Identifying Data Leaks in iOS Applications

Понравилась презентация – покажи это...

Слайд 0

Identifying Data Leaks in iOS ApplicationS

Слайд 1

Many iOS applications unintentionally leak data to other applications or adversaries with access to the filesystem. This typically occurs when a developer uses an API that has side effects the developer is not aware of and, therefore, does not take preventative measures to secure the data.

Слайд 2

Here we look at some of the ways a developer using the iOS APIs may inadvertently leak sensitive application data.

Слайд 3

lEAKinG DAtA in ApplicAtiOn lOGS

Слайд 4

Logging can prove to be a valuable resource for debugging during development. However, in some cases, it can leak sensitive or proprietary information, which is then cached on the device until the next reboot. [20:29:16.6732] requested restore behavior: Update [20:29:16.6743] requested variant: Update [20:29:16.6752] requested restore behavior: Update [20:29:16.6762] failed to find key FDRSupport in variant

Слайд 5


Слайд 6

Many developers want to offer users the ability to copy and paste data. If the pasteboard is used to copy sensitive data, depending on how it is implemented, data could be leaked from the pasteboard to other third-party applications.

Слайд 7

HAnDlinG ApplicAtiOn StAtE tRAnSitiOnS

Слайд 8

When an application is suspended in the background (for example, if the user receives an incoming call), iOS takes a snapshot of the app and stores it in the application’s cache directory. When the application is reopened, the device uses the screenshot to create the illusion that the application loads instantly. Any system that can be paired with the device can access the snapshot. - (void)applicationDidEnterBackground: (UIApplication *)application

Слайд 9


Слайд 10

iOS customizes the autocorrect feature by caching input that is typed into the device’s keyboard. Almost every non-numeric word is cached on the filesystem in plaintext in the keyboard cache file. This means that application data you wouldn’t want to be cached—such as usernames, passwords, and answers to security questions—could be inadvertently stored in the keyboard cache. pass password1 Q W E R T Y U passing I O P

Слайд 11

Http RESpOnSE cAcHinG

Слайд 12

cfurl_cache_blob data cfurl_cache_ response cfurl_cache_ receiver_data cfurl_cache_ schema_version To display a remote website, an iOS application often uses a UIWebView to render the HTML content. Depending on how the URL loading is implemented, a UIWebView can cache server responses to the local filesystem. When sensitive content is returned in server responses, it could potentially be stored in the cache database.

Слайд 13

Find out more about iOS application vulnerabilities and how to write secure iOS apps in The Mobile Application Hacker’s Handbook by Dominic chell, tyrone Erasmus, Shaun colley, and Ollie Whitehouse

Слайд 14