Posted by: David Harley | March 18, 2014

Azimuth* believes iOS 7 has lost the compass

At least, a paper Revisiting iOS Kernel (In)Security: Attacking the early random() PRNG, presented by Tarjei Mandt at CanSecWest, concludes that ‘an unprivileged attacker can recover arbitrary PRNG [PseudoRandom Number Generator] outputs on devices running iOS 7.’ Mandt believes that the early random PRNG in iOS 7 allows an attacker to bypass mitigations of vulnerabilities previously considered to be unexploitable. The findings are summarized in Azimuth’s blog here and an Infosecurity Magazine article here.

David Harley
Small Blue-Green World 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: