Posted by: David Harley | September 18, 2014

iOS 8 security

Hat tip to Artem Baranov for drawing my attention to Apple’s September 14th document on iOS 8 security, and also a KnowledgeBase article About the security content of iOS 8.

In a loosely related vein, Apple explains its privacy policy here, (By way of John Gruber , who also quotes an interesting snippet from Tim Cook in Tim Cook on Apple and Privacy.

David Harley

Posted by: David Harley | September 16, 2014

Appbuyer iOS malware

This is one more item I intended to include in the security roundup I just posted here.

Palo Alto Networks recently posted an article on AppBuyer: New iOS Malware Steals Apple ID and Password to Buy Apps, a malware family discussed by Weiphone back in May 2014 that affects jailbroken devices. Apparently. I don’t read Chinese, so much of that blog means nothing at all to me… Palo Alto’s article mentions its own  quick introduction but that was published in a closed group of which I’m not a member.

Still, the new(-ish) analysis is quite thorough and well worth a look.

David Harley

Posted by: David Harley | September 16, 2014

Security roundup

Since I’ve been busy with other things in the past few weeks, I’ve kind of let this site slip a bit, so here a few of the things that caught my eye over that period, even if they didn’t catch it long enough for me to write the stories.

David Harley
Small Blue-Green World

Posted by: David Harley | August 21, 2014

Apple on message, spammers on iMessage?

Robert McMillan reports for Wired that Apple’s iMessage Is Being Taken Over by Spammers.

I haven’t used it, but iMessage sounds like a nice messaging app for communication between devices running iOS or OS X, as long as you stick with those platforms. However, Cloudmark now claims that it carries 30% of all mobile spam, because it’s so easy to use a Mac to send messages to multiple addresses using an Applescript. AppleInsider, however, asserts that the Report claims iMessage spam on the rise, but little evidence appears in support, citing Cloudmark’s previous admission that its tracking database may not distinguish well between iMessage spam and SMS spam, and low traffic related to the issue on Apple forums.

John Gruber also thinks that the title of the Wired article rather overstates it, though he has some (unspectacular) personal experience of iMessage spam.

David Harley
Small Blue-Green World

Posted by: David Harley | August 16, 2014

To Jailbreak or not to Jailbreak?

If you’re wondering whether it’s worth jailbreaking your iGadget in order to break away from Apple’s iron-fisted control, you might want to read Graham Cluley’s blog for Intego: Don’t Jailbreak Your iPhone if You Want to Stop Government Spyware.

In fact, while not all iOS malware has been dependent on the victim device being jailbroken, that iron fist does seem to reduce the risks.

David Harley
Small Blue-Green World

Posted by: David Harley | August 15, 2014

I Can Name that iTune in – Oh, I’m Infected…

Researchers at the Georgia Institute of Technology will present a paper at Usenix on 20th August On the Feasibility of Large-Scale Infections of iOS Devices. The abstract asserts that “…infecting a large number of iOS devices through botnets is feasible. By exploiting design flaws and weaknesses in the iTunes syncing process, the device provisioning process, and in file storage…”

I look forward to reading the paper after it’s presented, but it seems to me a bit of a stretch from demonstrating that a single compromised Windows machine can be used to install malicious apps and steal data, to asserting that that ‘23% of bots will eventually have connections with iOS devices, thus making a large scale infection feasible’. That assertion is based on the statement that  ‘23% of bot IP addresses demonstrate iOS device existence and Windows iTunes purchases’, which isn’t at all the same thing. I don’t say that large scale infection isn’t possible, but first there has to be a large scale infection of Windows devices with malware ultimately and specifically targeting iOS devices.

In fact, I’m more in sympathy with John Leyden’s suggestion in The Register that ‘smaller scale attacks are much more likely to escape notice and therefore arguably present the biggest concern…’

An article in Computer World by Jeremy Kirk notes that one of the researchers observed that ‘they conducted their research using iOS devices connected to Windows, since most botnets are on that platform, but their attack methods also apply to OS X’.

David Harley
Small Blue-Green World

Posted by: David Harley | August 14, 2014


A nice analysis on the Virus Bulletin site by Axelle Apvrille of the surprisingly widespread malware iOS/AdThief (a.k.a. Spad, though I personally hate it when the malware author gets to choose the name of the threat): Paper: Inside the iOS/AdThief malware. Sparked by earlier research by Claud Xiao.

As good an argument for not jailbreaking your iGadget as I’ve come across to date.

Articles that also refer:

David Harley
Small Blue-Green World

Posted by: David Harley | July 23, 2014

iOS through the backdoor?

[Update: useful commentary on the same issue for the Sophos blog from John Zorabedian here: iSpy? Researcher exposes backdoor in iPhones and iPads]

The Register has updated its article – HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – from earlier in the week regarding Jonathan Zdziarski’s paper claiming that iOS devices contain data discovery tools that could be (mis)used, especially by adept government snoopers.

Apple has responded (according to El Reg) that “…services identified by Zdziarski are not deliberately provided for government agencies to exploit. Instead, they are for “diagnostic” purposes and to allow enterprise IT bods to manage workers’ devices.” (Ah: so it’s all the fault of security-minded commentators advising that CYOD is better than BYOD, huh?) However, Zdziarski is not convinced, citing the lack of user control over the feature.

David Harley
Small Blue-Green World

Posted by: David Harley | July 18, 2014

Ripening of the Big Blue Apple

big blue apple 2

Gavin Clarke’s article for The Register seems to have more typographical errors than any Register article I’ve ever seen (guys, it’s a colour palette, not a colour pallet!), but it does make some interesting points about the new era of Apple/IBM cooperation, mobile computing, BYOD and CYOD (Choose Your Own Device), Microsoft’s flagging impetus, and so on.

Why has sexy Apple gone to bed with Big Boring IBM?

Meanwhile, over at Daring Fireball, John Gruber has assembled an impressive array of commentary on the Apple and IBM marriage of convenience, among other things. I don’t always agree with Gruber, but he’s usually well worth reading and certainly keeps his eye on the journalistic workspace.

David Harley
Small Blue-Green World

Posted by: David Harley | June 24, 2014

iOS Activation Lock

Graham Cluley imparts some useful information for Intego’s blog: iPhone thefts drop in major cities as result of iOS 7′s Activation Lock. As it happens, I was asked about the Microsoft/Google kill switch and was slightly sceptical about some of the conclusions based on the Attorney General’s statistics, but as far as the iPhone is concerned, the implementation of the Activation Lock has certainly coincided and maybe resulted in a sizeable reduction in attacks targeting iPhone users. In any case, Graham’s summary of the iPhone mechanism is well worth reading if you have an iPhone.

David Harley
Small Blue-Green World

Older Posts »



Get every new post delivered to your Inbox.

Join 37 other followers