Every iPhone On Planet Earth Is At Risk To Being Pwned….. And Apple May Have Known About This For Years

Apple seriously has some explaining to do now that it’s come to light that every iPhone on Earth (which is about 1.4 billion of them if you believe Apple’s numbers) is at risk of being pwned by hackers. As reported by AppleInsider, security firm Check Point has revealed it has found a way to hack every iPhone and iPad running iOS 8 right up to betas of iOS 13:

 Speaking at Def Con 2019, the company showed the technique being used to manipulate Apple’s iOS Contacts app. Searching the Contacts app under these circumstances can be enough to make the device run malicious code.

“SQLite is the most wides-spread database engine in the world,” said the company in a statement. “It is available in every operating system, desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.”

“In short, we can gain control over anyone who queries our SQLite-controlled database,” they continued.

When you search for a contact or look up information in any app, you are really searching a database and very commonly that will be using SQLite.

And here’s the worst part:

Documented In a 4,000-word report seen by AppleInsider, the company’s hack involved replacing one part of Apple’s Contacts app and it also relied on a known bug that has hasn’t been fixed four years after it was discovered.

“Wait, what? How come a four-year-old bug has never been fixed?” write the researchers in their document. “This feature was only ever considered vulnerable in the context of a program that allows arbitrary SQL from an untrusted source and so it was mitigated accordingly. However, SQLite usage is so versatile that we can actually still trigger it in many scenarios.”

In other words, the bug has been considered unimportant because it was believed it could only be triggered by an unknown application accessing the database, and in a closed system like iOS, there are no unknown apps. However, Check Point’s researchers then managed to make a trusted app send the code to trigger this bug and exploit it.

Wow. Apple has failed to fix this bug for four years which means that it could have been exploited long before it was discovered by Check Point. Even if it hasn’t, you’d think that Apple would have fixed it long before now. Well, they have no choice but to fix it now seeing as it’s public information and those who play on the dark side of things are now going to come up with attacks that leverage this. Thus expect a fix to be out very quickly. Though I would much rather hear an explanation from Apple as to why they didn’t address this much earlier.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: