There are masses of important recent news stories on the topic of smartphone security. I have been filing them below posts like this one, this one, and this one, but they really deserve a spot of their own.
First news story: Micro Systemation makes software that allows people to bypass the 4-digit lock code on an iPhone in seconds. This could be important for people crossing borders, people who get arrested at political protests, etc.
{ 13 comments… read them below or add one }
Can Apple give police a key to your encrypted iPhone data? Ars investigates
Does Apple have a backdoor that it can use to help law enforcement bypass your iPhone’s passcode? That question became front and center this week when training materials (PDF) for the California District Attorneys Association started being distributed online with a line implying that Apple could do so if the appropriate request was filed by police.
As with most things, the answer is complex and not very straightforward. Apple almost definitely does help law enforcement get past iPhone security measures, but how? Is Apple advising them using already well-known cracking techniques, or does the company have special access to our iDevices that we don’t know about? Ars decided to try to find out.
http://arstechnica.com/apple/news/2012/04/can-apple-give-police-a-key-to-your-encrypted-iphone-data-ars-investigates.ars
Once the handset has been jailbroken and the passcode guessed, all the data on the handset, including call logs, messages, contacts, GPS data and even keystrokes, can be accessed and examined.
https://www.schneier.com/blog/archives/2012/04/law_enforcement.html
UK Police Roll Out On-the-Spot Mobile Data Extraction System
http://yro.slashdot.org/story/12/05/16/2357251/uk-police-roll-out-on-the-spot-mobile-data-extraction-system
“The Metropolitan Police has rolled out a mobile device data extraction system to allow officers to extract data ‘within minutes’ from suspects’ phones while they are in custody. ‘Ostensibly, the system has been deployed to target phones that are suspected of having actually been used in criminal activity, although data privacy campaigners may focus on potentially wider use.’”
Apple Releases IOS Security Guide
“Apple has released a detailed security guide for its iOS operating system, an unprecedented move for a company known for not discussing the technical details of its products, let alone the security architecture. The document lays out the system architecture, data protection capabilities and network security features in iOS, most of which had been known before but hadn’t been publicly discussed by Apple. The iOS Security guide (PDF), released within the last week, represents Apple’s first real public documentation of the security architecture and feature set in iOS, the operating system that runs on iPhones, iPads and iPod Touch devices. Security researchers have been doing their best to reverse engineer the operating system for several years and much of what’s in the new Apple guide has been discussed in presentations and talks by researchers. ‘Apple doesn’t really talk about their security mechanisms in detail. When they introduced ASLR, they didn’t tell anybody. They didn’t ever explain how codesigning worked,’ security researcher Charlie Miller said.”
Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. As part of an effort to identify potential weaknesses in smartphone platforms, the team was able to develop a proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel.
http://it.slashdot.org/story/12/07/02/219234/prototype-clickjacking-rootkit-developed-for-android
Apple Yanks Privacy App From the App Store
Leave Your Cellphone at Home
Earlier this year in Wired, writer and intelligence expert James Bamford described the National Security Agency’s plans for the Utah Data Center. A nondescript name, but it has another: the First Intelligence Community Comprehensive National Cyber-security Initiative Data Center. The $2 billion facility, scheduled to open in September 2013, will be used to intercept, decipher, analyze, and store the agency’s intercepted communications—everything from emails, cell phone calls, Google searches, and Tweets, to retail transactions. How will all this data be stored? Imagine, if you can, 100,000 square-feet filled with row upon row of servers, stacked neatly on racks. Bamford projects that its processing-capacity may aspire to yottabytes, or 10^24 bytes, and for which no neologism of higher magnitude has yet been coined.
To store the data, the NSA must first collect it, and here Bamford relies on a man named William Binney, a former NSA crypto-mathematician, as his main source. For the first time, since leaving the NSA in 2001, Binney went on the record to discuss Stellar Wind, which we all know by now as the warrantless wiretapping program, first approved by George Bush after the 2001 attacks on the twin towers. The program allowed the NSA to bypass the Foreign Intelligence Surveillance Court, in charge of authorizing eavesdropping on domestic targets, permitting the wholesale monitoring of millions of American phone calls and emails. In his thirty years at the NSA, Binney helped to engineer its automated system of networked data collection which, until 2001, was exclusively directed at foreign targets. Binney left when the organization started to use this same technology to spy on American citizens. He tells of secret electronic monitoring rooms in major US telecom facilities, controlled by the NSA, and powered by complex software programs examining Internet traffic as it passes through fiber-optic cables. (At a local event last week, Binney circulated a list of possible interception points, including 811 10th Avenue, between 53rd & 54th St., which houses the largest New York exchange of AT&T Long Lines.) He tells of software, created by a company called Narus, that parses US data sources: any communication arousing suspicion is automatically copied and sent to the NSA. Once a name enters the Narus database, all phone calls, emails and other communications are automatically routed to the NSA’s recorders.
“Just a day after the alleged leak of 12 million Apple UDID’s, both Apple and FBI have denied the story that Anonymous, a global hacking community, gained access to the files by hacking into an FBI laptop through a Java vulnerability. Earlier this morning the FBI claimed that, even though the agent cited in Anonymous’s story is an actual FBI operative, neither he nor anyone else in the agency has or has had access to Apple device information. This afternoon Apple followed up on the FBI’s statement, with an unidentified Apple representative claiming that, ‘The FBI has not requested this information from Apple, nor have we provided it to the FBI or any organization.’ It should also be noted that while the hackers claim to have accessed 12 million UDID’s, only 1 million were publicly released. The Apple representative who made the previous statements also said that, ‘Apple has replaced the types of identifiers the hackers appear to have gotten and will be discontinuing their use.’ Even though neither Anonymous nor the FBI/APPLE will admit where the data actually came from, it does appear that at least some of the leaked UDID’s are legit and can be tied back to current, privately owned devices. So far no information besides the devices UDID, DevToken ID, and device name has been released, however the original hackers claimed that some devices were tied to details as exact as phone numbers and billing addresses.”
“Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs ‘toll fraud’ — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available.”
FBI warns users of malicious mobile malware
In a warning issued by a government task force, mobile users are told to beware of malware that is especially lured to Android’s operating system and ways to avoid it.
Just Days After Release, Google’s Nexus 4 Has Already Been Rooted
There’s a new exploit against Samsung Galaxy phones that allows a rogue app access to all memory. A hacker could copy all of your data, erase all of your data, and basically brick your phone.
http://it.slashdot.org/story/12/04/23/1836201/proof-of-concept-android-trojan-uses-motion-sensors-to-steal-passwords