Jailbreak
makes iOS sand box vulnerable
Details:
Jailbreak gives numerous of
freedom to users and developers. In the meantime, that could be used by
hackers. IOS system installed on iPhone or iPad gives each apps an individual
space called “Sand Box”. It is a local storage that apps can store users’
information in it. Apple review team makes sure every apps only can access
their own “Sand Box” before publish to app store. But jailbreak breaks safety
guarantee between apps.
Root
cause:
Devices after jailbreak
could be installed any iOS apps by users. That means some of those apps have
not been reviewed by Apple review team. They could be spyware. Spyware can
access any part “Sand Box” they want. And some apps save users’ sensitive information
into “Sand Box” without encryption. Then spyware has the opportunity to stole
the information and upload it to specific server.
Probable
Recommendations:
1.
Do not jailbreak the devices.
2.
Install the apps that are really trusted.
3.
Do not save sensitive information into device after
jailbreak.
4.
Attempt to identify modified kernels by comparing
certain system files that the application would have access to on a
non-jailbroken device to known good file hashes. This technique can serve
as a good starting point for detection.
5.
Attempt to write a file outside of the application’s
root directory. The attempt should fail for non-jailbroken devices.
Generalizing, attempt to identify anomalies in the underlying system or
verify the ability to execute privileged functions or methods.
No comments:
Post a Comment