A security researcher has released details of a number of vulnerabilities that allow apps to access sensitive user data – and apparently can continue to be used on iOS 15. A security researcher has reported four zero-day vulnerabilities to Apple in the spring, nicknamed the “Illusion”. However, the manufacturer only removed one of them with iOS 14.7, without documenting it in public safety release notes – and perhaps not rewarding it with the Buck Pound program.
It is said that there was no reaction from Apple
Apple initially apologized and promised to add vulnerability – but that did not happen, and the other three holes are still open. A new request was not answered a few days ago, Writes illusionThat’s why he decided to publish it. He published the code in Kitub as “proof of opinion” so that errors could be used.
The biggest problem seems to be in Apple’s Game Network Game Center: the apps installed from the App Store can read the email address and full name of the user’s Apple ID, among others. You can also access the “Core Duet” database, which provides insight into the user’s communication: it contains a list of metadata such as timestamps and contacts on which messages are exchanged via iMessage, mail and third party messengers.
In iOS 14.8 the entire address book database can be read without the user’s permission – Apple has quietly fixed the latter in iOS 15. Access is possible if the Game Center is not enabled on the device.
Review of the error bounty scheme
The other two published bugs can give an app with existing location sharing access to WiFi names and can check if some apps are installed on the device. Bug Fixed With iOS 14.7, Applications Enabled to Read Analysis Data Recorded by Device. According to a security researcher, these may contain sensitivity data – even health data of health. In the data protection settings under “Analysis and Improvements” / “Analysis Data”, users can check for themselves what the system is recording; No important information is available on the two iPhones of the Mac & I editorial team.
There have been criticisms of Apple’s bug bounty program for a long time. In recent months, more and more security researchers have revealed their disappointing experiences – it is said that Apple is slow or inactive to bug reports and wants to pay less for bugs than advertised.
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”