HTTP Request Hijacking attack said to be simple to do against Apple IOS apps
Network World - Many Apple iOS applications are vulnerable to a man-in-the-middle attack that can result in permanent manipulation by the attacker, according to start-up Skycure, which released its research findings on this today during the RSA Europe conference.
Skycure CTO Yair Amit says many mobile iOS apps are vulnerable to a “very simple attack that relies on the 301 HTTP Response, a permanent re-direction.” If an Apple iOS app can cache these so-called 301 HTTP Re-Direct Response requests — and many popular iOS apps do, according to Skycure — then the app is vulnerable to being repeatedly hijacked via re-direction to the attacker’s server.
While this general type of man-in-the-middle attack has been known on the Web for many years, for mobile applications the result is worse in that it “persistently changes the URL” of the server and lets the attacker take dynamic control over the app, says Amit. In the information that Skycure is publishing today, the company notes the impact of the attack is basically that instead of loading data from the real site that the user wants to visit, the attacker can make the app permanently load the data from the attacker’s site.
Skycure isn’t releasing the names of the vulnerable iOS apps because this issue hasn’t necessarily been fixed. Amit says according to Skycure’s research, a significant portion of apps available through the official Apple App Store could be attacked this way. The problem is not a vulnerability in iOS itself but a coding weakness on the part of the developer.
Skycure says “HTTP Request Hijacking” of Apple iOS mobile devices such as iPhones and iPads starts with a man-in-the-middle attack, which would typically commence in a public WiFi zone, such as in a coffee shop. While a type of attack like this has been known to happen on the Web between computer-based Web browsers and Web servers for quite some time, the way a similar attack works on mobile devices hasn’t yet been subject to much scrutiny, says Amit.
He adds the implication of such an attack on news or financial information received through iOS devices is troubling.
“In a mobile application, it changes the application,” he says, adding “there’s no easy way to remove the problem.” But Skycure believes there are a number of steps that app developers can take to remediate or mitigate against it.
Among them are making sure the app doesn’t cache a 301 HTTP Re-Direct Response for re-direction. Another is to make sure the mobile device interacts with a designated server via an encrypted protocol, such as HTTPS, instead of HTTP. “If you want your application to behave differently with a server, just release an update,” he suggests. Making changes to apps to correct for this may be somewhat disruptive to the end-user, he adds.
The HTTP Request Hijacking attack on iOS that Skycure has identified may also exist in Android or other mobile-device platforms, but Skycure currently puts its focus primarily on Apple iOS. Skycure believes one danger in this type of man-in-the-middle attack on mobile devices is that it is much less visible to the victimized end-user than the more traditional computer-based form of the attack.
Source: Network World
Apple launched its iPhone 5s just a few weeks ago, although shortly after its release, users of the new iPhone have been reporting a number of issues with the device. We recently heard the motion sensors on the iPhone 5s are slightly out of whack, as well as rumors of the device possibly bending just like the iPhone 5 did when it was first released. A new issue with the iPhone 5s has come up, this time bringing the infamous “Blue Screen of Death” with it.
Yes – you read right. A number of iPhone 5s owners have taken to the Apple support forums to report they have been experiencing the blue screen of death on their devices. The most common method of experiencing the blue screen of death seems to be when iPhone 5s owners use Apple’s suite of iWork applications. One user recorded the instance and published it on YouTube, which we can see the problem seems to come up when attempting to multitask between different iWork applications. Once the iPhone 5s reaches the blue screen of death, the device automatically reboots itself, which could certainly be an issue if your neck deep in an iWork document.
At this time, Apple has yet to make any remarks towards the iPhone 5s’ blue screen of death issue, but we’ll be sure to keep an eye out for any updates regarding it.
Patch fails to resolve lockscreen vulnerabilities
A newly-documented technique lets people bypass the lockscreen in iOS 7.0.2 and dial any phone number, not just emergency numbers. The method involves waiting for a notification, or forcing one by sending a text message or ejecting the SIM card. Once the notification pops up, a hacker has to swipe right on it while simultaneously swiping up on the Camera icon. While keeping a finger on the Camera icon, a person must then slide to unlock and tap the Emergency Call button. After dialing, hitting the Call button quickly two or three times should crash Springboard, but allow the call to go through once Springboard restarts.
