Category Archives: iOS

What is YOUR Level of Paranoia?

A Houston lawyer is suing Apple alleging that Apple’s Facetime bug (still not fixed) that allowed people to eavesdrop even if you do not answer the call, allowed a private deposition to be recorded.

If you are among the geek crowd you probably know that the most paranoid person around, Edward Snowden, required reporters to put their phones in the freezer (not to keep them cold, but rather the metal box of the freezer kept radio waves out) when they were talking to him.

The lawyer is calling the bug a defective product breach and said that Apple failed to provide sufficient warnings and instructions.

I am not intimately familiar with Apple’s software license agreement, but assuming it is like every other one I have seen, it says that they are not responsible for anything and it is completely up to you to decide if the software meets your needs.

That probably conflicts with various defective product laws, but if that strategy had much promise you would think some lawyer would have tried that tactic before.

But the problem with the iPhone and the lawsuit do point out something.

We assume that every user has some level of paranoia.  Everyone’s level varies and may be different for different situations.  We call that your Adjustable Level of Paranoia of ALoP (Thanks James!)

YOU need to consider your ALoP in a particular circumstance. 

You should have a default ALoP.  Depending on who you are, that might be low or high.  You will take different actions based on that.

In this case, if the lawyer was really interested in security, he should not have allowed recorders (also known as phones and laptops) into the room.  He also should have swept for bugs.

That is a trade-off for convenience.  But, that is the way security works.  Low ALoP means high convenience.  High ALoP means lower convenience.  Ask anyone who has worked in the DoD world.   If you work in a classified environment you cannot bring your phone into the building.  They have lockers to store them in if you do.  If you ignore that rule you can lose your clearance or even get prosecuted.

Bottom line is that you need to figure out what your ALoP is for a particular situation and make adjustments accordingly.

Suing Apple will not solve this attorney’s problem.  There will be more software bugs.  I promise this was NOT the last one.

But the lawyer will get his 15 seconds of fame before the suit is settled or dismissed.

Source: ABC 13.

Facebooktwitterredditlinkedinmailby feather

Apple Didn’t Get It Quite Right – Again

Parental controls are generally a good thing.

Except when it blocks the wrong sites and lets the bad sites  through.

So what is Apple doing in this case?

Sites that are blocked: Scarleteen and O.school, which are sex education sites and Teen Vogue.

Sites that are OK: The Daily Stormer, a neo-nazi site that publishes articles about how women secretly like to be raped.

Web searches like “how to say no to sex”, “sex assault hotline” and “sex education” were all blocked.

But “how to poison my mom”, “how to join isis” and “how to make a bomb” were all okay.

Suffice it to say, Apple has a bit of work to do.

Apple did not respond to Motherboard’s request to explain what is going on.

This is a new feature in iOS 12 and if you remember what happened when Apple released it’s mapping program (like telling people to drive into the ocean), it takes some work to get this right.

There are lots more examples in the article, some rated a little less PG so I am not including them here.

My recommendation – if you want to block content, you should probably discuss that with your kids.  The Internet is a bit of a cesspool and for young kids, some protection is probably in order.  You should find a paid product (that has support available) that has been around for a while and has good reviews.  Apple, apparently, doesn’t fit into that category.  YET.

Information for this post came from Motherboard.

 

Facebooktwitterredditlinkedinmailby feather

Soldiers Get Lonely Too

If you can’t beat them on the battlefield, beat them in cyberspace.  Israel has accused Hamas of creating a fake dating app and targeting both male and female Israeli soldiers to download the app.

Once installed, the app has the ability to see the soldier’s location, contact list and to use the phone as a listening device and camera.

The app targeted Android phone users, likely because that was easier to do.  This is apparently the second generation of a surveillance app and is more sophisticated than the earlier app.  The user granted the app the permissions to do all of these things, which sort of makes sense for a dating app.

In an effort at spin control, the Israeli Defense Force said that the apps had failed to do any security damage at all, saying that some soldiers had refused to download the app and reported it to superiors.  They did admit that some soldiers had downloaded and installed the app.

