Alleged iOS Security Flaw Enables Malicious Apps to Secretly Log User Touch Inputs

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 25, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Researchers from security firm FireEye have revealed a new bug in iOS that enables a malicious app to monitor and log a user's touch inputs and button uses while running in the background, reports Ars Technica. The exploit reportedly targets a flaw in iOS' multitasking capabilities to capture user inputs, and allows for them to be sent to a remote server.
    [​IMG]
    To demonstrate the flaw, the researchers created a proof-of-concept monitoring app and developed approaches to "bypass" Apple's App Store Review process effectively. Once the app was installed on an iOS device, actions including keyboard inputs, use of the volume, home, and power buttons, screen touches with exact coordinates, and Touch ID events were all captured. The researchers also noted that disabling iOS 7's "Background App Refresh" setting would not disable a malicious app from logging data, as the only present solution to the problem is to manually remove apps from the task switcher.

    FireEye also spoke about the flaw being identified in current versions of iOS:
    The group added that it is actively working with Apple on the issue, although the company has yet to comment publicly. The news comes less than a week after Apple issued iOS 7.0.6 in response to a SSL vulnerability that allowed a hacker to capture or modify data from Safari in supposedly secure sessions.

    The SSL security bug was also found to be present in OS X, as new research over the weekend revealed that additional apps such as FaceTime and iMessage could be compromised. Apple confirmed to Reuters that it will issue an OS X software update "very soon" to patch the bug.

    Article Link: Alleged iOS Security Flaw Enables Malicious Apps to Secretly Log User Touch Inputs
     
  2. macrumors regular

    Joined:
    Mar 9, 2012
  3. macrumors 68000

    Joined:
    Nov 4, 2008
    #3
    Business as usual then......
     
  4. macrumors 6502a

    Asclepio

    Joined:
    Jul 11, 2011
  5. macrumors regular

    AndrewMRiv

    Joined:
    Oct 29, 2013
    #5
    This is a sad day.
     
  6. macrumors G5

    Macman45

    Joined:
    Jul 29, 2011
    Location:
    Somewhere Back In The Long Ago
    #6
    What would actually be useful here is for somebody to tell us WHICH apps are to blame here.:mad:
     
  7. macrumors 68000

    Joined:
    Nov 4, 2008
    #7
    See my post above, number 3.
     
  8. macrumors 6502

    Merode

    Joined:
    Nov 5, 2013
    Location:
    Warszawa, PL
  9. macrumors 601

    Mr. Retrofire

    Joined:
    Mar 2, 2010
    Location:
    www.emiliana.cl
    #9
    The NSA can do the same (and more) via special software on the SIM or flash memory. They call it DROPOUTJEEP and GOPHERSET.

    [​IMG]

    [​IMG]
     
  10. macrumors 604

    Joined:
    Apr 23, 2011
    Location:
    GVA, KUL, MEL (current), ZQN
    #10
    Yet another NSA techie is going to slam his head into the wall while saying "****! They found yet another loophole that I inserted!"
     
  11. macrumors 68030

    Joined:
    Nov 13, 2011
    Location:
    UK
    #11
    those people closing all their apps don't look so silly after all :p:D:p
     
  12. macrumors 68030

    macs4nw

    #12
    It's maddening that all this crap happens in the background, without the users knowledge.
     
  13. macrumors 65816

    iZac

    Joined:
    Apr 28, 2003
    Location:
    Shanghai
    #13
    This better not be lurking away in GBA4iOS!!!
     
  14. macrumors G5

    Macman45

    Joined:
    Jul 29, 2011
    Location:
    Somewhere Back In The Long Ago
    #14
    Yep, but I bet we don't get a response...They'll just release yet another patch...I'm pretty conservative when it comes to Apps, but I do have SSH installed on phone and iPad....I may remove them for now.
     
  15. macrumors regular

    Joined:
    Jul 29, 2007
    Location:
    England
    #15
    I thought the exact same thing :eek:
     
  16. macrumors member

    Joined:
    Jun 21, 2009
    Location:
    Italy
    #16
    How is this even remotely considered a security issue?

    Yes, every touch is logged, but none of the logs carry any semantic information about the touches.

    What those guys have just demonstrated is of no use to an actual hacker. It would be like tapping a phone line and then only be able to know how many calls are placed each day.
     
  17. macrumors 603

    ChazUK

    Joined:
    Feb 3, 2008
    Location:
    Essex (UK)
  18. macrumors 65816

    Swift

    Joined:
    Feb 18, 2003
    Location:
    Los Angeles
    #18
    Strange Cast of Characters

    You know, "DropOutJeep" is a targeted action. It's somebody whose iPhone they want to hear. Does it change anything for you to realize that it will be used to find out things that the United States is better off knowing? Look at it. It is not for a large audience, nor would they ever get this information from Joe Blow. They want somebody who knows something, whose phone is very liable to contain some very useful information. Not peeking on somebody's girlfriend. Reading his e-mails to the Defense Minister of Country X.

    Yeah, I know, "he who trades his freedom for security" and all that. But what about the guy who is so high-minded that the future goes all to hell?

    Of all the kinds of military and state activity, I'm for cutting back the military to something more like "defense." I'm for the CIA stopping torture, not making military plans like Iraq; our intelligence services should have rules of engagement in foreign countries and with foreign nationals.

    But I look at information intelligence as the name of the game. If we can figure out what the Iranians are likely going to do about their nuclear program, we can make our policies fit reality. We wouldn't need signals intelligence if everybody told us exactly what they were up to. But they don't. People lie and hide and plan secret attacks.
     
  19. macrumors regular

    Joined:
    Jan 29, 2010
    #19
    You sure?
    The fact that x and y co-ordinates of each touch or release event is captured, could be used as a key-logger once the boundries of each key on the soft keyboard have been worked out.
     
  20. macrumors regular

    Joined:
    Mar 9, 2012
    #20
    If you know the exact coordinates you can simply overlay the iOS Keyboard and extract everything the user typed in, including passwords, logins or other personal information. :rolleyes: But yeah, no security issue here. LOL.
     
  21. macrumors member

    Joined:
    Jun 15, 2009
    #21
    Don't know but isn't this more about the laziness and hootzpah to pass over it? Who is this company now? (I may be late to the party)
     
  22. macrumors 65816

    Swift

    Joined:
    Feb 18, 2003
    Location:
    Los Angeles
    #22
    Yeah, all intrusions are in CAPITAL LETTERS and must be happening ALL the time to all of us. Now, there is no "<textbutton> tags or anything giving us a location. A specific app? If you had that you could probably tease out the meaning. Match the geometry of the locations to the buttons on the app. You'd need a better log that this, I'll be thinking.
     
  23. macrumors member

    Joined:
    Jun 21, 2009
    Location:
    Italy
    #23
    You're right, you could probably search the logs for chains of touch inputs that belong to the area of the screen where the soft keyboard is found and then map the touches on the characters...

    You'd probably get some false positives but you might be able to extract some real information as well. I see it now, thanks.
     
  24. macrumors 65816

    Swift

    Joined:
    Feb 18, 2003
    Location:
    Los Angeles
    #24
    I like this part

    Drop Out Jeep is from 2007. Around the iPhone launch. They said it would cost nothing. That they were only able to put the spyware on the phone if they got hands on it , though they were working to make a "remote install". Ring, ring.
     
  25. macrumors regular

    Infinus.gold

    Joined:
    Jan 23, 2014
    #25
    I am happy with the bug.
    I am very common person...
    My needs and data is stupid and nothing secret left.
    ...
    Take your time and make it better
     

Share This Page