SlideShare a Scribd company logo

Apple Presentation.pptx

Download as PPTX, PDF
S
sivavelpula1234

Cracking app isolation on Apple devices is an intricate challenge due to the robust security measures implemented by the company. Apple employs a variety of mechanisms to ensure the isolation and integrity of applications, primarily through its sandboxing approach. Sandboxing restricts each app's access to system resources and other apps, limiting the potential damage that a compromised app could inflict on the device.

Engineering
1 of 11
Title: Cracking App Isolation on Apple: Unauthorized Cross- AppResource Access on MAC OS X and iOS. Authors: Wen Xu, Zhiwei Li, Le Yu, Hui Xue, Xiaolan Zhang, and Patrick Tague from the University of California, Santa Barbara
overview On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. However, it is less clear whether such isolation is effective against different kind of cross-app resource access attacks (XARA) This paper explores the research conducted on MAC OS X and iOS shows significant security weaknesses that allow a malicious app to gain unauthorized access to sensitive data from other apps. The vulnerabilities were found in various inter-app interaction services and the design of the App sandbox on OS X. These vulnerabilities are caused by the lack of app-to-app and app-to-OS authentications, making it difficult to protect sensitive data from unauthorized access. A scanner was developed to detect missing protection in app code, and a simple program was built to detect exploit attempts on OS X to protect vulnerable apps. The study highlights the importance of regular security assessments and the need for stronger app-to-app and app-to-OS authentications.
How app isolation works in popular operating systems App Sandboxing: The purpose of app sandboxing is to isolate apps and prevent unauthorized access to sensitive resources.  In Android, each app is assigned a unique user ID (UID) and runs as the user. Sensitive resources are assigned to Linux groups such as GPS, Audio, etc. and an app needs to request permission from the OS or user to access system resources.  On MAC OS X and iOS, app sandboxing is enforced through the Trusted BSD mandatory access control framework. All apps submitted to the MAC App Store are required to be sandboxed. The separation of apps is enforced through Trust BSD’s API interpositions. Each app is identified by its Apple ID, a two-part string that consists of a Team ID Apple assign to the app developer, and a Bundle ID supplied by the developer. An app within the sandbox has limited privileges and can only read and write files within its container and some public directories. Whenever use of resources such as network sockets, built-in camera, microphone, printer and other resources become necessary, the app explicitly requires them by declaring a set of entitlements within its property file. Among the small set of operations that a sandboxed app is allowed to do by default is the capabilities to perform some types of inter process communication (IPC). The Apple platforms support a variety of IPC channels, including traditional UNIX ones (e.g., pipe, UNIX domain socket, shared memory) and Apple-specific mechanisms like distributed objects, NS Connection in particular, and URL schemes. The NS Connection mechanism allows the client to invoke methods of the vended object and access its variables as if the object existed in the client process. Socket-based IPC is also available on OS X. Scheme is another unique IPC mechanism for both OS X and iOS.
 Critical security flaws, discovered in the OS X keychain, BID-based separation as well as various IPC channels, i.e., NSConnection, WebSocket and Scheme on both MAC OS X and iOS. Password Stealing We can observe security weakness in Apple's keychain service, which is used to store passwords and other credentials securely. The weakness allows a malicious app to bypass the isolation between apps and steal user credentials from other apps. The attack works by claiming an item in the keychain and crafting an access control list that includes the target app as a trusted app. The keychain then allows all operations to proceed, causing the target app to divulge its secrets to the attacker. Another flaw in keychain, which allows an existing keychain item to be deleted by an unauthorized sandboxed app
Container Cracking  Container cracking refers to a security vulnerability in the keychain of macOS, which allows a malicious application to gain access to the resources (e.g., passwords) of other sandboxed applications.  This vulnerability arises due to a weakness in the unique BID-based separation design on macOS. Each sandboxed app has a BID that needs to be unique, and once the app is installed, its BID is used to create a container directory that other sandboxed apps cannot touch.  However, the vulnerability arises because embedded programs within an app, such as a helper program or an XPC Service, also have their own BIDs and container directories.  The Mac App Store fails to verify whether a sub-target's BID is in conflict with those belonging to other apps or their sub- targets, except for the Apple reserved BIDs. This allows a malicious app to gain full access to other apps' containers, completely breaking its sandbox confinement.  In a study, researchers implemented endto-end attacks on high-profile apps, including Evernote, WeChat, QQ, and others, successfully stealing user data such as contacts, private notes, and message photos.
IPC Interception IPC interception refers to the act of an attacker intercepting inter-process communication (IPC) channels between two or more applications to gain unauthorized access to sensitive information. In this context, IPC refers to the channels through which different applications communicate with each other. Two specific types of IPC channels - NSConnection and WebSocket - have been found to have vulnerabilities that can be exploited by attackers. NSConnection is an Apple-specific IPC channel that allows one party to act as a server and share an object with other client apps. The problem with this channel is that there is no means for the apps to authenticate each other when they are using NSConnection. Therefore, a sandboxed app can easily impersonate the server or client of a target app to access sensitive resources. In the case of WebSocket, which is a generic protocol for a server and a client to establish a full-duplex single socket connection, a malicious program (with the network permission when it is sandboxed) can claim a port pre-emptively before the legitimate server does, in the absence of proper authentication. This enables the attacker to receive data from the target extension. Similarly, a malicious extension can impersonate the authorized one to talk to the local app through its port.
IOS Scheme hijacking  It relates to a security vulnerability on Apple platforms related to URL schemes. URL schemes are used by apps to define a protocol for communication with other apps. When a URL scheme is triggered within a webview instance inside another app or in the browser, an HTTP redirection is launched towards the "location" part of the URL, which activates the app claiming the scheme using the data delivered by the remaining part of the URL.  The problem is that when two different apps register the same URL scheme with the operating system, the conflict is resolved according to the nature of the scheme, and a malicious program can hijack a target app's scheme to get the service request or data sent to it. This vulnerability can be detected on OS X using certain APIs, but no corresponding API exists on iOS. As a result, all third-party apps running on iPhone and iPad are completely unprotected from this threat.
Challenges in Addressing XARA Problems  Addressing XARA problems is challenging because often the OS itself does not know how to protect the resource of a third-party app.  Proper interfaces may need to be given to the app developers to let them specify and enforce their individual policies.  This complexity means these security weaknesses will likely persist until Apple finds a way to work with developers to fix them.
Proposed approach: an automatic analysis tool has been built for detecting vulnerable apps and a measurement study that reveals the scope and magnitude of the XARA problem. Scanner App Design: The XARA scanner app inspects public information whenever a change to the system happens. For example, write to a file or installation of a new app to detect whether a service, resource, or channel claimed by one app has been hijacked by another. Our app registers file system event with API FSEvents, which is issued when a specific file has been modified. Specifically, the scanner monitors the keychain files under /Library/Keychains/ and ∼/Library/Keychains/. Whenever they’re modified, our app uses the API SecItemCopyMatching to find out whether a new item has been added, and if so further retrieves its ACL using SecACLCopyContents and inspects all the apps on the list. For Scheme and BID, the scanner keeps track of newly installed programs through the event API FSEvents. Whenever an app is installed, the scanner goes through its plist to find out whether the URL scheme it registers or the BIDs of its helper programs or XPC Services are in conflict with the ones already in the system. For NSConnection, our scanner redirects outputs of command syslog -w to get new system logs immediately after they are generated. Once it observes a failed attempt to register an existing object name or connect to an NSConnection server that serves another app, an alarm is triggered.
Limitations of the Scanner App: The scanner app has limitations. For example, it can only protect known channels and cannot prevent some attacks, such as those on NSConnection and WebSocket, from taking place. However, it can detect these attacks after the fact. A more heavyweight patch, such as uploading a kernel module to gain a closer monitoring of the events happening within apps, may be necessary for a more complete solution.
Conclusion  In conclusion, the paper identifies a new category of security weaknesses, XARA, that pose a serious threat to app isolation on modern operating systems.  The study conducted on Apple platforms reveals the pervasiveness of this threat, and the significant impacts it can have on critical system services and channels.  The lack of authentication during app-to-app and app to-system interactions is identified as the root cause of this problem.  The paper proposes new techniques to detect and mitigate this threat, contributing to a better understanding of this understudied security problem.  The development of a more effective app isolation mechanism on future operating systems is essential to prevent the leakage of sensitive information.

Recommended

Remote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for AndroidRemote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for Android
IBM Security
 
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORMDMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
csandit
 
Mediating Applications on the Android System
Mediating Applications on the Android SystemMediating Applications on the Android System
Mediating Applications on the Android System
Nizar Maan
 
OWASP for iOS
OWASP for iOSOWASP for iOS
OWASP for iOS
Phineas Huang
 
BDSE03-1121-API-PresentationTemplate.pptx
BDSE03-1121-API-PresentationTemplate.pptxBDSE03-1121-API-PresentationTemplate.pptx
BDSE03-1121-API-PresentationTemplate.pptx
SudhanshuKachhotia
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-Apps
Martin Georgiev
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Vaibhav Gupta
 

Recommended

Remote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for AndroidRemote Exploitation of the Dropbox SDK for Android
Remote Exploitation of the Dropbox SDK for Android
IBM Security
 
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORMDMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
DMIA: A MALWARE DETECTION SYSTEM ON IOS PLATFORM
csandit
 
Mediating Applications on the Android System
Mediating Applications on the Android SystemMediating Applications on the Android System
Mediating Applications on the Android System
Nizar Maan
 
OWASP for iOS
OWASP for iOSOWASP for iOS
OWASP for iOS
Phineas Huang
 
BDSE03-1121-API-PresentationTemplate.pptx
BDSE03-1121-API-PresentationTemplate.pptxBDSE03-1121-API-PresentationTemplate.pptx
BDSE03-1121-API-PresentationTemplate.pptx
SudhanshuKachhotia
 
Rethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-AppsRethinking-Security-of-Web-Based-System-Apps
Rethinking-Security-of-Web-Based-System-Apps
Martin Georgiev
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Vaibhav Gupta
 
Apple threat-landscape
Apple threat-landscapeApple threat-landscape
Apple threat-landscape
Andrey Apuhtin
 
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Swati Patel
 
website phishing by NR
website phishing by NRwebsite phishing by NR
website phishing by NR
NARESH GUMMAGUTTA
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
Sergey Kochergan
 
csmalware_malware
csmalware_malwarecsmalware_malware
csmalware_malware
Joshua Saxe
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
GTestClub
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
Shubhneet Goel
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
Ishan Girdhar
 
1780 1783
1780 17831780 1783
1780 1783
Editor IJARCET
 
1780 1783
1780 17831780 1783
1780 1783
Editor IJARCET
 
A26001006
A26001006A26001006
A26001006
IJERA Editor
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applications
ijsptm
 
breaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-controlbreaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-control
Martin Georgiev
 
Pentesting iOS Applications
Pentesting iOS ApplicationsPentesting iOS Applications
Pentesting iOS Applications
jasonhaddix
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacks
High-Tech Bridge SA (HTBridge)
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
Brent Muir
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentals
John Smith
 
Detection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacksDetection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacks
Amina WADDIZ
 
PROP - P ATRONAGE OF PHP W EB A PPLICATIONS
PROP - P ATRONAGE OF PHP W EB A PPLICATIONSPROP - P ATRONAGE OF PHP W EB A PPLICATIONS
PROP - P ATRONAGE OF PHP W EB A PPLICATIONS
ijcsit
 
Application Attacks & Application Layer Attacks
Application Attacks & Application Layer AttacksApplication Attacks & Application Layer Attacks
Application Attacks & Application Layer Attacks
LearningwithRayYT
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
JiananWang21
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 

More Related Content

Similar to Apple Presentation.pptx

Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Swati Patel
 
csmalware_malware
csmalware_malwarecsmalware_malware
csmalware_malware
Joshua Saxe
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
GTestClub
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
Shubhneet Goel
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applications
ijsptm
 
breaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-controlbreaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-control
Martin Georgiev
 
Detection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacksDetection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacks
Amina WADDIZ
 

Similar to Apple Presentation.pptx (20)

Apple threat-landscape
Apple threat-landscapeApple threat-landscape
Apple threat-landscape
 
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript ProgramsSoftware Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
Software Birthmark Based Theft/Similarity Comparisons of JavaScript Programs
 
website phishing by NR
website phishing by NRwebsite phishing by NR
website phishing by NR
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
 
csmalware_malware
csmalware_malwarecsmalware_malware
csmalware_malware
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
 
Mobile application security
Mobile application securityMobile application security
Mobile application security
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
1780 1783
1780 17831780 1783
1780 1783
 
1780 1783
1780 17831780 1783
1780 1783
 
A26001006
A26001006A26001006
A26001006
 
Sqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applicationsSqlas tool to detect and prevent attacks in php web applications
Sqlas tool to detect and prevent attacks in php web applications
 
breaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-controlbreaking-and-fixing-origin-based-access-control
breaking-and-fixing-origin-based-access-control
 
Pentesting iOS Applications
Pentesting iOS ApplicationsPentesting iOS Applications
Pentesting iOS Applications
 
Become fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacksBecome fully aware of the potential dangers of ActiveX attacks
Become fully aware of the potential dangers of ActiveX attacks
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Android application fundamentals
Android application fundamentalsAndroid application fundamentals
Android application fundamentals
 
Detection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacksDetection of Android Third Party Libraries based attacks
Detection of Android Third Party Libraries based attacks
 
PROP - P ATRONAGE OF PHP W EB A PPLICATIONS
PROP - P ATRONAGE OF PHP W EB A PPLICATIONSPROP - P ATRONAGE OF PHP W EB A PPLICATIONS
PROP - P ATRONAGE OF PHP W EB A PPLICATIONS
 
Application Attacks & Application Layer Attacks
Application Attacks & Application Layer AttacksApplication Attacks & Application Layer Attacks
Application Attacks & Application Layer Attacks
 

Recently uploaded

Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Christo Ananth
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Christo Ananth
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Dr.Costas Sachpazis
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 

Recently uploaded (20)

data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 

Apple Presentation.pptx

  • 1. Title: Cracking App Isolation on Apple: Unauthorized Cross- AppResource Access on MAC OS X and iOS. Authors: Wen Xu, Zhiwei Li, Le Yu, Hui Xue, Xiaolan Zhang, and Patrick Tague from the University of California, Santa Barbara
  • 2. overview On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. However, it is less clear whether such isolation is effective against different kind of cross-app resource access attacks (XARA) This paper explores the research conducted on MAC OS X and iOS shows significant security weaknesses that allow a malicious app to gain unauthorized access to sensitive data from other apps. The vulnerabilities were found in various inter-app interaction services and the design of the App sandbox on OS X. These vulnerabilities are caused by the lack of app-to-app and app-to-OS authentications, making it difficult to protect sensitive data from unauthorized access. A scanner was developed to detect missing protection in app code, and a simple program was built to detect exploit attempts on OS X to protect vulnerable apps. The study highlights the importance of regular security assessments and the need for stronger app-to-app and app-to-OS authentications.
  • 3. How app isolation works in popular operating systems App Sandboxing: The purpose of app sandboxing is to isolate apps and prevent unauthorized access to sensitive resources.  In Android, each app is assigned a unique user ID (UID) and runs as the user. Sensitive resources are assigned to Linux groups such as GPS, Audio, etc. and an app needs to request permission from the OS or user to access system resources.  On MAC OS X and iOS, app sandboxing is enforced through the Trusted BSD mandatory access control framework. All apps submitted to the MAC App Store are required to be sandboxed. The separation of apps is enforced through Trust BSD’s API interpositions. Each app is identified by its Apple ID, a two-part string that consists of a Team ID Apple assign to the app developer, and a Bundle ID supplied by the developer. An app within the sandbox has limited privileges and can only read and write files within its container and some public directories. Whenever use of resources such as network sockets, built-in camera, microphone, printer and other resources become necessary, the app explicitly requires them by declaring a set of entitlements within its property file. Among the small set of operations that a sandboxed app is allowed to do by default is the capabilities to perform some types of inter process communication (IPC). The Apple platforms support a variety of IPC channels, including traditional UNIX ones (e.g., pipe, UNIX domain socket, shared memory) and Apple-specific mechanisms like distributed objects, NS Connection in particular, and URL schemes. The NS Connection mechanism allows the client to invoke methods of the vended object and access its variables as if the object existed in the client process. Socket-based IPC is also available on OS X. Scheme is another unique IPC mechanism for both OS X and iOS.
  • 4.  Critical security flaws, discovered in the OS X keychain, BID-based separation as well as various IPC channels, i.e., NSConnection, WebSocket and Scheme on both MAC OS X and iOS. Password Stealing We can observe security weakness in Apple's keychain service, which is used to store passwords and other credentials securely. The weakness allows a malicious app to bypass the isolation between apps and steal user credentials from other apps. The attack works by claiming an item in the keychain and crafting an access control list that includes the target app as a trusted app. The keychain then allows all operations to proceed, causing the target app to divulge its secrets to the attacker. Another flaw in keychain, which allows an existing keychain item to be deleted by an unauthorized sandboxed app
  • 5. Container Cracking  Container cracking refers to a security vulnerability in the keychain of macOS, which allows a malicious application to gain access to the resources (e.g., passwords) of other sandboxed applications.  This vulnerability arises due to a weakness in the unique BID-based separation design on macOS. Each sandboxed app has a BID that needs to be unique, and once the app is installed, its BID is used to create a container directory that other sandboxed apps cannot touch.  However, the vulnerability arises because embedded programs within an app, such as a helper program or an XPC Service, also have their own BIDs and container directories.  The Mac App Store fails to verify whether a sub-target's BID is in conflict with those belonging to other apps or their sub- targets, except for the Apple reserved BIDs. This allows a malicious app to gain full access to other apps' containers, completely breaking its sandbox confinement.  In a study, researchers implemented endto-end attacks on high-profile apps, including Evernote, WeChat, QQ, and others, successfully stealing user data such as contacts, private notes, and message photos.
  • 6. IPC Interception IPC interception refers to the act of an attacker intercepting inter-process communication (IPC) channels between two or more applications to gain unauthorized access to sensitive information. In this context, IPC refers to the channels through which different applications communicate with each other. Two specific types of IPC channels - NSConnection and WebSocket - have been found to have vulnerabilities that can be exploited by attackers. NSConnection is an Apple-specific IPC channel that allows one party to act as a server and share an object with other client apps. The problem with this channel is that there is no means for the apps to authenticate each other when they are using NSConnection. Therefore, a sandboxed app can easily impersonate the server or client of a target app to access sensitive resources. In the case of WebSocket, which is a generic protocol for a server and a client to establish a full-duplex single socket connection, a malicious program (with the network permission when it is sandboxed) can claim a port pre-emptively before the legitimate server does, in the absence of proper authentication. This enables the attacker to receive data from the target extension. Similarly, a malicious extension can impersonate the authorized one to talk to the local app through its port.
  • 7. IOS Scheme hijacking  It relates to a security vulnerability on Apple platforms related to URL schemes. URL schemes are used by apps to define a protocol for communication with other apps. When a URL scheme is triggered within a webview instance inside another app or in the browser, an HTTP redirection is launched towards the "location" part of the URL, which activates the app claiming the scheme using the data delivered by the remaining part of the URL.  The problem is that when two different apps register the same URL scheme with the operating system, the conflict is resolved according to the nature of the scheme, and a malicious program can hijack a target app's scheme to get the service request or data sent to it. This vulnerability can be detected on OS X using certain APIs, but no corresponding API exists on iOS. As a result, all third-party apps running on iPhone and iPad are completely unprotected from this threat.
  • 8. Challenges in Addressing XARA Problems  Addressing XARA problems is challenging because often the OS itself does not know how to protect the resource of a third-party app.  Proper interfaces may need to be given to the app developers to let them specify and enforce their individual policies.  This complexity means these security weaknesses will likely persist until Apple finds a way to work with developers to fix them.
  • 9. Proposed approach: an automatic analysis tool has been built for detecting vulnerable apps and a measurement study that reveals the scope and magnitude of the XARA problem. Scanner App Design: The XARA scanner app inspects public information whenever a change to the system happens. For example, write to a file or installation of a new app to detect whether a service, resource, or channel claimed by one app has been hijacked by another. Our app registers file system event with API FSEvents, which is issued when a specific file has been modified. Specifically, the scanner monitors the keychain files under /Library/Keychains/ and ∼/Library/Keychains/. Whenever they’re modified, our app uses the API SecItemCopyMatching to find out whether a new item has been added, and if so further retrieves its ACL using SecACLCopyContents and inspects all the apps on the list. For Scheme and BID, the scanner keeps track of newly installed programs through the event API FSEvents. Whenever an app is installed, the scanner goes through its plist to find out whether the URL scheme it registers or the BIDs of its helper programs or XPC Services are in conflict with the ones already in the system. For NSConnection, our scanner redirects outputs of command syslog -w to get new system logs immediately after they are generated. Once it observes a failed attempt to register an existing object name or connect to an NSConnection server that serves another app, an alarm is triggered.
  • 10. Limitations of the Scanner App: The scanner app has limitations. For example, it can only protect known channels and cannot prevent some attacks, such as those on NSConnection and WebSocket, from taking place. However, it can detect these attacks after the fact. A more heavyweight patch, such as uploading a kernel module to gain a closer monitoring of the events happening within apps, may be necessary for a more complete solution.
  • 11. Conclusion  In conclusion, the paper identifies a new category of security weaknesses, XARA, that pose a serious threat to app isolation on modern operating systems.  The study conducted on Apple platforms reveals the pervasiveness of this threat, and the significant impacts it can have on critical system services and channels.  The lack of authentication during app-to-app and app to-system interactions is identified as the root cause of this problem.  The paper proposes new techniques to detect and mitigate this threat, contributing to a better understanding of this understudied security problem.  The development of a more effective app isolation mechanism on future operating systems is essential to prevent the leakage of sensitive information.