UDID causes security compromise? Tapulous products’ users in danger!
Jul/094
Revenge, indeed.
Thanks to the guys at iPod touch Fans and their post here!
People out there who have a Tapulous account, beware. If you don’t know what a Tapulous account is, basically it’s the profile generated from the UDID (unique device identifier) of your iPhone/iPod touch. Tapulous’ authorization system is COMPLETELY dependent on your UDID, as practically speaking, you’re the only one with the number. It’s called UNIQUE for a reason, right?
Apparently that can be abused, with the UDID Changer app from Cydia. What’s detrimental is that your Facebook and Twitter information is stored on Tapulous’ servers as well. Of course it’s encoded, but when a malicious user changes their UDID to yours, Facebook and Twitter account data is immediately stored into their iPod touches/iPhones.
So what does this mean? It means that people can now access your Twitter and Facebook accounts, as well as anything else they store in their servers. Applications produced by Tapulous are: Tap Tap Revenge (and all its variants), Twinkle, Fortune, Collage and FriendBook.
Your next question that comes into mind must be: “But how the *insert profanity here* can they get my UDID?” There are PLENTY of ways noted by iPod touch Fans, including, but not limited to:
- The malicious user may just ask you, and you may give it to them.
- The malicious user may give you screenshots for a fantastic application they are making and offer you a beta. Of course, they need your UDID for you to beta test.
- The malicious user may be someone you know that actually has access to your device.
- Installer applications, such as Installer and Cydia send requests to the server with the UDID in the request. The maicious user may set up a repo to collect UDIDs.
- Etc. There are so many ways, it’s ridiculous.
Tapulous is aware of the exploit and are working on a fix to it, but meanwhile, unless you want someone posting the unthinkable on whatever accounts compromised, delete your Tapulous account. Change your Facebook and Twitter password as well, if you’re the “better safe than sorry” type of person.
New Apple iPhone Exploit Gives Attacker Root Access
Jul/090
It was bound to happen… Apple users have long enjoyed a relatively smooth ride with regard to virus’ and malicious attacks, but this morning xaminer.com posted info on this serious iPhone expoit, discovered Charlie Miller:
It’s well-known that binary code can be sent to mobile devices using SMS. Normally the sent code isn’t executed, but Miller found that the iPhone operating system automatically processes the code without any user intervention. Not good. Knowing this, Miller developed code using the principle of Sulley Fuzzing, a method of injecting random data into program after first forcing the operating system to trust the new code.
And they go on to confirm the worst:
Another vulnerability that Miller found was the ability to use the SMS function to gain root access to the iPhone, more or less giving an attacker the “keys to the kingdom”.
On a positive note, Apple appears to already be working on a patch for this serious security vulnerability. We all know Apple’s history with timely updates though, so don’t hold your breath.
Get the full scoop here: http://www.examiner.com/x-14651-Minneapolis-Information-Technology-Examiner~y2009m7d3-Apple-iPhone-SMS-exploit-allows-attacker-to-control-phone
So… who’s gonna beat Apple to the punch with a security patch that jail broken iPhone users can apply? :)