iOS MDM: Preventing Disassociation DOS and Potemkin Devices
I was thinking a couple of weeks ago about additional vulnerabilities in iOS Mobile Device Management, and noticed a couple of problems that I had not considered before. It may be possible for a...
View ArticleClik here to view.
Quick Look at Apple Configurator
Shortly after the iPad event on Wednesday, Apple released the free Apple Configurator application. It’s billed as a way to “set up new devices, and install enterprise apps,” but my main interest was in...
View ArticleClik here to view.
Verizon 2012 DBIR Challenge
Every year, Verizon Business publishes the Data Breach Investigations Report (DBIR). This year’s report analyzes of a cross-section of “855 incidents, 174 million compromised records” that have...
View ArticleClik here to view.
Apple Using Unsalted Hashes Too?
As the LinkedIn password leak continues to occupy the time and attention of password-crackers, I thought it might be worth mentioning another high-profile site which apparently uses unsalted hashes....
View ArticleApple’s iOS Security Overview
In late May, Apple quietly published a document entitled, simply, iOS Security. This short whitepaper describes several aspects of security within their iPad, iPhone, and iPod touch ecosystem,...
View ArticleClik here to view.
Winning the Decode This! puzzle at Black Hat
Last year, I had a great time trying to solve the Fidelis Security Systems‘ Decode This! puzzle at Black Hat. But I wasn’t fast enough to win. This year, I resolved to not make the same mistakes. And...
View ArticleWhat the flagnog? The Apple / FBI UDID breach, simplified.
Early Tuesday, a file was released detailing the compromise of 1,000,001 records, supposedly from an FBI laptop. Reportedly, these represented only a small portion of a much larger breach — over 12...
View ArticleTracking Down the UDID Breach Source
I’d heard about the alleged FBI/Apple UDID leak shortly after arriving at work last Tuesday morning, and immediately downloaded and began reviewing the data. Less than an hour later, I’d surmised that...
View ArticleClik here to view.
Evading evasi0n: iOS 6 Jailbreak Prevention
The latest iOS jailbreak was released yesterday. Called “evasi0n,” it can be used to bypass most all protections in iOS 6.1 on any device that supports it. It’s quite cool, and was certainly something...
View ArticleGetting ready for ShmooCon
It’s almost time for another ShmooCon, and as usual, we’ll be out in force for the conference. We won’t have a booth this year, but we will be milling about, attending talks, and even giving a couple...
View ArticleClik here to view.
iOS Configuration Profile Ransomware
A couple of months ago, at ShmooCon 2013, Tim Medin gave a great short talk titled “Apple iOS Certificate Tomfoolery.” One of the most interesting ideas I took away from this talk was the idea of...
View ArticleClik here to view.
iSniff your Wi-Fi and GPS your House
It’s been a while since I thought much about location-based services on iOS systems, in particular their privacy implications. Of course “Locationgate” happened back in March 2011, when researches...
View ArticleiOS 7 and Mavericks: New feature roundup from a security perspective
Yesterday Apple unveiled the latest versions of OS X (code-named Mavericks) and iOS 7, at the annual World Wide Developer Conference (WWDC). The general focus was on end-user features and items of...
View ArticleClik here to view.
Raspberry Pi Media Center on AppleTV – No Jailbreak Required
A few months ago, I started looking into using a Raspberry Pi (I’m gonna call it rPI from now on) as an access point / media server for the car. It started off as a way to let my boys play Minecraft...
View ArticleGood fun with bad crypto
A few months back, one of the consultants here at Intrepidus ran across a strange password hash format: OLEOIECBPAFFKGADMDGGLBBEMIGNIPCKOAEFIPCKOLEO He did some digging, and eventually found an...
View ArticleApple TV Hacking, Counterattacks, and Certificate Pinning
A few months ago I presented a neat hack at DerbyCon that let you put your own apps on Apple TV. A few days afterwards, the hack stopped working. It’s time I had a follow-up to explain just what...
View ArticleMore Fun with Apple TV Hacking (and Manual RSA Signature Validation)
In my last post, I showed how the latest Apple TV system checks for an Apple-signed certificate before allowing changes to certain device settings. In particular, this prevents easily enabling the “Add...
View ArticleClik here to view.
Sanitize your outputs: Apple ID Password Logfile Disclosure
In recent weeks, there have been quite a few security disclosures for Apple. Some of these have even been pretty significant. Not to pile on, but here’s some detail behind another security issue that I...
View Article
