This week, we learned that the notorious Israeli cyber-arms-dealer NSO Group had figured out how hijack your Iphone or Android phone by placing a simple Whatsapp call, an attack that would work even if you don’t answer the call.
Apple has received a lot of praise for the security of its Ios devices, which are said to be so secure in part because of Apple’s walled garden strategy, which prevents Iphone owners from running third-party software unless it comes through Apple’s App Store; and which limits who can repair Apple devices, and whether they can use third-party replacement parts. All of this control is said to produce a much more limited attack surface, with fewer bugs, which are corrected more quickly.
However, there are several cyber-arms-dealers that are in the business of selling exploits to hijack control over Apple’s products, from Cellebrite to Grayshift to NSO Group. These companies keep the bugs they exploit a secret, making it harder for Apple to repair them.
Meanwhile, security researchers who want to develop tools to perform forensics on Apple products to determine whether they have been compromised with one of these cyber-weapons are out of luck: Apple blocks the forensic apps from the App Store, and kicks the few that sneak in. That means that in order to test an Apple device, the user first has to jailbreak it — and jailbreaking Apple devices has gotten harder and harder, as Apple defends its own security (against competing App Stores) while weakening its users’ security.
Fundamentally, Apple’s security model treats owners of Ios devices as potential attackers and goes to enormous lengths to prevent someone who owns an Ios device from ever learning exactly how it works, so that some processes can run in areas that users can’t inspect or control (those processes prevent users from using their Ios devices in ways that benefit them at the expense of Apple’s shareholders). If an attacker manages to hijack an Iphone, the attacker’s code can run in this special mode that is supposed to be reserved for Apple’s own user-control programs, and take advantage of all the anti-user countermeasures Apple has built to protect itself.
This isn’t unique to Apple: it’s a trait shared by any devices that are designed to control their owners, from inkjet printers to Teslas. If your device is designed to actively prevent you from knowing what it’s doing and reconfiguring it to do your bidding, then “bad guys” who take over the device will be able to attack you without you knowing what they’re doing and reconfiguring your device to kick them out.
Several iOS security researchers who spoke with Motherboard agree that the iPhone is too locked down for its own good. That makes it very hard for even experts to tell if a device has been compromised without jailbreaking it first, a feat that is not feasible for most users anymore.
“The bad guys will find a way in one way or another. Shouldn’t we enable the good guys to do their job?” said Zuk Avraham, a security researcher who studies iOS attacks, and who is the founder of ZecOps and Zimperium.
Avraham said that in the last few months he’s seen a lot of targeted attacks against iPhone users, so many that is “mind-blowing.” He declined to provide more evidence or details about the attacks, however.
Jonathan Levin, a researcher who has written books about iOS and macOS internals and security and provides training on iPhone security, said that in his opinion, so few iOS zero-days have been caught because they are worth a lot of money, and thus more likely to be used in targeted attacks.
It’s Almost Impossible to Tell if Your iPhone Has Been Hacked [Lorenzo Franceschi-Bicchierai/Motherboard]
A year after Meltdown and Spectre, security researchers are still announcing new serious risks from low-level chip operations
Spectre and Meltdown are a pair of chip-level security bugs that exploit something called “speculative execution,” through which chips boost performance by making shrewd guesses about which computer operations are performed together.
The DOJ has indicted three former Verizon and AT&T employees for alleged membership in a crime-ring known as the “The Community”; the indictment says the telco employees helped their confederates undertake “port-out” scams (AKA “SIM-swapping” AKA “SIM hijacking”), which allowed criminals to gain control over targets’ phone numbers, thereby receiving SMS-based two-factor authentication codes.
Warren Buffet is famous for identifying the need for businesses to have “moats” and “walls” around their profit-centers to keep competitors out, and data-centric companies often cite their massive collections of user-data as “moats” that benefit from “network effects” to make their businesses good investments.
When you’re half-asleep, nighttime bathroom breaks can get messy or even painful without a light. But let’s face it: Nobody wants to think about their bathroom any more than they have to. That’s why the LooLoo Automatic Toilet Freshener & Night Light might be one of the most useful gadgets you never knew you needed. […]
Tired of bulging pockets? It seems crazy that we’re carrying around tiny AI computers in one pocket, while the other one is overstuffed with cash, cards and old receipts held together by a flimsy piece of cloth or leather. The bad news is, most of us still need those cards (and occasionally, even the cash). […]
Ask any webmaster, photographer or graphic designer: Adobe Photoshop is about so much more than touching up pictures. If you want to learn a wide array of marketable skills in this essential software, there’s no better way than to dive in with the Complete Photoshop Master Class Bundle 2019. Even if you’ve never so much […]