In another situation, researchers at Northeastern University ran a small experiment to try and detect if their phones were eavesdropping on them.

They took what amounts to a tiny sample of apps – 17,000 out of millions – to see if the phone’s microphone was activated.  Out of this small sample, they didn’t find any.

What they did find, however, may be more disturbing.

They discovered that many of these apps were sending screenshots of the phone to third party domains and also video recordings of the user’s interaction with the apps.  There is only a very tiny step from there to listening to you in general.

The fact that these apps were doing this was not obvious to a normal user.

Given this, what do you do?

First, and you are not going to like this, read the user license agreement.  While only some of the apps that secretly recorded screenshots and video disclosed the fact in their license agreement, some of them did disclose it.

Second, if you are no longer using an app, uninstall it.  If the app is not there, it is hard to eavesdrop.

Finally, be cautious about installing apps.  Some people never met an app that they couldn’t use.  Being selective is probably just smart.

This, apparently, is both an Android and iPhone problem as some of the frameworks that mobile apps are built on top of intentionally offer this screen and video capture.  At least one vendor, Appsee, said they their developers are violating their license agreement by capturing user data without permission.  Once they were outed by the media, they disabled the video capture for a single app and feel a lot better about themselves.  Google also says this violates the Play store agreement.  Gee, I am sure that any hacker would be scared about that.

Other software platforms may not even care.

Until Google and Apple give you the ability to absolutely, positively know if your data is being captured, you have something else to be concerned about.

 

Information for this post came from The Guardian and Gizmodo.

Facebooktwitterredditlinkedinmailby feather

DNS Hijacking Malware targets iPhones, Android and Desktops

While most of the general user base has never heard of DNS and of those that have, only a few of those understand how it works, that has not stopped the hackers from very effectively abusing it against everyone.

Very simply, DNS maps the www.xyz.com names that people use in their browsers into the IP addresses that computers use and if that process can be corrupted, well, then, we have trouble  in River City.

Well, it can be corrupted and it has been corrupted and we do have trouble.  In River City.  And elsewhere.

The malware called Roaming Mantis now works on iPhones, Android Phones and desktops, in addition to Internet routers.

The attacks fool users into installing infected software and from that point, they can pretty much do anything they want.

Information for this post came from Hacker News.

So what should you do to protect yourself?

First, protect your router:

Use a strong password and NOT the default one.

Turn off the feature that allows you to administer your router FROM THE INTERNET, usually called remote administration.

Even though it is super tempting sometimes, do not install apps on your phone or computer that do not come from known reputable sources.

When you go to a site that asks for your credentials, attempt to verify the site.  Look closely at the URL for typos, look for the secure indicator, if your anti-virus software tests web sites, look at those results.  Mostly, just slow down a bit and see if what you are being asked to do seems logical.

Beyond that, you are likely going to need expert help.

Facebooktwitterredditlinkedinmailby feather

Is the Apple Losing its Shine?

Last week there were multiple reports that Petah Tekvah, Israel based Cellebrite could unlock any iPhone up to and including the iPhone X running the most current version of the Apple OS, but you had to send the phone to them along with a check for $1,500, per phone.

This week there is a report that Grayshift, an American startup, is reporting that it too can unlock your iPhone for the cops.

Wait, I just got a phone call.  My grandmother says that she can unlock any iPhone and she will do it for free.  Just kidding about that one, but two different companies, one week apart are saying they can hack any iPhone.  This seems really strange.

Grayshift was apparently founded by some U.S. intelligence community contractors and a former Apple security engineer.

They are privately circulating a data sheet that says that if you buy their software you can unlock 300 phones for $15,000 or an unlimited number of phones for $30,000.  The cheap version (a relative term) must be used online (so, I assume, that you cannot cheat them);  the expensive version can be used offline since it doesn’t need to keep track of how many phones you have unlocked.

The software itself is called GrayKey.

Apparently, right now, GrayKey will only unlock phones running iOS 10 and 11 – which is likely the majority of iPhones, but a version that will unlock iOS 9 is coming soon.

