or Connect
AppleInsider › Forums › Mobile › iPhone › Apple's iOS 7 to patch 'power adapter' security flaw demonstrated at Black Hat convention
New Posts  All Forums:Forum Nav:

Apple's iOS 7 to patch 'power adapter' security flaw demonstrated at Black Hat convention

post #1 of 15
Thread Starter 
Apple said it will roll out a fix to a relatively obscure security flaw that allows hackers to access sensitive information on an iPhone or iPad via a "modified charger," with the patch already instituted in the latest iOS 7 beta.

Beaglebone
Example of BeagleBoard computer used in Mactans hack.


As reported by Reuters, Apple will have a fix ready for a security hole that lets nefarious parties insert malware onto an iOS device when it is attached to a small Linux computer made to look like a power adapter. The hack, called Mactans, was demonstrated at the 2013 Black Hat convention on Wednesday.

Apple was previously made aware of the vulnerability by the three Georgia Institute of Technology researchers who discovered it earlier this year. The company said a patch for the flaw is already present in the latest iOS 7 beta.

"We would like to thank the researchers for their valuable input," Neumayr said.

According to Billy Lau, one of the researchers responsbile for the discovery, the custom-built charger is packed with a $45 BeagleBoard computer programmed to install malicious software onto any iOS device. He said the unit took one week to design.

From Lau's Black Hat demo brief:

This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off.



In Wednesday's demo, the fake charger infected an iPhone 5 running iOS 6 with a virus, which subsequently directed it to dial the phone number of one of the researchers.

"It can become a spying tool," said Lau.

As for Apple's fix, Lau said iOS 7 will notify users when they are connected to a computer, rather than a regular charger, making it easier to distinguish an attempted hack.

Black Hat holds annual conventions around the world to bring together top security professionals for training, briefings and workshops.
post #2 of 15
Note to self don't use any cheapo knock off chargers or bum any charges from strangers
post #3 of 15
I wish this new feature would allow me to 'always trust' a certain computer. e.g. my work PC. I'm asked to trust it *every* time I plug in for a charge. Thankfully, I'm not asked if I trust my Mac at home (probably because it contains the iTunes install I sync to).
post #4 of 15
"We would like to thank the researchers for their valuable input," Neumayr said."

Who's Neumayr?
post #5 of 15
Does the lightning connector provide any security in a case like this?
post #6 of 15
Quote:
Originally Posted by Chick View Post

Does the lightning connector provide any security in a case like this?

Don't know, but since it has a chip in it maybe its possible to update the software on it?
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
How to enter the Apple logo  on iOS:
/Settings/Keyboard/Shortcut and paste in  which you copied from an email draft or a note. Screendump
Reply
post #7 of 15

Easy solution for any device: take a USB extension cable or lightning cable and cut the two data wires. Now use that cable anytime you're charging or connecting to an untrusted device.

post #8 of 15
Quote:
Originally Posted by macinthe408 View Post

"We would like to thank the researchers for their valuable input," Neumayr said."

Who's Neumayr?

 

Apple Spokesman according to better written articles. ;)

post #9 of 15
So if this technique can be used to "install malicious software onto any iOS device" it could be used to jailbreak an Apple TV 3 - right? Somehow I don't think the method applies to ANY iOS device. (and we know the Apple TV doesn't need to charge, has no battery, and uses line voltage)
Edited by snapplez - 7/31/13 at 11:53pm
post #10 of 15
Quote:
Originally Posted by konqerror View Post

Easy solution for any device: take a USB extension cable or lightning cable and cut the two data wires. Now use that cable anytime you're charging or connecting to an untrusted device.

 

As I guess most people buy extra cables in order to charge away from their syncing computer, it would probably be a good marketing idea to sell lightning cables that are only designed to charge and market them as such.

post #11 of 15
Quote:
Originally Posted by konqerror View Post

Easy solution for any device: take a USB extension cable or lightning cable and cut the two data wires. Now use that cable anytime you're charging or connecting to an untrusted device.

 

Correction: I thought about it and you can't cut it for an Apple device, though some other ones you can. Some devices you just need to tie the two data lines together. For Apple, you have to use four resistors between each data line and the power wires for the proper signal, but it's still doable.

post #12 of 15

This link gives more info: http://arstechnica.com/security/2013/07/trusting-iphones-plugged-into-bogus-chargers-get-a-dose-of-malware/ .

 

A locked iPhone (as it should be) wouldn't accept the data connection and can't be infected, so no need for iOS7.

It seems that Apple has to fix two other things: one, the user should be informed and be able to allow or deny if sensitive information like a UDID or email address etc. is requested, two, provisioning profiles should be generated for an apple ID and accompanied password combination not for a specific UDID. (Note that use of UDIDs by applications is already phased out by Apple.) 

post #13 of 15
Now all those "handy" charging stations in airports and other public access settings seem a little less friendly. 1smile.gif
--Larry
Reply
--Larry
Reply
post #14 of 15
Quote:
Originally Posted by Phone-UI-Guy View Post

 

Apple Spokesman according to better written articles. ;)

Apparently accuracy isn't important even when copying from another site.

post #15 of 15

I am surprised this article didn't take the opportunity to point out the sheer millions of iphones that will be patched when IOS7 is released. 1tongue.gif

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple's iOS 7 to patch 'power adapter' security flaw demonstrated at Black Hat convention
AppleInsider › Forums › Mobile › iPhone › Apple's iOS 7 to patch 'power adapter' security flaw demonstrated at Black Hat convention