Weak Apple PRNG Threatens iOS Exploit Mitigations 143
Trailrunner7 writes "A revamped early random number generator in iOS 7 is weaker than its vulnerable predecessor and generates predictable outcomes. A researcher today at CanSecWest said an attacker could brute force the Early Random PRNG used by Apple in its mobile operating system to bypass a number of kernel exploit mitigations native to iOS. 'The Early Random PRNG in iOS 7 is surprisingly weak,' said Tarjei Mandt senior security researcher at Azimuth Security. 'The one in iOS 6 is better because this one is deterministic and trivial to brute force.' The Early Random PRNG is important to securing the mitigations used by the iOS kernel. 'All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG,' Mandt said. 'It must provide sufficient entropy and non-predictable output.'"
Why do we have all these custom PRNGs? (Score:2, Interesting)
Why don't we decide on a handful of strong PRNGs, and make every major OS use them exclusively, and in the case you really need something fast/psuedo-random you have to use a source/API explicitly named "insecure_rng".
That's both Android and iOS fallen victim to poor PRNGs in the last year..
Re:Why do we have all these custom PRNGs? (Score:3, Interesting)
Who is going to do that... the cryptography police?
Crypto and security guys are an opinionated lot. Getting everyone to agree to some kind of standard is unlikely.
Not responsible disclosed (Score:4, Interesting)
"Mandt said he did not disclose the issue to Apple"
We really need to stop paying people — directly or indirectly — for irresponsible disclosure.