Alleged IOS backdoors

coderman coderman at gmail.com
Tue Jul 22 12:48:35 PDT 2014


On Tue, Jul 22, 2014 at 5:21 AM, Georgi Guninski <guninski at guninski.com> wrote:
> Alleged IOS backdoors
>
> http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms.pdf
>
> Identifying Back Doors, Attack
> Points, and Surveillance
> Mechanisms in iOS Devices

note that Google is no better. back in 2011 i reported the abuse of
Google Voice Search as easily accessible (no permissions required) and
excellent for eavesdropping (always on should not be possible).

the more things change, the more they stay the same ;)

best regards,


---

'... nearly all Android devices equipped with Google Services
Framework can be affected by GVS-Attack'


http://arxiv.org/abs/1407.4923
"""
Previous research about sensor based attacks on Android platform
focused mainly on accessing or controlling over sensitive device
components, such as camera, microphone and GPS. These approaches get
data from sensors directly and need corresponding sensor invoking
permissions.

This paper presents a novel approach (GVS-Attack) to launch permission
bypassing attacks from a zero permission Android application
(VoicEmployer) through the speaker. The idea of GVS-Attack utilizes an
Android system built-in voice assistant module -- Google Voice Search.
Through Android Intent mechanism, VoicEmployer triggers Google Voice
Search to the foreground, and then plays prepared audio files (like
"call number 1234 5678") in the background. Google Voice Search can
recognize this voice command and execute corresponding operations.
With ingenious designs, our GVS-Attack can forge SMS/Email, access
privacy information, transmit sensitive data and achieve remote
control without any permission.

Also we found a vulnerability of status checking in Google Search app,
which can be utilized by GVS-Attack to dial arbitrary numbers even
when the phone is securely locked with password. A prototype of
VoicEmployer has been implemented to demonstrate the feasibility of
GVS-Attack in real world. In theory, nearly all Android devices
equipped with Google Services Framework can be affected by GVS-Attack.
This study may inspire application developers and researchers rethink
that zero permission doesn't mean safety and the speaker can be
treated as a new attack surface.
"""



More information about the cypherpunks mailing list