An Israeli researcher Aviv Raff has gone public with security flaws in iPhone after what he terms two-and-a-half months of inaction from Apple.
Writes Raff on his blog:
This makes it possible for an attacker to create a long URL that displays a trusted domain while taking the user to another domain entirely, he explains. The user would only see the portion of the domain designed to look familiar and is more likely to click on the malicious link.
Opening the URL in the iPhone's Safari browser would not help as it too displays only a portion of the long URL.
The second bug according to Raff is in the iPhone's Mail application, which makes it easier for spammers to identify valid email accounts, and thus mark them for more spam.
Since iPhone automatically downloads all image attachments, and there is no way to disable this feature, it is easy for spammers to identify a working email account. "The spammer who controls the remote server will know that you have read the message and will mark your mail account as active in order to send you more spam," said Raff.
Raff recommends that since there is no way to disable auto-image download on the iPhone, users should refrain from using Mail until Apple patches the problem.
Raff calls this "a pretty dumb design flaw" which has already been fixed by most other mail clients ages ago.
Writes Raff on his blog:
I have disclosed the technical details to Apple few weeks before that post, in a hope to get those security issues fixed as soon as possible. Unfortunately, two and a half months later, and still there is no patch for those vulnerabilities. I've asked Apple several times for a schedule, but they have refused to provide the fix date.The first is the URL display flaw in the iPhone's Mail that could allow an attacker to send a message containing a malicious URL that looks legitimate. "In most mail clients (example on your PC/Mac), you can just hover the link and get a tooltip which will tells you the actual URL that you are about to click," explains Raff in a blog post. "In iPhone it's a bit different. You need to click the link for a few seconds in order to get the tooltip. Now, because the iPhone screen is small, long URLs are automatically cut off in the middle."
This makes it possible for an attacker to create a long URL that displays a trusted domain while taking the user to another domain entirely, he explains. The user would only see the portion of the domain designed to look familiar and is more likely to click on the malicious link.
Opening the URL in the iPhone's Safari browser would not help as it too displays only a portion of the long URL.
The second bug according to Raff is in the iPhone's Mail application, which makes it easier for spammers to identify valid email accounts, and thus mark them for more spam.
Since iPhone automatically downloads all image attachments, and there is no way to disable this feature, it is easy for spammers to identify a working email account. "The spammer who controls the remote server will know that you have read the message and will mark your mail account as active in order to send you more spam," said Raff.
Raff recommends that since there is no way to disable auto-image download on the iPhone, users should refrain from using Mail until Apple patches the problem.
Raff calls this "a pretty dumb design flaw" which has already been fixed by most other mail clients ages ago.
No comments:
Post a Comment