• Welcome to Peterborough Linux User Group (Canada) Forum.
 

Flaw in iPhone, iPads may have allowed hackers to steal data for years

Started by ssfc72, April 22, 2020, 02:48:14 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

ssfc72

Mint 20.3 on a Dell 14" Inspiron notebook, HP Pavilion X360, 11" k120ca notebook (Linux Lubuntu), Dell 13" XPS notebook computer (MXLinux)
Cellphone Samsung A50, Koodo pre paid service

fox

Sounds bad, but I can be pretty sure I wasn't affected. I don't use the Mail app on my iPad; I use MS Outlook. And I haven't had any crashes on it and haven't had to reset my iPad for any reason. In any event, no such flaw is good news, and I hope Apple will issue a security update for Mail very soon.
Ubuntu 23.10 on 2019 5k iMac
Ubuntu 22.04 on Dell XPS 13

Jason

They have an MS Outlook app on your IPad? Or do you just do it through the browser on it or just on your desktop?
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

fox

All MS productivity apps run on iPads. You have to download them from the app store; same as Android.
Ubuntu 23.10 on 2019 5k iMac
Ubuntu 22.04 on Dell XPS 13

Jason

Thought this bit taken from the article was interesting because it confirms what I saw recently on a program related to the subject of black hat hackers on CuriosityStream.

QuoteBecause Apple was not aware of the software bug until recently, it could have been very valuable to governments and contractors offering hacking services. Exploit programs that work without warning against an up-to-date phone can be worth more than $1 million.

Most of the program I saw had the information I already know but the value of certain hacks on it caught me by surprise as well as how dedicated foreign governments to infiltrating not just other governments but companies to steal secrets. And a representative for Homeland Security was saying that most companies just don't have the resources to defend their systems against countries like China which has virtually unlimited resources. You may only be able to watch one program on CuriosityStream for free but here's the link to it.
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

Jason

Quote from: fox on April 22, 2020, 04:48:32 PM
All MS productivity apps run on iPads. You have to download them from the app store; same as Android.

The article mentioned that the security flaw was on the OS but that it's triggered by opening a blank email on iMail (Apple Mail?). That's really scary. Even someone that doesn't use their mail app but gets an email to it can get their system 'owned' - access to everything on it. I believe that every Apple user has an email address right? The miscreants could send emails to everyone with the enclosed payload by auto guessing their email address. They see a notification and are curious or confuse it with their regular email on the device and voila! Your system has been hacked.
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

fox

With regard to your last question, everyone has an Apple ID and that ID works as an Apple email address; although you can use your Google account as an Apple ID. I don't even use my Apple email account, other than to destroy the junk messages that I get through it. But yes, I can see how other people might open an empty email and get hacked.
Ubuntu 23.10 on 2019 5k iMac
Ubuntu 22.04 on Dell XPS 13

Jason

Quote from: fox on April 22, 2020, 08:42:36 PM
With regard to your last question, everyone has an Apple ID and that ID works as an Apple email address; although you can use your Google account as an Apple ID. I don't even use my Apple email account, other than to destroy the junk messages that I get through it. But yes, I can see how other people might open an empty email and get hacked.

It's not just other people. Even the technologically adept could fall for this.

For example, you mentioned above that you only use it to destroy messages. But have you ever opened a junk message at any time to see what they were? That's all it would take for it to happen to you. If I used an iPad, it could happen to me, too. I'm not saying you were hacked. Just that it could happen to you if you opened any emails in your mail app. I'd assume that these special emails had an interesting subject line to entice people. Even us tech guys can't be complacent and think that stuff like this couldn't happen to us when a few quick taps and it presto, we just did.

I have to say if you can remember that the apple mail never crashed, I'm impressed. Not that it never crashed but that you'd remember it. I can barely remember what I did last week!  :) Although if it never crashed so a crash was really notable that'd be cool, too. I don't recall Gmail crashing but I won't go so far as to say it never crashed. But like I say, I don't have a great memory.
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

fox

Quote from: Jason Wallwork on April 23, 2020, 04:21:46 AM
....
I have to say if you can remember that the apple mail never crashed, I'm impressed. Not that it never crashed but that you'd remember it. I can barely remember what I did last week!  :) Although if it never crashed so a crash was really notable that'd be cool, too. I don't recall Gmail crashing but I won't go so far as to say it never crashed. But like I say, I don't have a great memory.
I don't have a great memory either. I should have said that I don't ever remember it having crashed.  :)
Ubuntu 23.10 on 2019 5k iMac
Ubuntu 22.04 on Dell XPS 13