Apple Security
Ping!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Posted on 03/25/2016 8:52:29 PM PDT by Swordmaker
The iMessage vulnerability got a lot of attention, but another bug allows for remote execution over Wi-Fi, which is a much bigger threat.
Apple released new versions of several operating system products earlier this week, fixing vulnerabilities in OS X El Capitan and iOS 9 among others.
Because encryption and Apple are big news these days, the attention mostly went to an admittedly interesting flaw in Apple's encryption for iMessage, reported by a research team, led by well-known cryptographer Matthew Green. But the bug is not an easy one to exploit and doesn't even expose a lot.
There are much scarier vulnerabilities in this week's disclosures. Perhaps at the top of the list are CVE-2016-0801 and CVE-2016-0802, attributed to an anonymous researcher. Through this bug "[a]n attacker with a privileged network position may be able to execute arbitrary code."
In fact, the bug is in a Broadcom Wi-Fi driver as described on source.android.com in the fix it issued on February 1:
Multiple remote execution vulnerabilities in the Broadcom Wi-Fi driver could allow a remote attacker to use specially crafted wireless control message packets to corrupt kernel memory in a way that leads to remote code execution in the context of the kernel. These vulnerabilities can be triggered when the attacker and the victim are associated with the same network. This issue is rated as a Critical severity due to the possibility of remote code execution in the context of the kernel without requiring user interaction.
Now that's scary! You're on a Wi-Fi network, perhaps a public one but not necessarily, maybe even on a VPN, and any other user on that network can cause your computer to execute kernel-level code. It doesn't get much more vulnerable than that. Patch. Right. Now.
We wrote about the Android fix at the time. That means for almost 7 weeks this bug was disclosed and vulnerable in iOS, OS X, tvOS and WatchOS, not to mention who knows how many other companies' products. The Android disclosure comes with helpful links to the source code fixes, perhaps making things easier for attackers.
And remember, these bugs were disclosed by the Android Project along with fixes for Google's Nexus devices. What about other devices where the fixes are issued by carriers? I see no fixes since then for my AT&T Samsung Galaxy S4.
The best advice I can give you, as I would have given you anyway, is to patch quickly. If patches are not available, then cross your fingers. That's about all you can do.
I do not use iMessage, so I should be ok, correct?
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
So if you don’t allow your iPhone to connect to wi-fi, you’re cool, yes?
This one is not about the iMessage vulnerability but that was not really a problem at all. To gain the iMessage key required someone with actual access to an iPhone to send the same photo thousands of times through a man-in-the-middle fake server to another Apple device, subtly changing the photo each time so they could see what the server got each time. From that, they could eventually figure out what the 128bit AES encryption key was. This was not a likely scenario for anyone to intercept the average user's iMessages.
If you sent any messages at all on an iPhone, you've used iMessage. It will either go normal message through the cell carrier, or encrypted iMessage through Apple's servers.
The bug is in Broadcom's routers. If you are using someone else's routers, you're cool. Yes. . . and for the most part, if you're using a secure router setup you're cool also. I generally will not use any WIFI in public. It may claim to be secure, but who knows who owns the service.
This affects all but Nexus Android devices as the fix has not been applied to the vast majority of those Android devices. . . likelihood is it also has issues with some Windows installs.
... as I had hoped. Thank you.
You an connect to wifi - just use caution on public/non-secure/non-password protected wifi. Even then - it isn’t as simple as these alarmists pieces make it sound.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.