Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

1. Everything You Know Is Wrong > Physical Access Is Optional

Physical Access Is Optional

We’ve established that stolen or “borrowed” devices are easy to hack. Physical security is commonly the biggest reason some developers dismiss the notion of stolen data. After all, if someone can steal your wallet with your credit cards, you’re also going to be in for a considerable headache. Historically, a limited number of remote code injection vulnerabilities have been discovered and exploited for iOS. Fortunately, the good guys have found the ones we presently know about, but that is not to say criminal hackers won’t find future remote code injection exploits. The most notable of these exploits include the following:

  • A TIF image processing vulnerability, several years old, was discovered to exist in an older copy of the libraries used by applications in earlier versions of iOS. This allowed an attacker to load and execute code whenever the device loaded a resource from the Safari web browser. This attack could have also been used to exploit the Mail application. Fortunately, it was the jailbreaking community that discovered this vulnerability. Their response was the website http://www.jailbreakme.com, which users could visit to exploit their own devices. This exploit was used, for a time, to allow users to jailbreak their mobile devices, allowing third-party software to run on them. The downloaded software also fixed the vulnerability months before Apple did so that more malicious groups couldn’t exploit it.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint