the addition of wearable technology, such as smart watches and smartphones, hackers are finding many new avenues to break into the system. While security for wearable technology is a separate issue, Jonathan Collins, a principal analyst for ABI Research says that they can pave the way for easier access to Healthcare records.

By Kathleen H. Justen

http://www.technewsworld.com/story/82638.html

Are baby monitors the new targets for hackers?

Rapid 7 released reports the beginning of this month describing newfound vulnerabilities in baby monitors. Theses faulty monitors, from several different manufactures, were found to leak predictable information, backdoor credentials and privilege escalation. Hackers have the ability to tap into these baby monitors since little security measures are taken to protect the content stored or tied to them.

According to this article by Richard Adhikari “Backdoor credentials — the vulnerability most frequently found — showed up in five products from different manufacturers.” This finding tells me that manufactures do not have proper restrictions on encrypting information on these monitors.

So what’s the big deal if hackers have access to the baby monitors in your house, it’s not like a great deal of financial or personal information is tied to it right? No, it’s not like they are accessing that type of information but what can be leaked by hacking into these monitors include: video and audio from the device; from a live stream or previously recorded clips, according to Mark Stanislav, senior security consultant for global services at Rapid7. No parent aware of these capability cyber intruders have would allow for a device in their home in which a stranger could watch their child.

“In the race to market and bring products to consumers, inattention to security is likely to be an issue”, said Craig Spiezle, executive director of the Online Trust Alliance. It is morally wrong for companies to make production of their product more important that the security of the device. Manufacturers “need to look at the risk and vulnerability and areas for abuse…. they need to design in the ability to patch or remediate once the product leaves their factory”, alleged Craig Spiezle. The problem only gets worse if you consider other uses of these defective products in the business sphere, compromised devices could be used to spy on people in their offices.

Source: http://www.technewsworld.com/story/82449.html

Author: Richard Adhikari has written about high-tech for leading industry publications since the 1990s and wonders where it’s all leading.

By: Lisa Hornak

Apple Malware Theft

Today Apple had what quickly becoming know as their largest account theft, due to malware. Palo Alto Networks and Weip Tech came across a server that held over 225, 000 valid user names and passwords that had been stolen via a new malware family named KeyRaider in the iOS.

The malware only effects users with jailbroken iOS devices has struck users in 18 countries. According to Claud Xiao, “The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device.”

KeyRaider is also stealing Apple’s push notifications and private keys, but it’s also sharing the App store’s purchasing information. These stolen credentials eventually allow users to make purchases for free using iOS jailbreak tweaks.

They’ve also been locking down devices, and holding them for ransom. It disables unlocking operations, and demands a ransom without going through the Apple push servers.

According to Jonathan Sander (the Lieberman Software VP), and Tim Erlin (Tripwire’s Director of IT Security and Risk Strategy), jailbreaking your iPhone paints a target on your back, and in this case it was taken advantage of.

~ Kathleen Justen

http://www.esecurityplanet.com/mobile-security/225000-apple-credentials-stolen-via-ios-malware.html