One guess is that these firms have figured out how to hack into Apple’s Secure Enclave, the heart of the security of the iPhone.  *IF* that is true, that is a real problem.  Of course Apple could figure out what both of these firms are doing and make them start over.  In the case of GrayKey, since the system is delivered to a paying customer, if Apple engineers can, somehow, get access to the system they can probably figure out what the software exploits.

It is also speculated that the attack might be a brute force attack, meaning that it starts with “A” and goes to “B” and then “C” and so on until it unlocks the phone.  Again, *IF* this is true, the longer the password is, the harder it is to use this technique.  For example, if the password is 8 characters and only uses letters and numbers, then there are ONLY 218,340,105,584,896 or 218 trillion possible guesses.  On the other hand, a 12 character password raises that number to 3,226,266,762,397,899,821,056 or 3 sextillion possibilities.  Passwords longer than 12 characters would require even more guesses.

The moral of this story is that long passwords, even with just upper and lower case letters plus numbers and no special characters will take a long time to crack.  One article said that a 12 character password would take 200 years to crack at a billion guesses per second.  If it does take that long, even if they do succeed, you won’t care.  Using that same billion guesses a second, an 8 character password would only take 60 hours.

I think this story is not over;  stay tuned for updates.

Information for this post came from Forbes.

Facebooktwitterredditlinkedinmailby feather

The Feds (and Others) Can Probably Unlock Any iPhone Ever Made

Here’s something you don’t hear every day.

Cellebrite, a cell phone hacking vendor based in Petah Tikvah, Israel, claims that they can unlock any iPhone ever made, including the iPhone X running iOS 11.2.6 .

Cellebrite, who offers their services to the highest bidder – mostly law enforcement and governments, both ones that have a better track record with privacy and those that have a horrible privacy record such as Russia – has  made a business out of offering forensics services pretty much to anyone who’s check will clear.  That is probably being a bit unfair, but they were hacked themselves last year and from the data that was released, the statement above does not appear to be too far off.

In any case, typically the newer phones are harder to hack.  You may remember that the FBI paid someone over a million dollars to hack into the iPhone of the San Bernadino shooter after the FBI did not reach out to Apple in a timely manner and get directions on how to unlock it.  In the case of iPhones, usually waiting is your enemy because after a phone is locked for too long, extra security features kick in making it harder to unlock.

Apple adds new security features with every release, so it is especially embarrassing to Apple that their newest flagship phone – one that costs over a thousand dollars at retail – running its newest operating system can, apparently,  be popped open like a can of Coke or Pepsi.

This hacking process is typically a cat and mouse game – the hackers figure out how to break in and Apple fixes it after they find out and the process starts over.

In this case,  in order to maintain their revenue stream for as long as possible, Cellebrite has added a twist to the unlock process.

Normally the unlock features are added to their software which police departments and repressive governments license for an annual fee.  This time the agency has to send the phone to Cellebrite which will charge them a fee of around $1,500 per phone to unlock and they will return the phone unlocked.

Lets say that governments and others send them just 1,000 phones – the NY DA alone said that he had 400 phones that he would like unlocked, so that number is stupid low – then that would generate an extra million and a half dollars to their revenue for the year.

The other thing that it does is protect the bug that they found from being identified and fixed by Apple.  There are likely businesses who are friendly to Apple and who have licensed Cellebrite’s software.  If unlock feature was added to the software then Apple would connect a test phone with extra debug features to the Cellebrite software and likely figure out exactly what Cellebrite is exploiting so that they can plug the hole.

So this method – forcing the cops to write a check and send them the phone both provides a major revenue boost and preserves the bug for a longer time.

All that not withstanding, I am sure that Apple is scratching their collective heads trying to figure out what Cellebrite is doing.

And, just to be clear, this is not a theoretical issue.  Homeland Security has already written a check to get at least one iPhone X unlocked.

If you are a terrorist or someone who would prefer that the feds or other repressive governments can’t see what is on your phone, do not count on Apple to be able to provide that to you, at least for now.

Information for this post came from Forbes.

 

Facebooktwitterredditlinkedinmailby feather