advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: jh
Date: August 11, 2019 11:08AM
Don't know if this has already been posted:

Link Here

Apple is having a bad week. Just days after Face ID was hacked and the company’s “user-hostile” iPhone battery practices were exposed, an extraordinary story of Apple neglect has resulted in a warning every iPhone and iPad user needs to know about.
Picked up by AppleInsider, security firm Check Point has revealed it has found a way to hack every iPhone and iPad running iOS 8 right up to betas of iOS 13. This spread covers eight years of devices (iOS 8 supports the 2011 iPhone 4S) and, with Tim Cook stating there are 1.4BN active iOS devices around the world, this is worrying news for the owners of pretty much all of them.

What Check Point discovered is that the Contacts app built into iOS can be exploited using the industry-standard SQLite database so that any search of Contacts can trick the device into running malicious code capable of stealing user data and passwords.

“SQLite is the most wide-spread database engine in the world,” said Check Point. “It is available in every operating system, desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.”

But the real shocker is why the Contacts app vulnerability exists in the first place: it capitalises on a known bug which Apple has failed to fix for four years.
“Wait, what? How come a four-year-old bug has never been fixed?” write Check Point’s researchers in their report. “This feature was only ever considered vulnerable in the context of a program that allows arbitrary SQL from an untrusted source and so it was mitigated accordingly. However, SQLite usage is so versatile that we can actually still trigger it in many scenarios.”

In short: Apple got sloppy. As AppleInsider explains: “the bug has been considered unimportant because it was believed it could only be triggered by an unknown application accessing the database, and in a closed system like iOS, there are no unknown apps. However, Check Point’s researchers then managed to make a trusted app [the ubiquitous Contacts app] send the code to trigger this bug and exploit it.”

Yes, it’s a lazy oversight with potentially serious consequences. For now, the saving grace is hackers need access to your unlocked iPhone or iPad to exploit it but this may change. After all, just last month six flaws were found in iMessage which allowed hackers to read your files from anywhere and one of them remains unpatched to this day.

All of which puts Apple in an uncomfortable situation. The company has long touted security as a major selling point over rivals, but the holes keep coming and when this one comes off the back of four years of inaction, it’s not a good look.

Your move, Apple.
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: Sarcany
Date: August 11, 2019 11:45AM
They missed their chance.

Apple just announced an improved bug bounty.

Too late to claim it, tho. Can't make the bug public first.



Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: rich in distress
Date: August 11, 2019 11:53AM
ROTFL!!
The only thing this piece proves is that iOS overall approach to security is the best environment around.
Your move, Forbes.



• back to confinement
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: datbeme
Date: August 11, 2019 12:03PM
Here's the bare bones Apple Insider article without Forbes' sensationalism and fear-mongering. Needs to be fixed, but it doesn't sound nearly as threatening.

[appleinsider.com]

I guess Forbes needs to branch out from those best/worst college top ten lists and the top 100 towns to live in.
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: Article Accelerator
Date: August 11, 2019 01:09PM
Quote
jh
Don't know if this has already been posted…"Just days after Face ID was hacked…'user-hostile' iPhone battery practices…the Contacts app built into iOS can be exploited using the industry-standard SQLite database."

Oh, my!

Quote

For now, the saving grace is hackers need access to your unlocked iPhone or iPad

LOL. Gordon Kelly strikes again…

(The Face ID "hack" requires the presence of a sleeping or unconscious owner who has failed to enable the Face ID attention setting. There is no "user hostile" battery practice. And the Contacts-SQLite "hack" requires you to pass your unlocked device over to the hackers. Gordon Kelly is an Apple click-bait ho*; he's been a working girl at Forbes for years.)


* Why is the word "w h o r e" censored?



Edited 2 time(s). Last edit at 08/11/2019 01:12PM by Article Accelerator.
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: Rick-o
Date: August 11, 2019 01:15PM
Forbes = ridiculous comments. Always.

I don't know why they always have such a negative view of Apple, but you can usually count on it.

I guess more clicks to their site with negativity? dunno smiley



Mr. Lahey: A lot of people, don’t know how to drink. They drink against the grain of the liquor. And when you drink against the grain of the liquor? You lose.

Randy: What the @#$%& are you talking about?
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: sekker
Date: August 11, 2019 01:21PM
Saw the headline in my google news feed and ignored it as obvious click bait.

Thanks for saving me from giving them positive feedback.

Keep in mind, all of these security ‘flaws’ are always compromised by places like airport security that can record you putting in your passwords.
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: vision63
Date: August 11, 2019 03:00PM
Quote
Article Accelerator
Quote
jh

* Why is the word "w h o r e" censored?

To protect the dignity of our forum love professionals. Duh.
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: Fritz
Date: August 11, 2019 06:38PM
you lot are so sarcastic.

there might be some truth to an article published along side ads for @#$%& pills, $200 bourbon and private island vacations with included private jet plane RT air fare.

or it might be a large unmovable steaming pile of lion poo .....



!#$@@$#!

all I need to know I learnt from Bugs Bunny on Saturday mornings.

Television is a medium because it is neither rare nor well done.
>>>Ernie Kovacs>>>
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: testcase
Date: August 11, 2019 08:32PM
I expect Timmy doesn't understand what all the fuss is about. boink smiley
Options:  Reply • Quote
Re: Forbes Article: Warning Issued For Apple's 1.4 Billion iPad And iPhone Users
Posted by: vision63
Date: August 11, 2019 08:35PM
Quote
vision63
Quote
Article Accelerator
Quote
jh

* Why is the word "w h o r e" censored?

To protect the dignity of our forum love professionals. Duh.

I messed this up.
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 287
Record Number of Users: 52 on November 20, 2014
Record Number of Guests: 2330 on October 25, 2018