1 00:00:11,900 --> 00:00:16,500 okay it's a good morning everyone I hope 2 00:00:14,580 --> 00:00:19,070 you enjoyed the conference so far and 3 00:00:16,500 --> 00:00:22,080 thanks for joining today's session so 4 00:00:19,070 --> 00:00:24,990 I'm Yael meat and CTO and co-founder of 5 00:00:22,080 --> 00:00:28,439 sky Keough which got acquired roughly a 6 00:00:24,990 --> 00:00:30,959 year ago by Symantec and ever since I 7 00:00:28,439 --> 00:00:33,570 serve as vice president of modern OS 8 00:00:30,960 --> 00:00:35,489 security which is natural what we do is 9 00:00:33,570 --> 00:00:39,329 research and also develop security 10 00:00:35,489 --> 00:00:43,949 solutions for modern OS such as iOS and 11 00:00:39,329 --> 00:00:47,190 Android hey I'm a voyeur Yankee and I 12 00:00:43,950 --> 00:00:50,180 have more than 10 years of experience in 13 00:00:47,190 --> 00:00:53,599 the security industry I joined the Ale 14 00:00:50,180 --> 00:00:58,290 as part of the first Europa task IQ 15 00:00:53,600 --> 00:01:00,540 about six years ago and since then I was 16 00:00:58,290 --> 00:01:03,629 working at schedule today I'm leading 17 00:01:00,540 --> 00:01:08,340 the little steam off had a modern life 18 00:01:03,630 --> 00:01:10,259 and division at Symantec ok so today we 19 00:01:08,340 --> 00:01:12,600 are here to talk about iOS trust 20 00:01:10,259 --> 00:01:14,790 checking and I must say that the one of 21 00:01:12,600 --> 00:01:17,070 the things I find pretty interesting 22 00:01:14,790 --> 00:01:18,990 about that research is that it's 23 00:01:17,070 --> 00:01:22,440 actually we're going to discuss a 24 00:01:18,990 --> 00:01:25,800 variety of features and design decisions 25 00:01:22,440 --> 00:01:28,798 in iOS that each of them look by itself 26 00:01:25,800 --> 00:01:31,950 is totally legitimate and benign but as 27 00:01:28,799 --> 00:01:33,990 well so today in the presentation when 28 00:01:31,950 --> 00:01:37,080 you combine all of those together you 29 00:01:33,990 --> 00:01:40,649 come you come into concerning and 30 00:01:37,080 --> 00:01:43,350 certainly unexpected attacks against iOS 31 00:01:40,650 --> 00:01:46,200 devices so what we plan to do today in a 32 00:01:43,350 --> 00:01:47,640 nutshell is first of all you know give 33 00:01:46,200 --> 00:01:49,740 you the background for how we got to 34 00:01:47,640 --> 00:01:51,869 this research as well as discuss some 35 00:01:49,740 --> 00:01:53,908 technical details that are the 36 00:01:51,869 --> 00:01:55,650 foundation of a lot of the features 37 00:01:53,909 --> 00:01:59,610 we'll be discussing today a lot of the 38 00:01:55,650 --> 00:02:02,670 attacks then will we discuss what iOS 39 00:01:59,610 --> 00:02:05,729 rush trust jacking is and then come and 40 00:02:02,670 --> 00:02:08,000 give you a bunch of demonstrations that 41 00:02:05,729 --> 00:02:11,610 show real world potential attacks 42 00:02:08,000 --> 00:02:13,439 against iOS devices will conclude with 43 00:02:11,610 --> 00:02:15,840 you know summary and some 44 00:02:13,439 --> 00:02:17,909 recommendations for individuals for 45 00:02:15,840 --> 00:02:20,189 organizations and for developers to 46 00:02:17,909 --> 00:02:20,739 mitigate the problems as well as this 47 00:02:20,189 --> 00:02:23,040 car 48 00:02:20,740 --> 00:02:25,870 some of the changes Apple has done 49 00:02:23,040 --> 00:02:28,299 following our responsible and 50 00:02:25,870 --> 00:02:34,510 coordinated disclosure process around 51 00:02:28,300 --> 00:02:38,170 this issue so let's start with the story 52 00:02:34,510 --> 00:02:40,030 of a how which started looking on this 53 00:02:38,170 --> 00:02:42,970 kind of a feature for one day I was 54 00:02:40,030 --> 00:02:45,820 working at the office with several 55 00:02:42,970 --> 00:02:48,520 devices connected to my computer and I 56 00:02:45,820 --> 00:02:51,160 wanted to view the system logs of one of 57 00:02:48,520 --> 00:02:54,340 the devices so it was a very cool 58 00:02:51,160 --> 00:02:57,270 library called the Lib I mobile device 59 00:02:54,340 --> 00:03:00,060 which lets you do a lot of stuff with 60 00:02:57,270 --> 00:03:05,020 iOS devices and will see it in the 61 00:03:00,060 --> 00:03:08,830 continuum of the presentation and and I 62 00:03:05,020 --> 00:03:12,760 just use a command lets me view the log 63 00:03:08,830 --> 00:03:17,380 so I used it and started think some logs 64 00:03:12,760 --> 00:03:19,329 roll into my console and and when I 65 00:03:17,380 --> 00:03:23,109 started playing with the device I 66 00:03:19,330 --> 00:03:25,510 suddenly said the logs weren't correlate 67 00:03:23,110 --> 00:03:30,130 with what I didn't device which was a 68 00:03:25,510 --> 00:03:33,040 bit well so I started looking deeply 69 00:03:30,130 --> 00:03:35,290 into it and they found out the logs are 70 00:03:33,040 --> 00:03:37,480 not the lots of the device at all if it 71 00:03:35,290 --> 00:03:40,540 is connected to my computer but other 72 00:03:37,480 --> 00:03:43,030 lots of another device which one of my 73 00:03:40,540 --> 00:03:46,720 team leader in front of my team members 74 00:03:43,030 --> 00:03:51,370 that was in another woman 75 00:03:46,720 --> 00:03:54,040 of it and so this got me thinking a sigh 76 00:03:51,370 --> 00:03:58,630 and try to a look and start to look on 77 00:03:54,040 --> 00:04:01,810 what happened then and this getting gets 78 00:03:58,630 --> 00:04:05,470 into this ethers because we want to see 79 00:04:01,810 --> 00:04:09,810 what happened there and what an attacker 80 00:04:05,470 --> 00:04:13,960 can do with such an access to a device 81 00:04:09,810 --> 00:04:15,820 so started a quick background on what 82 00:04:13,960 --> 00:04:18,220 happened behind the scene when a device 83 00:04:15,820 --> 00:04:21,608 connected to a new computer or computer 84 00:04:18,220 --> 00:04:25,720 all of the arrows so there are several 85 00:04:21,608 --> 00:04:28,000 demons that kick into action right when 86 00:04:25,720 --> 00:04:31,360 you connect your device to computer the 87 00:04:28,000 --> 00:04:35,610 first demon if the USB daemon which 88 00:04:31,360 --> 00:04:39,070 basically look for the Devon you a 89 00:04:35,610 --> 00:04:42,700 device on the other side it will start 90 00:04:39,070 --> 00:04:45,190 charging port of and start the initial 91 00:04:42,700 --> 00:04:48,490 communication between the computer and 92 00:04:45,190 --> 00:04:51,190 the device and just out all the fan 93 00:04:48,490 --> 00:04:54,390 sessions the youth B MOOC is a very very 94 00:04:51,190 --> 00:04:56,680 important demon here which allows 95 00:04:54,390 --> 00:05:01,800 multiplexing a lot of different 96 00:04:56,680 --> 00:05:06,160 connections above the same USB 97 00:05:01,800 --> 00:05:08,680 connection lockdown demon if another 98 00:05:06,160 --> 00:05:15,270 demon that allows running services on 99 00:05:08,680 --> 00:05:19,180 the remote on the remote device and also 100 00:05:15,270 --> 00:05:23,370 is taking a very significant part in the 101 00:05:19,180 --> 00:05:27,910 authentication mechanism and of the 102 00:05:23,370 --> 00:05:30,640 demon that that in charge of the 103 00:05:27,910 --> 00:05:34,330 authentication of the device and 104 00:05:30,640 --> 00:05:38,289 creating this relation between the iOS 105 00:05:34,330 --> 00:05:40,120 device and the computer so let's let's 106 00:05:38,290 --> 00:05:43,950 start by discussing some previous 107 00:05:40,120 --> 00:05:46,750 attacks around you know connected 108 00:05:43,950 --> 00:05:48,940 devices so the first one is actually a 109 00:05:46,750 --> 00:05:50,620 serious of different publications that 110 00:05:48,940 --> 00:05:54,040 took place at the beginning of that 111 00:05:50,620 --> 00:05:55,630 decades those publications talked about 112 00:05:54,040 --> 00:05:59,110 the notion especially in the early days 113 00:05:55,630 --> 00:06:00,760 of iOS devices that you know the USB 114 00:05:59,110 --> 00:06:04,419 cable that is obviously used for 115 00:06:00,760 --> 00:06:07,390 charging our devices is also a very 116 00:06:04,419 --> 00:06:10,630 important vehicle that has a data 117 00:06:07,390 --> 00:06:12,909 channel right so in those cases one 118 00:06:10,630 --> 00:06:16,000 would create a malicious charger okay 119 00:06:12,910 --> 00:06:18,940 and then when a user of a new iPhone 120 00:06:16,000 --> 00:06:20,530 iPad etc would connect his device to the 121 00:06:18,940 --> 00:06:23,620 charger the chowder 122 00:06:20,530 --> 00:06:27,369 could have no soul data changed data 123 00:06:23,620 --> 00:06:31,680 side of the malicious app etc and one 124 00:06:27,370 --> 00:06:34,450 things up in up indeed I think iOS 7 is 125 00:06:31,680 --> 00:06:36,340 the following dialogue what can you 126 00:06:34,450 --> 00:06:38,979 please read us what is showing up in the 127 00:06:36,340 --> 00:06:41,260 dialogue yeah so we said tractive 128 00:06:38,979 --> 00:06:43,360 computer your settings and data will be 129 00:06:41,260 --> 00:06:45,340 accessible from this computer when 130 00:06:43,360 --> 00:06:47,680 connected and you have a choice whether 131 00:06:45,340 --> 00:06:49,599 you want to trust or don't trust and the 132 00:06:47,680 --> 00:06:52,450 control so also the bath looks like a 133 00:06:49,599 --> 00:06:53,890 way to make us a well that if we connect 134 00:06:52,450 --> 00:06:55,840 to something that we don't trust 135 00:06:53,890 --> 00:06:57,909 maybe we shouldn't trust it if we want 136 00:06:55,840 --> 00:07:02,560 we can trust it so how many of you are 137 00:06:57,910 --> 00:07:06,010 OS users by the way well quite a lot how 138 00:07:02,560 --> 00:07:08,680 many of you have seen that dialogue ok 139 00:07:06,010 --> 00:07:09,690 everyone how many of you have ever in 140 00:07:08,680 --> 00:07:14,940 anything 141 00:07:09,690 --> 00:07:17,520 click on the trust button awesome I see 142 00:07:14,940 --> 00:07:21,840 almost everyone raising the head and the 143 00:07:17,520 --> 00:07:24,930 ones that don't I suspect your input but 144 00:07:21,840 --> 00:07:27,090 thank you okay so so let's continue and 145 00:07:24,930 --> 00:07:29,430 talk about another another issue that 146 00:07:27,090 --> 00:07:32,130 has rised over the years and this is 147 00:07:29,430 --> 00:07:34,920 video jacking in natural it's another 148 00:07:32,130 --> 00:07:37,830 incarnation of the notion of connected 149 00:07:34,920 --> 00:07:40,650 devices so if you think about the 150 00:07:37,830 --> 00:07:43,650 Lightning connection in iOS devices 151 00:07:40,650 --> 00:07:46,260 it obviously charges your device it has 152 00:07:43,650 --> 00:07:48,690 a data channel right but it is also 153 00:07:46,260 --> 00:07:51,450 supporting video output capabilities 154 00:07:48,690 --> 00:07:54,120 like the HDMI interface so this is not 155 00:07:51,450 --> 00:07:56,310 surprising at all if you go and with 156 00:07:54,120 --> 00:07:57,120 your device connected to a some charger 157 00:07:56,310 --> 00:07:59,790 in the airport 158 00:07:57,120 --> 00:08:02,130 technically wise as long as your device 159 00:07:59,790 --> 00:08:04,770 is connected to the charger the charger 160 00:08:02,130 --> 00:08:06,570 could actually watch everything you have 161 00:08:04,770 --> 00:08:08,880 in your stream that's why it's called 162 00:08:06,570 --> 00:08:10,710 video checking but honestly if we think 163 00:08:08,880 --> 00:08:13,620 about those problems those two problems 164 00:08:10,710 --> 00:08:17,219 the common characteristics of those is 165 00:08:13,620 --> 00:08:19,620 that they are temporal and that a 166 00:08:17,220 --> 00:08:21,570 suspicious user might not fall for it 167 00:08:19,620 --> 00:08:22,650 right if I'm in the airport by the way I 168 00:08:21,570 --> 00:08:25,650 would never 169 00:08:22,650 --> 00:08:27,359 click on trust maybe in the airplane if 170 00:08:25,650 --> 00:08:29,130 a trust there you know in the airplane 171 00:08:27,360 --> 00:08:31,590 sometimes you have those dialogues so I 172 00:08:29,130 --> 00:08:33,929 see a lot of people trusting it but this 173 00:08:31,590 --> 00:08:36,390 is the common characteristics and we are 174 00:08:33,929 --> 00:08:39,179 here to talk with you about a new breed 175 00:08:36,390 --> 00:08:41,189 of attacks that we believe in based on 176 00:08:39,179 --> 00:08:44,609 the feedback we got our applicable to 177 00:08:41,190 --> 00:08:47,190 virtually every iOS users and I think 178 00:08:44,610 --> 00:08:51,570 the first step we're gonna do is is talk 179 00:08:47,190 --> 00:08:53,730 about how do we move from attacks that 180 00:08:51,570 --> 00:08:57,150 rely on physical connection between a 181 00:08:53,730 --> 00:08:59,370 bad actor and a device to work to a 182 00:08:57,150 --> 00:09:03,630 network based attack to a Wi-Fi attack 183 00:08:59,370 --> 00:09:07,500 and one things we did is is look at a 184 00:09:03,630 --> 00:09:09,630 feature that again by itself it's a very 185 00:09:07,500 --> 00:09:12,750 welcomed feature into this a few years 186 00:09:09,630 --> 00:09:13,770 ago by Apple and that is the iTunes 187 00:09:12,750 --> 00:09:16,650 Wi-Fi sync 188 00:09:13,770 --> 00:09:18,510 it's a feature that allows us when we 189 00:09:16,650 --> 00:09:19,860 are at home for example we have our 190 00:09:18,510 --> 00:09:23,520 computer we have 191 00:09:19,860 --> 00:09:25,230 mobile device it allows for a Wi-Fi 192 00:09:23,520 --> 00:09:28,020 synchronisation of the device that's 193 00:09:25,230 --> 00:09:29,880 awesome right but if we look behind the 194 00:09:28,020 --> 00:09:32,040 scenes there are two elements that are 195 00:09:29,880 --> 00:09:35,070 important to understand that mechanism 196 00:09:32,040 --> 00:09:37,260 of tzimmes synchronization relies on 197 00:09:35,070 --> 00:09:39,330 that trust dialog that we discussed just 198 00:09:37,260 --> 00:09:41,790 earlier because when you click on the 199 00:09:39,330 --> 00:09:44,730 trust dialog what actually happens is 200 00:09:41,790 --> 00:09:46,920 that a key pair is generated so that the 201 00:09:44,730 --> 00:09:49,800 device trusts that specific host that 202 00:09:46,920 --> 00:09:51,449 specific computer and the surprising 203 00:09:49,800 --> 00:09:53,760 part that we will discuss throughout 204 00:09:51,450 --> 00:09:57,330 this presentation is that the decision 205 00:09:53,760 --> 00:09:59,520 Apple has made was to actually take all 206 00:09:57,330 --> 00:10:03,350 of those capabilities possible using a 207 00:09:59,520 --> 00:10:06,300 USB connection and have them possible 208 00:10:03,350 --> 00:10:08,610 using a network layer so USB mocks is 209 00:10:06,300 --> 00:10:11,670 actually obstructed through a network 210 00:10:08,610 --> 00:10:14,010 interface so let's discuss and see why 211 00:10:11,670 --> 00:10:17,579 is that so interesting and also so 212 00:10:14,010 --> 00:10:19,050 concerning this is concerning and those 213 00:10:17,580 --> 00:10:21,450 flows of attacks we are going to show 214 00:10:19,050 --> 00:10:24,000 you we call them iOS rough checking and 215 00:10:21,450 --> 00:10:26,580 the common characteristics of everything 216 00:10:24,000 --> 00:10:29,190 you're going to see okay is the 217 00:10:26,580 --> 00:10:34,320 following flow first of all the attacker 218 00:10:29,190 --> 00:10:36,870 has to get the user to click on a trust 219 00:10:34,320 --> 00:10:40,980 button to make a one-time mistake 220 00:10:36,870 --> 00:10:43,740 right but as well so as we'll show at 221 00:10:40,980 --> 00:10:45,900 the rest of the presentation while the 222 00:10:43,740 --> 00:10:48,870 previous attacks I mentioned might not 223 00:10:45,900 --> 00:10:51,180 have everyone fault for them will show 224 00:10:48,870 --> 00:10:53,310 later on why that one time mistake is 225 00:10:51,180 --> 00:10:56,370 actually not really a mistake and it is 226 00:10:53,310 --> 00:10:58,709 applicable virtually to any iOS user we 227 00:10:56,370 --> 00:11:00,210 will discuss this a bit later later but 228 00:10:58,710 --> 00:11:02,370 the common characteristic so everything 229 00:11:00,210 --> 00:11:04,410 will see is the moment we made that 230 00:11:02,370 --> 00:11:06,780 one-time mistake could have happened a 231 00:11:04,410 --> 00:11:08,969 few months ago from that moment an 232 00:11:06,780 --> 00:11:11,339 attacker may be able to do a variety of 233 00:11:08,970 --> 00:11:13,290 actions but all of those actions will be 234 00:11:11,340 --> 00:11:16,760 conducted on the attacker side on the 235 00:11:13,290 --> 00:11:19,380 computer side and the user itself has no 236 00:11:16,760 --> 00:11:21,660 effect on it he has no visibility of it 237 00:11:19,380 --> 00:11:23,670 and that's the problem so so let's start 238 00:11:21,660 --> 00:11:28,230 with the simple demonstration and go 239 00:11:23,670 --> 00:11:30,420 from there cool so whoever named iOS 240 00:11:28,230 --> 00:11:31,650 device it is not connected to my 241 00:11:30,420 --> 00:11:35,760 computer in any 242 00:11:31,650 --> 00:11:38,819 way and what we can do is first of all 243 00:11:35,760 --> 00:11:41,420 we can verify the division device 244 00:11:38,820 --> 00:11:45,060 connected to the computer is a very 245 00:11:41,420 --> 00:11:47,969 simple command which is part of the 246 00:11:45,060 --> 00:11:51,420 Levi's mobile device and labelling and 247 00:11:47,970 --> 00:11:54,390 they considered there is one one device 248 00:11:51,420 --> 00:11:57,270 connected to my computer if you look we 249 00:11:54,390 --> 00:12:01,949 consider that a lot of other commands 250 00:11:57,270 --> 00:12:04,980 that we can initiate and now that we 251 00:12:01,950 --> 00:12:08,550 have a connected device so one of them 252 00:12:04,980 --> 00:12:10,650 is a I device info we just let us say v 253 00:12:08,550 --> 00:12:14,750 and properties of the device the Wi-Fi 254 00:12:10,650 --> 00:12:18,480 MAC address the device name we can feel 255 00:12:14,750 --> 00:12:22,230 its version and a lot a lot of a 256 00:12:18,480 --> 00:12:25,260 metadata info and the other command is 257 00:12:22,230 --> 00:12:29,220 very iDevice v log which is the original 258 00:12:25,260 --> 00:12:32,750 command that I wanted to teach and this 259 00:12:29,220 --> 00:12:38,550 just show me a lot a lot of logs 260 00:12:32,750 --> 00:12:42,029 streaming and the just call it - a lot 261 00:12:38,550 --> 00:12:44,420 of things that happen on the device one 262 00:12:42,029 --> 00:12:49,160 thing interesting point here is that 263 00:12:44,420 --> 00:12:53,360 sometimes app developers tend to use the 264 00:12:49,160 --> 00:12:56,370 analog interface in order to log some 265 00:12:53,360 --> 00:12:58,320 some things that happened on the app for 266 00:12:56,370 --> 00:13:01,830 the backing purposes and when we listen 267 00:12:58,320 --> 00:13:05,480 up they usually tend to leave it over 268 00:13:01,830 --> 00:13:08,720 there so by looking at this 269 00:13:05,480 --> 00:13:11,720 this very spammy a syslog and filtering 270 00:13:08,720 --> 00:13:14,089 it for a specific art you sometimes can 271 00:13:11,720 --> 00:13:17,029 see use occurred and shelves and other 272 00:13:14,089 --> 00:13:19,430 very very sensitive stuff but he's just 273 00:13:17,029 --> 00:13:25,370 not filtered from this a lot and usually 274 00:13:19,430 --> 00:13:28,870 isn't accessible by anyone the last 275 00:13:25,370 --> 00:13:32,269 command that I'll show you if I divide 276 00:13:28,870 --> 