Google Reveals Fistful of Flaws In Apple's iMessage App (bbc.com) 41
Google researchers have shared details of five flaws in Apple's iMessage software that could make its devices vulnerable to attack. The BBC reports: In one case, the researchers said the vulnerability was so severe that the only way to rescue a targeted iPhone would be to delete all the data off it. Another example, they said, could be used to copy files off a device without requiring the owner to do anything to aid the hack. Apple released fixes last week. But the researchers said they had also flagged a sixth problem to Apple, which had not been rectified in the update to its mobile operating system.
Apple's own notes about iOS 12.4 indicate that the unfixed flaw could give hackers a means to crash an app or execute commands of their own on recent iPhones, iPads and iPod Touches if they were able to discover it. Apple has not commented on this specific issue, but has urged users to install the new version of iOS, which addresses Google's other discoveries as well as a further range of glitches and threats. One of the two Google researchers involved - Natalie Silvanovich - intends to share more details of her findings at a presentation at the Black Hat conference in Las Vegas next month.
Apple's own notes about iOS 12.4 indicate that the unfixed flaw could give hackers a means to crash an app or execute commands of their own on recent iPhones, iPads and iPod Touches if they were able to discover it. Apple has not commented on this specific issue, but has urged users to install the new version of iOS, which addresses Google's other discoveries as well as a further range of glitches and threats. One of the two Google researchers involved - Natalie Silvanovich - intends to share more details of her findings at a presentation at the Black Hat conference in Las Vegas next month.
Re: Not news (Score:1)
Lol slashdot is great for trolling. We have apk with his constant psychosis, we have idiot editors, we have autistic sjws, we have fervent pro and anti trump people, this is heaven for trolling
Mod Parent Informative (Score:1)
and unlike Android (Score:1)
millions of iPhones will have these bugs fixed within the month
Re: (Score:3)
In the last few years, Google has decoupled [computerworld.com] a lot of important APIs and system level calls from the OS. As a result, they have become much better about pushing major security changes through Google Play Services. You'll see these updates relatively frequently, and a lot of times, they are less disruptive than iOS pushing out a maintenance release which requires a full reboot. If yo
Re: (Score:1)
Boo Atari! Commodore 64 rules!
Re: (Score:2)
Actually, Google's disclosing them because Apple's already fixed them and issued a patch - iOS 12.4 fixes all but one of the bugs. Google's holding back on the last one so Apple can fix it too.
So the update should be showing up on pretty much every iPhone 5S and later already.
Bad actors (Score:2, Informative)
You cannot convince me that google security research is a white hat operation. They have too much financial interest in publicizing security flaws of their competitors. I would love to see Apple or Microsoft or whoever they do this to next to try suing Google.
Re: Bad actors (Score:2, Informative)
"Sue Google" written in permanent marker. Seriously. Evict Google from your life.
Re: (Score:2)
Who cares? Adversarial or not, the users win either way, with more secure products.
Apple wouldn't get far suing anyone for pointing out Apple's own bugs for them (it's been tried) - but if they wanted to "retaliate" by responsibly disclosing bugs in Google products, I for one would welcome that.
Re: (Score:2)
They practice responsible disclosure. Once notified a vendor has 90 days to fix the problem and start shipping patches. That strikes a balance between giving the vendor time to act and protecting users from vulnerabilities that might be discovered by others.
The alternative to Google finding these flaws is that someone else does, and either exploits them for profit or does the same thing that Google did with responsible disclosure.
What would Apple sue Google for, protecting their users?
Re: (Score:2)
Maybe just read the damn source (Score:1)
just read the report, dude
"On a Mac, this causes soagent to crash and respawn, but on an iPhone, this code is in Springboard. Receiving this message will case Springboard to crash and respawn repeatedly, causing the UI not to be displayed and the phone to stop responding to input. This condition survives a hard reset, and causes the phone to be unusable as soon as it is unlocked. The only way I could find to fix the phone is to reboot into recovery mode and do a restore. This causes the data on the device t
key point missing from clickbait headline (Score:2, Informative)
already patched, flaws not present in current version of iOS, you know the one that almost every iOS device in the world is running
Re: (Score:3)
Except where people refuse to install the "latest version" because it adds things they don't want on the phones.Things that are hard to disable.
There is no separation of "security" and "bloat" updates with Apple, just as there has been no separation in Win10 and Android.
Re: (Score:2)
Examples like multi-party Facetime sessions, which introduced a critical security flaw? Ever-increasing dependence on Siri, to the point that you now have to individually block applications from using it, rather than just shutting down Siri? An ever-increasing number of emojis?
When 12.1.x came out, none of the items listed as a new or improved feature were, to me, desirable to have on my phone. None. Things I do use, became harder to use. There are already "features" on 12.0.x that do not stay turned off (H
Re: (Score:2)
Actually Android is pretty good with separation. Most stuff can be replaced by other apps, e.g. there are open source replacements for Google services that you can use with Lineage or just install on your Android phone and disable the Google ones.
If you disable Google services you can uninstall updates to recover disk space. You usually can't completely remove them because they are part of the OS image, but the point is that you don't have to accept updates for them if you don't want to and can mitigate sec
Re: (Score:2)
Actually, thirteen [apple.com] Google-reported flaws were patched in the current iOS version. But one of them, CVE-2019-8641, is not fully fixed yet in 12.4, and has not been disclosed.
Re: (Score:2)
So, is Google trying to supplement their income by seeking bug bounties from Apple?
Unlike a full OS update, these security fixes added no bloatware to the device.
And, frankly, if someone wants to stay on an old, unpatched OS when security updates exist, well, that's their problem.
Re: (Score:2)
So, is Google trying to supplement their income by seeking bug bounties from Apple?
This is Google's Project Zero team. They attack all sorts of widely-used systems in an effort to improve the state of computer security. They don't collect bug bounties, and it's not an attempt to make Google's competitors look bad, because they attack Google's own stuff as well -- including applying their strict 90-day disclosure policy.
P0 is an essentially altruistic project, conceived and organized by leaders in Google's security organizations who are personally passionate about security and have eno
Re: (Score:2)
HERE we go, I'd like to see more of this please. (Score:3, Insightful)
More of Apple and Google spending their own money finding each other's security holes.
I liked the sequels... (Score:3)