Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»General Discussion»On the Timing of iOS’s SS...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

General Discussion

Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums

Jesus Malverde

(10,274 posts) Sun Feb 23, 2014, 03:13 PM Feb 2014

On the Timing of iOS’s SSL Vulnerability and Apple’s ‘Addition’ to the NSA’s PRISM Program

the SSL vulnerability was introduced in iOS 6.0. It is not present in 5.1.1 and is in 6.0.

iOS 6.0 shipped on 24 September 2012.

According to slide 6 in the leaked PowerPoint deck on NSA’s PRISM program, Apple was “added” in October 2012.

These three facts prove nothing; it’s purely circumstantial. But the shoe fits.

Sure would be interesting to know who added that spurious line of code to the file. Conspiratorially, one could suppose the NSA planted the bug, through an employee mole, perhaps. Innocuously, the Occam’s Razor explanation would be that this was an inadvertent error on the part of an Apple engineer. It looks like the sort of bug that could result from a merge gone bad, duplicating the goto fail; line.

I see five levels of paranoia:


1. Nothing. The NSA was not aware of this vulnerability.
2. The NSA knew about it, but never exploited it.
3. The NSA knew about it, and exploited it.
4. NSA itself planted it surreptitiously.
5. Apple, complicit with the NSA, added it.


http://daringfireball.net/2014/02/apple_prism

Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS


http://support.apple.com/kb/HT6147?viewlocale=en_US&locale=en_US
InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 7 replies, 1163 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (0) ReplyReply to this post
7 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
On the Timing of iOS’s SSL Vulnerability and Apple’s ‘Addition’ to the NSA’s PRISM Program (Original Post) Jesus Malverde Feb 2014 OP
If it's under revision control, they should be able to retrieve who did it. bemildred Feb 2014 #1
I'm sure they know Jesus Malverde Feb 2014 #3
So they release the bad code fragment, but not how it got there? bemildred Feb 2014 #5
Looks like apple actually open sourced this code. Jesus Malverde Feb 2014 #6
Nothing wrong with that, as such. bemildred Feb 2014 #7
And what does the timing of the patch say? ( n/t ) Make7 Feb 2014 #2
It's curious Jesus Malverde Feb 2014 #4

bemildred

(90,061 posts)
1. If it's under revision control, they should be able to retrieve who did it.
Reply to Jesus Malverde (Original post)
Sun Feb 23, 2014, 03:19 PM
Feb 2014

And if it isn't they need to ask why not? It should be.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Jesus Malverde

(10,274 posts)
3. I'm sure they know
Reply to bemildred (Reply #1)
Sun Feb 23, 2014, 03:21 PM
Feb 2014

They are unlikely to tell us, and its unlikely the government inquire.

We do know the NSA is sitting on a bunch of Zero day exploits that they are keeping unpatched.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

bemildred

(90,061 posts)
5. So they release the bad code fragment, but not how it got there?
Reply to Jesus Malverde (Reply #3)
Sun Feb 23, 2014, 03:30 PM
Feb 2014

How subtle.

It looks like an accident, but it circumvents that final test. I've done that to myself more than once, both on purpose and by accident. One time was actually in some authentication code I was writing (that one was an accident).

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

bemildred

(90,061 posts)
7. Nothing wrong with that, as such.
Reply to Jesus Malverde (Reply #6)
Sun Feb 23, 2014, 03:48 PM
Feb 2014

But you have to have revision control once you field it or I'm done trying to figure it out.

And with revision control, you should be able to see what changed and how, and that might help understand how it got there. If there was a prior test that got deleted and left the goto, that would suggest coding error. If not, maybe not.

I don't like goto much, but I found myself using it in authentication dialogs because of the way they work, everything else was uglier.

But Apple may not want to get to close to the idea they are not wizards, hence the silence, they can let NSA take the heat.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Jesus Malverde

(10,274 posts)
4. It's curious
Reply to Make7 (Reply #2)
Sun Feb 23, 2014, 03:26 PM
Feb 2014
We don't know how the bug was found. They don't credit anyone in the security bulletin. It's possible that they found it in an internal code review. It's possible a third party found it and brought it to Apple's attention (although normally you would expect that party to be credited). It's possible they became aware of exploits of the bug and haven't disclosed the fact. This last possibility might also explain why only iOS was patched so far, if perhaps the exploits are somehow only targeting iOS. But I'm speculating, which is all I can do when Apple leaves an information vacuum.

Another sign that Apple views this as an über-high priority bug: They also issued a patch for iOS 6. Apple doesn't want any users on iOS 6 and likes to brag about how quickly iOS users migrate to the next major version. Over two months ago Apple claimed that 74 percent of iOS devices were running iOS 7. There hasn't been a security update for iOS 6 in almost a year. I'm sure Apple doesn't want to do anything to make it easier for iOS users to stay on iOS 6, but they patched it anyhow. That's how serious it is.


http://www.zdnet.com/apple-and-the-ssltls-bug-open-questions-7000026628/
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»General Discussion»On the Timing of iOS’s SS...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.