Monday, April 24, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Toshiba to Spin Off 4 Operations
Seagate And DJI Announce New Portable Drive For Storing Drone Footage
Nikon Takes Legal Actions Against ASML and Carl Zeiss Over Semiconductor Lithography Patents
LG X Power 2 Smartphone Packs A Huge Battery
Questions Remain About The Fate Of Toshiba's HDD and SSD Business
SK Hynix Develops First 8Gb GDDR6
Call of Duty Game Returns to WWII
Twitch to Sell Video Games
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > Mobiles > Researc...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, February 25, 2014
Researchers Discover New Security Flaw For iOS


A new iOS flaw has been discovered, which could allow hackers to record keystrokes made on an Apple device no matter if its jailbroken or not.

FireEye mobile security researchers have discovered a background monitoring app vulnerability, and found approaches to bypass Apple's app review process and exploit non-jailbroken iOS 7 successfully.

The researchers have created a proof-of-concept "monitoring" app on non-jailbroken iOS 7.0.x devices. This "monitoring" app can record all the user touch/press events in the background, including, touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server. Potential attackers could use such information to reconstruct every character the victim inputs.

The researchers demoed the exploit on the latest 7.0.4 version of iOS system on a non-jailbroken iPhone 5s device, but they have also verified that the same vulnerability exists in iOS versions 7.0.5, 7.0.6 and 6.1.x.

iOS7 provides settings for "background app refresh". Disabling unnecessary app's background refreshing contributes to preventing the potential background monitoring. However, the researchers say that it can be bypassed. For example, an app can play music in the background without turning on its "background app refresh" switch. Thus a malicious app can disguise itself as a music app to conduct background monitoring.

"Before Apple fixes this issue, the only way for iOS users to avoid this security risk is to use the iOS task manager to stop the apps from running in the background to prevent potential background monitoring," the researchers said." iOS7 users can press the Home button twice to enter the task manager and see preview screens of apps opened, and then swipe an app up and out of preview to disable unnecessary or suspicious applications running on the background."




Previous
Next
Verbatim To Showcase Smartphone and Tablet Accessories at CeBIT        All News        ZTE Launches 4K p60 Ultra HD Set Top Box
Qualcomm and Deutsche Telekom Collaborate on LTE Direct Operator Trial     Mobiles News      BlackBerry To Offer New Mobile Device Management Tool, New Smartphones

Get RSS feed Easy Print E-Mail this Message

Related News
Apple May Invest in Boeing Satellite Broadband Project
Beijing to Summon Apple Over Live Streaming Apps
Apple iMac Upgrades Coming In 2H17 High-end iMac Later
Apple to Road Test Self-Driving Car Software
Apple Eyes Toshiba's Memory Chip Business: reports
Qualcomm Files Answer and Counterclaims to Apple Lawsuit
Australian Regulator ACCC Takes Action Against Apple Over Alleged Misleading Guarantee Representations
Apple Refreshes the Mac Pros, New Modular Design Coming Next Year
Apple Says it No Longer Needs Imagination Technologies's GPU Tech
TSMC To Start Producing A11 InFo Chips For New iPhone In April
Apple Wins Design Patent Case In China
Apple's iPhone 6s Topped List of Best-Selling Smartphones for 2016

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .