Apple’s #gotofail weekend


In case you spent your weekend watching closing ceremonies and not reading tech news, there was a lot of buzz around a security problem in Apple products. On Friday, Apple released an emergency update for iOS7 that fixed a severe vulnerability in their SSL/TLS implementation on the iPhone.

For those who are not technically inclined, SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are the encryption protocols underlying, among many things, the little lock icon you see in the upper right corner of your browser. This encryption protects you from eavesdroppers when logging into any secure site, like your bank account. It also protects you from actors like the NSA (and other governments) scooping up your emails in bulk when you’re … well … anywhere. After Apple released the emergency update for iPhone, security firm CrowdStrike examined the patch and reverse engineered the vulnerabilities it was addressing, only to find out that it repaired some pretty significant parts of the iPhone operating system. They also found that the same vulnerability exists in Apple’s OS X operating system meaning that the problem extends to Mac OS X laptops/desktops, not just iPhones. [Read more…]

PostTV: Webcams can record secretly


In this video I demonstrate how the built-in MacBook camera may be turned on, even when the light is off, allowing someone to spy on users without being detected.  You can read more about this story here.

Why Apple’s claim that it can’t intercept iMessages is largely semantics

This op-ed originally appeared in the Washington Post last Saturday in response to Apple’s claims about the security of iMessage.

A lively debate is brewing over the security of Apples iMessages. I was recently quoted on this issue, but Apple has since responded, and it seems important to clarify that the argument now seems to be largely a matter of semantics.
In case you missed it, a group of researchers at Quarklab recently analyzed the iMessage protocol, including the trust model and key exchange, and found some mistakes that leave iMessages open to attacks. I had also previously demonstrated that iCloud backups, including backed-up iMessages, could easily be accessed by Apple. This news is important because previous reports suggested that iMessage encryption was a major impediment to law enforcement, and Apple specifically described iMessage data as “protected by end-to-end encryption so no one but the sender and receiver can see or read them” in response to their reported participation in the NSA’s PRISM program.

Apple stands by its claim that its software can’t be intercepted and that it is not reading iMessages. In that article, Apple spokeswoman Trudy Muller said: “iMessage is not architected to allow Apple to read messages. The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”

But Apple’s response that it cannot intercept messages is a bit misleading.

Apple controls the entire stack: the phone operating system (iOS), iMessage application, the SSL certificates, and key exchange. Quarklab’s researchers demonstrated that if they could obtain (or fake) a trusted Apple SSL certificate AND man-in-the-middle the iMessage key exchange, they would be in a position to intercept or tamper with iMessage. Basically, that means iMessage could be vulnerable if an actor is able to convince the application that they are authorized to carry the data and to insert themselves between the users.
[Read more…]

TechCrunch TV: Ashkan Soltani On Mobile App Security

TechCrunch TV | May 3, 2012

TechCrunch TV had me on to discuss Path, Apple’s collection of location information, and the various other privacy issues with mobile devices.


Ashkan Soltani On Mobile App Security by 5minTech

Why You Should Treat Your iPhone Like a Toddler: The State of Mobile App Security Techcrunch, May 3, 2012