A security researcher claims changes Apple made to tighten its kernel security system in iOS 7 instead weakened the system, making it less secure than its iOS 6 counterpart. (Via CNET and ThreatPost) Azimuth Security researcher Tarjei Mandt discovered the flaw and presented his findings last week at CanSecWest.
The security flaw involves the random number generator Apple uses to secure its kernel. In iOS 6, the number generator that encrypted the kernel derived its values in part from the CPU clock counter. Because it was based on time, the encryption was only marginally secure as the output values were predictable, especially when examining successive numbers.
Apple was aware of the limitations in iOS 6 and attempted to tighten security in iOS 7 by changing the random number generator to a linear congruential generator, which is more susceptible to brute force attacks.
Apple approached Mandt about his findings and asked for his CanSecWest slide presentation.
The security flaw involves the random number generator Apple uses to secure its kernel. In iOS 6, the number generator that encrypted the kernel derived its values in part from the CPU clock counter. Because it was based on time, the encryption was only marginally secure as the output values were predictable, especially when examining successive numbers.
Apple was aware of the limitations in iOS 6 and attempted to tighten security in iOS 7 by changing the random number generator to a linear congruential generator, which is more susceptible to brute force attacks.
The problem with the new generator in iOS 7 is that it uses a linear recursion algorithm, Mandt said, which has "more correlation" between the values it generates. That makes them easier to extrapolate and guess, he said.This flaw potentially allows a malicious hacker to gain kernel-level access to an iOS device via an unpatched vulnerability. The kernel is the base part of the iOS operating system and controls low-level functions such as security and resource allocation.
Apple approached Mandt about his findings and asked for his CanSecWest slide presentation.
44 comments
Apple continues to dominate when it comes to customer support, according to Laptop Mag's annual tech support showdown, which is designed to help customers determine which companies are offering...
On April 24, 2015, the original Apple Watch launched in nine countries around the world. Four years later and we are now on the fourth iteration of the wearable device, the Apple Watch Series 4. Over...
Earlier this month, Bloomberg shared details on the thousands of employees that Amazon employs around the world to listen to voice recordings captured in the homes of Amazon Echo owners when the...
Tomorrow marks a month since Apple announced its Apple News+ subscription service, which means if you signed up on March 25 following the event, you're going to start getting charged $9.99...
A class action lawsuit originally filed against Apple in 2013 over broken iPhone 4, iPhone 4s, and later iPhone 5 power buttons is finally set to proceed to jury trial in San Diego state court...
iFixit today published its teardown of Samsung's Galaxy Fold, offering more details on a potential flaw in the device, which has now been delayed following reports of several broken review...
Apple Pay officially launched in Austria this morning. Apple's mobile payment system is now supported by the country's largest bank Erste Bank und Sparkasse, as well as German-based mobile...
