Black Hat hackers break into any iPhone in under a minute, using a malicious charger | ExtremeTech

More iOS flaws: Recently discovered security vuln. allows access to an up-to-date iOS device via a ‘modified’ charger, specifically a Beagle-board (Linux on ARM) within a minute (http://goo.gl/0ugYb). For maximum effect, you could set up a ‘charging station’ in a crowded location, then use the device to install invisible apps in the drawer, to forward information on later.

The prior security hole was iOS devices ‘by default’ broadcasting their recent history of connected SSID’s to everybody nearby, for reasons unfathomable. Of course, this allows anybody nearby some degree of geolocating your home/work, not to mention MITM attacks – the best kind. And changing your SSID name doesn’t help. And yet another iPhone SIM exploit before that one (search Mobileconfig exploit).

Then there’s the multiple iOS passcode bypasses this year (search iOS7 lockscreen bypass). Or ‘randomly’ generated iOS hotspot passwords which can be cracked in less than a minute because of an insufficiently large word list (search iOS hotspot bypass).
 
There’s a clear trend here – Vulnerability is discovered by researchers, they inform vendor out of goodwill (ie. Apple), vendor does/does not acknowledge, when questioned, will respond with a blanket: “It will probably be fixed in next release, don’t ask for an ETA”. In the meantime, distract people with colourful icons and adjectives. Closed source, minimal communication, lock-in complete. Profit.

Apple has a trend of valuing user experience and convenience above all. But for many, ignorance is bliss. Or maybe they have too much content locked deep in the ecosystem to easily migrate. 

Black Hat hackers break into any iPhone in under a minute, using a malicious charger | ExtremeTech

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s