قالب وردپرس درنا توس
Home / Technology / Warning for Apple's 1.4 billion iPad and iPhone users

Warning for Apple's 1.4 billion iPad and iPhone users




<div _ngcontent-c15 = "" innerhtml = "

Apple has a bad week just days after Face ID was hacked and the company's" anti-user "iPhone battery Practices an extraordinary story by Apple has led to neglect to a warning that every iPhone and iPad user needs to know.

Any iPhone released since 2011 is potentially prone to failure his data and passwords are stolen.

Apple

The security firm picked up by [19659909] AppleInsider has found that it has found a way to hack every iPhone and iPad with iOS 8 through to beta from iOS 13 Years ago (iOS 8 supports the iPhone 4S from 2011), and when Tim Cook states that there are 1.4BN active iOS devices around the world, this is worrying news for the owners pretty much all Equipment .

Check Point found that the iOS built-in Contacts app can be leveraged using the industry standard SQLite database, so any time you search for contacts, the device can be tricked into executing malicious code, user data, and passwords can steal.

"SQLite is the most widely used database engine in the world," said Check Point. "It's available on all operating systems, desktops and mobile phones, and Windows 10, MacOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite."

But the real shock is why the vulnerability exists in the contact app altogether: it uses a known bug that Apple has not fixed for four years.

Apple iOS 12 still has the same vulnerability as iOS 8

Apple

"Wait, what, how is it that a four-year-old bug has never been fixed?" Write Check Point researchers in their report. "This feature was previously considered vulnerable only in the context of a program that allows arbitrary SQL from an untrusted source, so it has been restricted accordingly, but the use of SQLite is so versatile that we can actually trigger it in many scenarios. "

]

In short, Apple got sloppy. As AppleInsider explains, "The bug was considered unimportant because it was assumed that it could only be triggered by an unknown application accessing the database. In a closed system like iOS, there are no unknown apps. Check Point researchers, however, then managed to create a trusted app [the ubiquitous Contacts app] that sends the code to trigger this error and exploit it. "

Yes, it's a lazy mistake with potentially serious consequences. Right now, hackers need to access your unlocked iPhone or iPad to take advantage of it. However, this can change. After all, six bugs were found in iMessage last month, which allowed hackers to read your files from anywhere, and one of them is still unpatched.

All this puts Apple in an awkward position. The company has long been promoting safety as the main selling point for competitors, but the gaps remain. If this gap is closed after four years of inaction, it is not a good result.

Your move, Apple.

___

Follow Gordon on Twitter and Facebook

More on Forbes

iPhone owners warned of "anti-user" battery problem

Apple Partner Unintentionally Unveils iPhone 11 Release Date

Apple's Revised iPhone 11 Logic Board Makes Sense Now

Bloomberg licks 2020 iPhone camera, USB-C upgrades

Kuo: Every 2020 iPhone Starts with 5G

">

Apple Has Been Hacked Just days after Face ID and " user-hostile "iPhone battery Practices of the company have been uncovered, an extraordinary story of Apple neglect has led to a warning for every iPhone and iPad users need to know about.

Every iPhone released since 2011 is potentially vulnerable to theft of data and passwords.

Apple

The security firm picked up by [19659909] AppleInsider has found that it has found a way to hack every iPhone and iPad with iOS 8 through to beta from iOS 13 Years ago (iOS 8 supports the iPhone 4S from 2011), and when Tim Cook states that there are 1.4BN active iOS devices around the world, this is worrying news for the owners pretty much all Equipment .

Check Point found that the iOS built-in Contacts app can be leveraged using the industry standard SQLite database, so any time you search for contacts, the device can be tricked into executing malicious code, user data, and passwords can steal.

"SQLite is the most widely used database engine in the world," said Check Point. "It's available on all operating systems, desktops, and mobile phones, and Windows 10, MacOS, iOS, Chrome, Safari, Firefox, and Android are popular users of SQLite."

But the real shock is why the vulnerability exists in the contact app altogether: it uses a known bug that Apple has not fixed for four years.

Apple iOS 12 still has the same vulnerability as iOS 8.

Apple

"Wait, what, how is it that a four-year-old bug has never been fixed?" Write Check Point researchers in their report. "This feature was previously considered vulnerable only in the context of a program that allows arbitrary SQL from an untrusted source, so it has been restricted accordingly, but the use of SQLite is so versatile that we can actually trigger it in many scenarios. "

]

In short, Apple got sloppy. As AppleInsider explains, "The bug was considered unimportant because it was assumed that it could only be triggered by an unknown application accessing the database. In a closed system like iOS, there are no unknown apps. Check Point researchers, however, then managed to create a trusted app [the ubiquitous Contacts app] that sends the code to trigger this error and exploit it. "

Yes, it is a lazy mistake with potentially serious consequences. Right now, hackers need to access your unlocked iPhone or iPad to take advantage of it. However, this can change. After all, six bugs were found in iMessage last month, which allowed hackers to read your files from anywhere, and one of them is still unpatched.

All this puts Apple in an awkward position. The company has long been promoting safety as the main selling point for competitors, but the gaps remain. If this gap is closed after four years of inaction, it is not a good result.

Your move, Apple.

___

Follow Gordon on Twitter and Facebook

More on Forbes

iPhone owners warned of "anti-user" battery problem

Apple Partner Unintentionally Unveils iPhone 11 Release Date

Apple's Revised iPhone 11 Logic Board Makes Sense Now

Bloomberg loses iPhone camera, USB-C upgrades in 2020

Kuo: Any 2020 iPhone with 5G


Source link