Connect with us
The iPhone kernel memory exploit allowed data to be stolen The iPhone kernel memory exploit allowed data to be stolen

News

IPhone kernel memory exploit allowed data to be stolen without user intervention via Wi-Fi

Published

on

In May of this year, Apple patched a vulnerability in the iPhone – a memory bug in the iOS kernel that gave attackers remote access to an entire device via Wi-Fi, without any user intervention.

The exploit has now been detailed by Ian Bier, a researcher at Project Zero, Google’s vulnerability research arm. He described the vulnerability and an experimental exploit that he spent six months developing.

Bier explained that using Wi-Fi, an attacker could simply penetrate a user’s smartphone. The attack worked by exploiting a buffer overflow error in the AWDL (Apple Wireless Direct Link) driver, a proprietary mesh network protocol used by Airdrop. “It’s a trivial buffer overflow programming error in C ++ code in a kernel that parses untrusted data exposed to remote attackers,” says Beer.

The researcher notes that AWDL has the potential for serious hacks. And since AWDL analyzes Wi-Fi packets, exploits work without any user intervention.

Beer demonstrated an attack that allows full access to a user’s personal data, including email, photos, messages, as well as passwords and cryptographic keys. The attack can use a laptop, Raspberry Pi and some Wi-Fi adapters. A well-written exploit will inject a cracker package into an iPhone in “a few seconds.” Exploits only work on devices that are within the attacker’s Wi-Fi range.

In this video demonstration of the IPhone 11 Pro attack, the victim is in a room separated from the attacker by a closed door:

With directional antennas, higher transmit power and sensitive receivers, the range of such attacks can be significant, the researcher notes.

Beer thinks it’s time for Apple to rethink some of the critical legacy code that makes up the core of iOS. vm_map.c was written in 1985 and is still in use today. According to him, a memory corruption in a third-party messaging application, accompanied by a logical error vm_map, would give an attacker the opportunity to use the data. Beer believes that the corporation should think about a short-term strategy to improve the quality of new code, increase investment in automated testing and code review. Finally, he notes that it is important to focus on finding vulnerabilities using more than just fuzzing.

Beer said Apple addressed the vulnerability prior to launching the COVID-19 contact tracing interface built into iOS 13.5 in May. The researcher said he had no proof that the vulnerability was ever exploited, although he noted that at least one exploit vendor knew of the critical bug in May, seven months before it was disclosed.

In August 2019, Project Zero found that iPhones with versions of iOS from 10 to 12 had been vulnerable to attacks through various specially infected Internet sites for almost two years. Hacking such sites was invisible to their owners and consisted of injecting malicious code that exploited previously unknown vulnerabilities in iOS (zero-day vulnerabilities). Thus, any iPhone users who opened an infected page in the Safari browser of their device could be accidentally attacked.

Click to comment

Leave a Reply

Your email address will not be published.

Phones

Samsung Galaxy S23 smartphones are unlikely to receive a sub-screen front camera

Published

on

Samsung Galaxy S23 smartphones are unlikely to receive a sub screen

Samsung is not considering adding under-screen front cameras to the Galaxy S23 line of smartphones. They were not in the Galaxy S22 either. This is stated on the Korean site Naver. A user under the pseudonym Ianzuk, citing sources in the supply chain, claims that Samsung does not have much confidence in the quality of this technology.

Samsung Galaxy S23 smartphones are unlikely to receive a sub-screen front camera

The source believes that the under-screen cameras do not yet match the quality of conventional front cameras. ZTE and Xiaomi also had similar problems. They also experimented with under-screen solutions, but failed to solve all the problems.

Even with the $1,799 Samsung Galaxy Z Fold 3, the quality of selfie shots was lower than with a regular camera. Therefore, according to the source, Samsung will not release a premium line with such cameras.

It was previously reported that the front cameras in the Galaxy S23 will receive more powerful image sensors with a resolution of 12 megapixels. And these smartphones are credited with the main camera with a resolution of 200 megapixels.

Continue Reading

Software

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement. All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

Published

on

60 MP plus 50 MP 4500 mAh 100 W slim

We have already seen Huawei nova 10 and nova 10 Pro smartphones both on official renders and on unofficial ones, and now live photos of nova 10 Pro have been published on the Web. At the same time, a complete list of features for the nova 10 and nova 10 Pro was released. At the same time, we note that the official premiere of smartphones will take place only on July 4.

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

I must say that in live photos, the main camera block looks more massive than in renders, but in general the design is typical for Huawei.

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

The platform – fortunately or unfortunately – is also typical of Huawei and Honor smartphones: it’s Snapdragon 778G 4G. Both models will be presented in two versions – 8/128 and 8/256 GB. You should not count on the presence of 12 GB of RAM in these devices.

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

nova 10 Pro will receive a 6.67-inch OLED screen with a resolution of 2652 x 1200 pixels and a frame rate of 120 Hz. The display of the younger model corresponds in size and frame rate, but its resolution is slightly lower – 2400 x 1080 pixels.

The screen of the nova 10 Pro has a stretched oval notch that will house two sensors: the main one with a 60-megapixel sensor and an ultra-wide angle lens and an additional 8-megapixel one with a portrait lens. The embedded front camera in nova 10 has a familiar look, since it has only one module – with a 60-megapixel sensor.

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement
60 MP plus 50 MP, 4500 mAh, 100 W, slim body and branded Android replacement.  All specifications and live photos of Huawei nova 10 Pro ten days before the announcement

The main camera in these models is represented by three modules: the main one with a 50-megapixel sensor with an RYYB pixel layout and two additional ones – an 8-megapixel one with an ultra-wide-angle lens and a 2-megapixel one for analyzing the depth of the scene. Apparently, there will be no optical stabilization system.

The battery capacity of Huawei nova 10 Pro is 4500 mAh, the device will support 100 W charging. nova 10 will receive a 4000 mAh battery with support for 66 W fast charging. The thickness and weight of the nova 10 Pro is 7.88 mm and 191 grams, while the nova 10 is more compact and lighter at 6.88 mm and 168 grams. Both models will run HarmonyOS 2.0.1.

Continue Reading

Phones

Samsung Cuts Prices on Samsung Galaxy S22 Ultra, Galaxy Z Fold 3, and Galaxy Z Flip 3, and Giveaway Galaxy Watch 4 in US Sale

Published

on

Samsung Cuts Prices on Samsung Galaxy S22 Ultra Galaxy Z

The South Korean company Samsung has launched another summer sale, during which it offers to purchase the latest smartphones with discounts and gifts.

The promotion includes the Samsung Galaxy S22 Ultra with 1TB of flash memory, which has fallen in price by $150 and is offered for $1450. Alternatively, you can get the Galaxy Z Flip 3 for $300 off at $700.

Samsung Cuts Prices on Samsung Galaxy S22 Ultra, Galaxy Z Fold 3, and Galaxy Z Flip 3, and Giveaway Galaxy Watch 4 in US Sale

There is no discount on the Samsung Galaxy Z Fold 3, but buyers will receive a modern smart watch Samsung Galaxy Watch 4 Classic as a gift. Also, the watch is relied upon when buying the Galaxy Z Flip 3 for $700, which is a very good deal.

Offer valid this weekend only for US residents and visitors.

Continue Reading

Most Popular