The v7.0.2 update was itself meant to resolve earlier lockscreen vulnerabilities. The person credited with discovering the new bug, Dany Lisiansky, notes that he also recently found a v7.0.2 vulnerability allowing someone to skip the lockscreen via Siri or Voice Control and access photos, emails, and messages. Apple has had a recurring problem with new versions of iOS enabling lockscreen bypasses, which it then has to quickly close.
By default, iOS 7 will track and record places that you visit most often to provide better location-based data such as in the Today summary of Notification Center. If you value your privacy more than you do location-based data, you can turn the feature off. Turning off features like these can also help save a bit of battery life too.
1. Launch the Settings app from the Home screen of your iPhone or iPad.
2. Tap on Privacy.
3. Now tap on Location Services at the top.
4. Towards the bottom of the next screen, tap on System Services.
5. Again, towards the bottom of the next page, tap on Frequent Locations.
6. At the top of the next screen, turn the Frequent Locations option to the Off position.
That’s all there is to it. Locations you travel to most will no longer be tracked. While this comes at the expense of not having as accurate location data in places like the Today Summary screen, it also preserves your privacy better and to a lot of us, that’s more important.
Could solar technology power our iPhones or iPads in the future? Or perhaps even Apple’s Mac computers? While that question remains unanswered for now, it seems that at the very least Apple is interested in the technology, thanks to a recent job listing on Apple’s website which calls for a “thin films” engineer who has experience in the solar industry to join Apple’s Mobile Devices group, with the job description reading, “assist in the development and refinement of thin films technologies applicable to electronics systems.”
Given that the job was for a position in the Mobile Devices division, it has been speculated that perhaps it could be used on future iPhone or iPad products, although others have suggested that maybe it could see integration in display and touch technology as well, maybe for future iWatch devices, perhaps? Solar technology is not new to Apple as the company has in the past used the technology with its data centers, so to see Apple trying to find a way to incorporate the technology into their other products would not be a stretch of the imagination.
Thinkspace, an organization created by sixteen-year-old James Anderson, seeks to “inspire the next generation of app developers” through dedicated coding zones in high schools across the globe. Anderson formally launched Thinkspace this month with campuses in Plymouth and Northern Ireland.
Anderson first came up with the idea for Thinkspace when he became disappointed with the UK educational system’s approach to computer information and related topics. Rather than attempt to change the curriculum, Anderson sought to work around it by creating “Thinkspaces” within schools.
A Thinkspace is essentially a room filled with computers and mobile devices with which students are encouraged to build whatever software they can imagine. The UK Thinkspace, located at Plymouth’s Devonport High School for Boys, contains Android devices, iPod touches, iPads, Blackberrys, and Windows Phone devices, all connected to an assortment of Mac and PC computers.
The flagship UK campus cost around £10,000, but Anderson says that almost any budget will suffice. The goal is not necessarily to build state-of-the-art development labs, but rather to provide students with a place to go in order to learn to code, collaborate on projects, and just build software.
Any school interested in establishing a Thinkspace is welcome to join the program. The only requirement is that a teacher from the school join Thinkspace Social—a development-oriented social network created by Anderson—and begin inviting students from the school. Anderson told 9to5Mac that the organization is already looking to expand internationally into Australia, Israel, Singapore, and the United States.
The Thinkspace project has gained the backing of many well-known public figures, such as Google SVP of Engineering Vic Gundotra, Apple co-founder Steve Wozniak, Twitter CEO Dick Costolo, Virgin founder Richard Branson, and top executives from other companies like Microsoft.
Anderson told Wired that he envisions Thinkspaces as a student-driven program where experienced coders can help educate the next generation of software designers and developers. He hopes to see the program spread not only across Europe, but around the world.
For more photos click the soure link below.