Hacker Stories March 16
Hacker Stories April 21, 2015
A bug in the way that 1,500 iOS apps establish secure connections to servers leaves them vulnerable to man-in-the-middle attacks, according to analytics company SourceDNA (via arsTechnica). The bug means anyone intercepting data from an iPhone or iPad could access logins and other sensitive information sent using the HTTPS protocol.
A man-in-the-middle attack allows a fake WiFi hotspot to intercept data from devices connecting to it. Usually, this wouldn’t work with secure connections, as the fake hotspot wouldn’t have the correct security certificate. However, the bug discovered by SourceDNA means that the vulnerable apps fail to check the certificate … expand full story
Hacker Stories September 25, 2013
The German hacker who successfully defeated Touch ID using a fingerprint lifted from the back of an iPhone has posted a video showing exactly how it was done.
While the hacker – who goes by the nickname Starbug – described the attack as “very straightforward and trivial,” he revealed in an email interview with arsTechnica that it required 30 hours of work using a scanner, high-res laserprinter and a printed circuit board etching kit.
It took me nearly 30 hours from unpacking the iPhone to a [bypass] that worked reliably. With better preparation it would have taken approximately half an hour. I spent significantly more time trying to find out information on the technical specification of the sensor than I actually spent bypassing it.
I was very disappointed, as I hoped to hack on it for a week or two. There was no challenge at all; the attack was very straightforward and trivial.
Should 5s owners worry that, now that the technique is known, it could be replicated in 30 mins? The answer is ‘it depends, but probably not’ … expand full story
Hacker Stories September 19, 2013
More than $15k in rewards offered to crack Apple’s iPhone 5s TouchID fingerprint sensor
As noted by BusinessInsider, a number of security researchers and other hackers have come together to offer rewards to the first person that can “reliably and repeatedly break into an iPhone 5s” through bypassing the new TouchID fingerprint sensor feature. They aren’t looking for a software hack, however, but instead want hackers to break into the device by lifting prints, “like from a beer mug.”
It’s not exactly a legit contest, as the creators of the site are only claiming responsibility for their own bounty offers. Their bounties come out to around just $200 of the approximately $20k in pledges listed on the site.
In order to collect, you’ll have to have video proof of the process. The site’s creator explained in the “terms and conditions,” which is actually just a series of tweets:
All I ask is a video of the process from print, lift, reproduction and successful unlock with reproduced print. I’ll put money on this… Enroll print, Place it, lift it, reproduce it, use the reproduction to unlock the phone without being locked out… satisfactory video evidence of the print enrollment, lift, reproduction and successful application of the print without locking out will do.
While there’s no way of telling if most of those offering bounties will actually payout, the largest pledge comes from IOCapital for $10K:
Apple said at the introduction of the iPhone 5s that “all fingerprints will be encrypted, stored securely and never uploaded to iCloud or its own servers,” but there have been a few questions surrounding how Apple’s new TouchID fingerprint sensor works. Earlier this month Apple addressed security concerns and noted some features to prevent hacking of the fingerprint sensor:
Only that passcode (not a finger) can unlock the phone if the phone is rebooted or hasn’t been unlocked for 48 hours. This feature is meant to block hackers from stalling for time as they try to find a way to circumvent the fingerprint scanner.
You can check out all of the bounties being offered and learn more through the istouchidhackedyet.com site.
Hacker Stories August 6, 2012
Mat Honan wrote up his whole story over at Wired. The scariest part is that they were able to reproduce the hack using two pieces of publicly available information and a phone call.
We talked to Apple directly about its security policy, and company spokesperson Natalie Kerris told Wired, “Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password. In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected.”
On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful. This means, ultimately, all you need in addition to someone’s email address are those two easily acquired pieces of information: a billing address and the last four digits of a credit card on file. Here’s the story of how the hackers got them.