Earlier this year, researchers at Georgia Institute of Technology announced that it was possible to take control of an Apple iOS device without the consent of the device’s owner. These same researchers later presented their findings at the Black Hat hacker conference hosted in Las Vegas during the month of July.
The results of the Georgia Institute of Technology’s work culminates in the most significant security vulnerability every discovered in the operating system created by Apple.
What’s The Big Deal?
Most Apple users scoff at virus attacks. The closed nature of Apple’s code and system environments results in very few malicious software attacks against iOS users. The most dangerous thing an Apple iOS user can do that will jeopardize user data is to leave the device unlocked. Until now.
The Georgia Institute of Technology researchers have found a way to game the Apple system in such a way that merely plugging an iOS device into a rogue USB charger will initiate the attack. The vulnerability stems from the nature of Apple’s closed application ecosystem. iOS devices are designed to accept digitally signed and certified Apple applications or applications by developers that are assigned digital Apple signatures.
When the rogue USB charger connects to the iOS device an application is immediately installed. There are no signs that this program is installed or operating due to another of Apple’s developer tools that allows applications to be installed without screen indications or inclusion in applications lists. Once the rogue USB device installs the malicious application, all aspects of the iOS can be controlled remotely.
How Can You Protect An iOS Device From This Vulnerability?
There are several ways to protect an iOS device from the security vulnerability Georgia Institute of Technology researchers discovered. First, and most importantly, never charge your iOS device using a USB charger or computer that is not yours. The only way that this vulnerability becomes active is through compromised charging devices.
The other way to protect your iOS is to make sure the device is locked. If you must use an unknown USB charging system, do not unlock the device for any reason until disconnected from the charger.
Is Apple Working To Repair Their iOS?
Apple recognizes the significance of the new security vulnerability. Shortly after the discovery by researchers from Georgia Institute of Technology, Apple invited the group to review the newest version of Apple’s iOS and to consult on the closing of the security hole.