iOS Security

[Tech198]

If anyone is interested here's Apple's latest iOS Security paper :-

iOS Security Feb 2014

 

[The Doctor11]

That's really interesting. How often does apple make one of those?

 

[Dirtysand]

“The Early Random PRNG in iOS 7 is surprisingly weak,” said Tarjei Mandt senior security researcher at Azimuth Security. “The one in iOS 6 is better because this one is deterministic and trivial to brute force.”

https://threatpost.com/weak-random-...atens-ios-7-kernel-exploit-mitigations/104757

 

[luckydcxx]

If anyone is interested here's Apple's latest iOS Security paper :-

iOS Security Feb 2014

nice find!

 

[Tech198]

That's really interesting. How often does apple make one of those?

not sure... since the last paper was Oct. 2012, my guess is every few years.

Although they did mention uses a weaker security encryption with iCloud key chain that keeps all their users safe..(P256) which is "NSA cracked" and is not used anywhere else in Apple's security.

Question is, why didn't Apple use the same security thoughout ?

 

[C DM]

https://threatpost.com/weak-random-...atens-ios-7-kernel-exploit-mitigations/104757

Now at MacRumors: https://www.macrumors.com/2014/03/17/ios-7-kernel-security/