76 popular iOS apps found vulnerable to silent man-in-the-middle attacks

midian182

Posts: 9,738   +121
Staff member

When it comes to app security, iOS is generally considered safer than Android. But that doesn’t mean all software on Apple’s system is without its vulnerabilities. Researchers at Sudo Security Group Inc. discovered that 76 applications in the iOS App Store were vulnerable to silent man-in-the-middle attacks.

In his blog post, Sudo CEO Will Strafach explains that the discovery was made through the firm’s verify.ly service, which bulk scans the binary code of applications within Apple’s Store. The number of affected apps account for at least 18 million downloads.

The vulnerability is a result of the apps’ poorly implemented networking code, allowing it to accept any certificate to establish an encrypted connection. Attackers within close proximity of a vulnerable device could inject an invalid TLS certificate to intercept the user’s data. Strafach explains that the attacks could be carried out using either custom hardware, or a modified smartphone, and he notes that Apple’s App Transport Security feature won’t block the certificate as it sees a valid TLS connection, even when it’s not.

33 of the apps have been classed as low risk because the vulnerable data is only partially sensitive analytics data about the device. These include a number of third-party Snapchat applications, such as Uploader for Snapchat, as well as Vice news, several VPNs, and Trading 212 Forex & Stocks.

The remaining apps fall into the medium/high-risk category. Strafach has not published their names as he wants to reach out to the apps’ developers and companies first so they can address the problems.  "Currently, this list is only available to limited parties due to sensitivity," he wrote. "I have been in touch with MITRE and will follow up later with a listing of the CVE IDs for affected iOS applications of which data interception would be considered medium risk or high risk."

Strafach recommends that iOS users switch off Wi-Fi when in public to avoid untrusted connections. While the vulnerability does still exist on cellular connections, interception is much more difficult and unlikely.

Permalink to story.

 
No man, it can't be. I don't believe it for a second because I've been told by reliable, believable and credible iSheep who know nothing about this sort of thing that these things can't happen on iPhones. ;)
 
At this point I think it's pretty clear stock iOS and stock Android are both practically open doors for the intelligence community if there is deemed a high priority target. All it takes is a little time, a lot of money, and the protections in place are as good as gone.
 
At this point I think it's pretty clear stock iOS and stock Android are both practically open doors for the intelligence community if there is deemed a high priority target. All it takes is a little time, a lot of money, and the protections in place are as good as gone.
If it's not fully open source, then any other security measures are meaningless.
 
If it's not fully open source, then any other security measures are meaningless.
Open source is only as good as the people behind the project. Let's face facts here people, security bug hunting is a boring thankless job. Nobody wants to do it unless they're getting paid to look at thousands upon millions of lines of code.
 
No man, it can't be. I don't believe it for a second because I've been told by reliable, believable and credible iSheep who know nothing about this sort of thing that these things can't happen on iPhones. ;)
The OS itself may be secure but if the apps running on it aren't, it doesn't help squat. It's just like how Linux has been said to be secure but how many times have we seen Linux servers be exploited because of the software running on top of it.

Apache? PHP? OpenSSL? Yep, that's just three piece of software that run on Linux that have been cracked wide open to do God knows what crap to Linux servers.

And besides, this can easily have happened on Android as well. This is what happens when you let people who know nothing about how to write good secure code write apps. Bad things happen.
 
The OS itself may be secure but if the apps running on it aren't, it doesn't help squat. It's just like how Linux has been said to be secure but how many times have we seen Linux servers be exploited because of the software running on top of it.

Apache? PHP? OpenSSL? Yep, that's just three piece of software that run on Linux that have been cracked wide open to do God knows what crap to Linux servers.

And besides, this can easily have happened on Android as well. This is what happens when you let people who know nothing about how to write good secure code write apps. Bad things happen.
Nothing, absolutely no OS is 100% secure. If it was designed by man, it has it's flaws and can be breached.
 
Back