Posted by: David Harley | March 18, 2014

Azimuth* believes iOS 7 has lost the compass

At least, a paper Revisiting iOS Kernel (In)Security: Attacking the early random() PRNG, presented by Tarjei Mandt at CanSecWest, concludes that ‘an unprivileged attacker can recover arbitrary PRNG [PseudoRandom Number Generator] outputs on devices running iOS 7.’ Mandt believes that the early random PRNG in iOS 7 allows an attacker to bypass mitigations of vulnerabilities previously considered to be unexploitable. The findings are summarized in Azimuth’s blog here and an Infosecurity Magazine article here.

David Harley
Small Blue-Green World

http://en.wikipedia.org/wiki/Azimuth 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: