To be honest, if I give a perfect stranger my unlocked phone and then watch while they jailbreak it so they hacK replace “components” of the contacts app, then I’d be a lot more worried about my mental state than hacking my contacts list.
Travelling to the current USA would be a scenario in which this can happen easily.
"In other words, the bug has been considered unimportant because it was believed it could only be triggered by an unknown application accessing the database, and in a closed system like iOS, there are no unknown apps. However, Check Point's researchers then managed to make a trusted app send the code to trigger this bug and exploit it."
...and this app is in the app store?
My reading of that is that they made a malicious app, signed it with their developer certificate, and installed it on an unlocked phone that wasn’t jailbroken that they have physical access to. Any developer can do that. Getting said malicious app into the App Store where other people could be exposed to it is a MUCH higher bar.
The problem with this sort of story is that the devil is in the details, and nobody cares about the details, particularly those who would profit from not caring about the details. It would seem that, considering the details discussed here, this is a very, very low probability exploit that would be difficult to carry out, requiring that the hacker have full, unfettered access to the device before doing a “hack” to gain access to the device. So probably most people don’t need to worry about this.
Meanwhile, “Forbes” now has an article -based entirely on this AppleInsider story- with a headline “Warning Issued for Apple’s 1.4 Billion iPad and iPhone Users.” The article then breathlessly relates that every device running iOS 8 through 13 is vulnerable. They then quote Tim Cook saying that there are 1.4 billion iOS devices out there, and stringing that into their premise in such a way that a careless reader will come away with the impression that Cook himself is confirming that every one of those devices is vulnerable and sure to be hacked. They mention nothing about a presumptive hacker first needing to borrow your unlocked device for a while so they can manually corrupt your contacts app.
Prepare for more breathless coverage this week, claiming Apple has left everyone vulnerable (and never mentioning the constant actual vulnerability of open OS devices like Android). Your best bet is to not worry about this “vulnerability” at all, but to wait a few days and buy some Apple stock after it drops. That’s likely what the folks at Forbes and other similar outlets will be doing, because that’s probably the reason they’ve published tripe like this. Click-bait gets a few advertising dollars, but scare mongering about Apple can create a nice stock price dip that will most assuredly go back up after people forget about this because nothing bad ever actually happened. That’ll make them way more money than their click-bait webpage ads.
Since AppleInsider is cited as the (misrepresented) source of this, it might behoove them to add an update at the top of this article, making it more clear what the actual risk to users really is, rather than leaving it to people to dig into the details to figure it out for themselves.
It will not matter, people do not do any research on their own. What is more interesting is media has been undermining their credibility for the last 30 years to the point they write based on how they feel first and hope to fact check later. Most people are still willing to take any written story on its face and not question the source of the information or even if the information makes sense. Most people are too lazy to do the work to know what they read and hear is true.
AI usually does a pretty good job of presenting as much of the facts as they know at the time, even this one is a story about some researchers who obviously did not do their full fact checking since someone has already pointed out Apple may have already closed the door on this one. If they demo the issue then maybe Apple did not fully close the door.
The problem with this sort of story is that the devil is in the details, and nobody cares about the details, particularly those who would profit from not caring about the details. It would seem that, considering the details discussed here, this is a very, very low probability exploit that would be difficult to carry out, requiring that the hacker have full, unfettered access to the device before doing a “hack” to gain access to the device. So probably most people don’t need to worry about this.
Meanwhile, “Forbes” now has an article -based entirely on this AppleInsider story- with a headline “Warning Issued for Apple’s 1.4 Billion iPad and iPhone Users.” The article then breathlessly relates that every device running iOS 8 through 13 is vulnerable. They then quote Tim Cook saying that there are 1.4 billion iOS devices out there, and stringing that into their premise in such a way that a careless reader will come away with the impression that Cook himself is confirming that every one of those devices is vulnerable and sure to be hacked. They mention nothing about a presumptive hacker first needing to borrow your unlocked device for a while so they can manually corrupt your contacts app.
Prepare for more breathless coverage this week, claiming Apple has left everyone vulnerable (and never mentioning the constant actual vulnerability of open OS devices like Android). Your best bet is to not worry about this “vulnerability” at all, but to wait a few days and buy some Apple stock after it drops. That’s likely what the folks at Forbes and other similar outlets will be doing, because that’s probably the reason they’ve published tripe like this. Click-bait gets a few advertising dollars, but scare mongering about Apple can create a nice stock price dip that will most assuredly go back up after people forget about this because nothing bad ever actually happened. That’ll make them way more money than their click-bait webpage ads.
Since AppleInsider is cited as the (misrepresented) source of this, it might behoove them to add an update at the top of this article, making it more clear what the actual risk to users really is, rather than leaving it to people to dig into the details to figure it out for themselves.
It will not matter, people do not do any research on their own. What is more interesting is media has been undermining their credibility for the last 30 years to the point they write based on how they feel first and hope to fact check later. Most people are still willing to take any written story on its face and not question the source of the information or even if the information makes sense. Most people are too lazy to do the work to know what they read and hear is true.
AI usually does a pretty good job of presenting as much of the facts as they know at the time, even this one is a story about some researchers who obviously did not do their full fact checking since someone has already pointed out Apple may have already closed the door on this one. If they demo the issue then maybe Apple did not fully close the door.
This is essentially a non-story anyway. I thought I recalled some mention of Apple already "fixing it" tho perhaps not 100% yet? The SQLite flaw was so basic and the use of the software so prevalent Google for instance had their own Android security issue with it demonstrated at the same event, and they too have already fixed it. I think Microsoft also had to address it.
The internet is always looking for the next story, but far to many blogs want to fluff up the facts because scare tactics get clicks.
Stagefright was the poster child for overwrought concern articles. Warning, Warning! Danger!
The original CVE document (here) just hasn't been re-verified yet to confirm the fixes. That's not a fault of Apple's.
Did the researchers miss this, too?
The researchers note that the vulnerability was mitigated by vendors under the assumption that the bug could only be triggered by an untrusted source. It sounds like the researchers managed to insert a SQL command as text into the chosen SQLite db; since the contents of the db don't have to be signed (and quite possibly can't be) the SQLite engine will trust the command and bypass the security measures in place.
The Contacts app was probably chosen because it's (a) a very simple schema that is (b) in possession of clearly sensitive data that (c) the wider public has already acknowledged is a bad thing to have exposed (unless it's FaceBook that does it).
Comments
AI usually does a pretty good job of presenting as much of the facts as they know at the time, even this one is a story about some researchers who obviously did not do their full fact checking since someone has already pointed out Apple may have already closed the door on this one. If they demo the issue then maybe Apple did not fully close the door.
The internet is always looking for the next story, but far to many blogs want to fluff up the facts because scare tactics get clicks.
Stagefright was the poster child for overwrought concern articles. Warning, Warning! Danger!
The Contacts app was probably chosen because it's (a) a very simple schema that is (b) in possession of clearly sensitive data that (c) the wider public has already acknowledged is a bad thing to have exposed (unless it's FaceBook that does it).