New iPhone Attack Kills Apps, Reroutes Web Traffic 125
Trailrunner7 sends in a threatpost.com article on exploiting flaws in the way the iPhone handles digital certificates. "[Several flaws] could lead to an attacker being able to create his own trusted certificate and entice users into downloading malicious files onto their iPhones. The result of the attack is that a remote hacker is able to change some settings on the iPhone and force all of the user's Web traffic to run through any server he chooses, and also to change the root certificate on the phone, enabling him to man-in-the-middle SSL traffic from that phone. ... Charlie Miller, an Apple security researcher at Independent Security Evaluators, said that the attack works, although it would not lead to remote code execution on the iPhone. 'It definitely works. I downloaded the file and ran it and it worked,' Miller said. 'The only thing is that it warns you that the file will change your phone, but it also says that the certificate is from Apple and it's been verified.'"
Re:Heh (Score:3, Insightful)
Yes, all software has security flaws, including Linux and MacOS, which is why a many-layered approach to security is necessary to limit the scope of vulnerabilities.
Can that be used to sign ipcc and enable tethering (Score:2, Insightful)
Wasn't that the problems with tethering non-jailbroken phones?
Re:Don't worry (Score:1, Insightful)
Are you sure that's a good thing?
Re:Heh (Score:4, Insightful)
As part of the attack, the anonymous researchers obtained a signature certificate from VeriSign for a company named Apple Computer
You have to fool VeriSign first, just like any other SSL man-in-the-middle attack, so I guess it depends on what you call easy.
Re:Heh (Score:1, Insightful)
"Apple Computer, Inc" is now "Apple, Inc". So obviously any certificate from "Apple Computer" (with or without the "Inc") would be a fake.
How is this related to the iPhone? (Score:4, Insightful)
I bet the headline would get even more pageviews if they claimed this was an iPad flaw instead of iPhone.
Re:Heh (Score:3, Insightful)
Re:No danger... (Score:3, Insightful)
Re:IMPOSSIBLE (Score:5, Insightful)
Re:Heh (Score:3, Insightful)
Re:How is this related to the iPhone? (Score:4, Insightful)
The "attack" in TFA doesn't mention anything necessarily specific to the iPhone.
Yes it does:
The iPhone by default will trust configuration files that it receives over the air or while connected to a PC, as long as the file is signed by a trusted implementation of the iPhone Configuration Utility, a desktop application used to create config files for iPhones. However, the iPhone also will accept a file that is signed by a signature-only certificate