00:13:34,820 diagnostic which I will not run but 277 00:13:32,269 --> 00:13:37,970 allows you to do a lot of things such as 278 00:13:34,820 --> 00:13:42,790 a shutdown without the device and can't 279 00:13:37,970 --> 00:13:45,370 be useful for a favor Allah doth attack 280 00:13:42,790 --> 00:13:48,740 thanks thanks for Union and I think that 281 00:13:45,370 --> 00:13:50,990 one of those capabilities are very nice 282 00:13:48,740 --> 00:13:52,880 to have and it's nice to have you know 283 00:13:50,990 --> 00:13:55,250 to be able to do it remotely we want to 284 00:13:52,880 --> 00:13:58,240 dive into this problem more deeply and 285 00:13:55,250 --> 00:14:01,040 talk about a few much more surprising 286 00:13:58,240 --> 00:14:03,139 capabilities that we can do so one of 287 00:14:01,040 --> 00:14:05,630 the notions that I want to mention is 288 00:14:03,139 --> 00:14:08,120 something called the Velo clear image so 289 00:14:05,630 --> 00:14:11,329 think about you know as a developer you 290 00:14:08,120 --> 00:14:13,699 you have your your Xcode your IDE and 291 00:14:11,329 --> 00:14:14,959 you connect your testing device and 292 00:14:13,699 --> 00:14:16,670 obviously when you connect it to the 293 00:14:14,959 --> 00:14:19,010 computer you can do a lot of stuff right 294 00:14:16,670 --> 00:14:22,040 you can analyze it you can debug it you 295 00:14:19,010 --> 00:14:23,930 can install your tested apps etc and one 296 00:14:22,040 --> 00:14:26,269 of the things that are are possible 297 00:14:23,930 --> 00:14:29,089 because of that perfect porting to the 298 00:14:26,269 --> 00:14:31,250 network is to remotely install the 299 00:14:29,089 --> 00:14:33,440 developer image that capability that is 300 00:14:31,250 --> 00:14:35,600 installed by Xcode to the device 301 00:14:33,440 --> 00:14:38,630 physically usually and that allows a 302 00:14:35,600 --> 00:14:41,660 bunch of capabilities so one things that 303 00:14:38,630 --> 00:14:44,230 capability allows is just to take 304 00:14:41,660 --> 00:14:47,029 snapshots screenshots from the device 305 00:14:44,230 --> 00:14:49,310 and one of the things we've done is 306 00:14:47,029 --> 00:14:52,610 create the script that tries to 307 00:14:49,310 --> 00:14:55,569 repeatedly and remotely take a look at 308 00:14:52,610 --> 00:14:59,899 the device so this is my device here and 309 00:14:55,569 --> 00:15:06,319 as I'm using it we can actually see what 310 00:14:59,899 --> 00:15:10,060 I'm doing okay so just a moment I think 311 00:15:06,319 --> 00:15:10,060 the network here is a bit slow 312 00:15:14,930 --> 00:15:20,459 okay 313 00:15:16,850 --> 00:15:27,750 so I think there is a lot a lot a lot of 314 00:15:20,459 --> 00:15:30,079 networking so there is a latency just a 315 00:15:27,750 --> 00:15:30,080 moment 316 00:15:43,190 --> 00:15:54,199 okay okay so it's working again and as 317 00:15:50,000 --> 00:15:57,889 you can see while I'm typing you can 318 00:15:54,199 --> 00:16:00,769 practically see Mike my keystrokes so 319 00:15:57,889 --> 00:16:03,379 you see we can see let's see if you can 320 00:16:00,769 --> 00:16:04,519 see my password to my banking app not a 321 00:16:03,379 --> 00:16:07,819 red one 322 00:16:04,519 --> 00:16:10,220 you can see virtually everything I'm I'm 323 00:16:07,819 --> 00:16:12,259 seeing so it can be take financials to 324 00:16:10,220 --> 00:16:14,569 the bank it can be a bunch of things so 325 00:16:12,259 --> 00:16:16,810 in this case just got an SMS from young 326 00:16:14,569 --> 00:16:16,810 king 327 00:16:25,270 --> 00:16:32,560 and as you can see practically all of my 328 00:16:30,100 --> 00:16:37,290 activity as a victim is being monitored 329 00:16:32,560 --> 00:16:40,540 by the attacker okay so so this is a 330 00:16:37,290 --> 00:16:42,279 demonstration which as we look back into 331 00:16:40,540 --> 00:16:43,930 what we discussed just five minutes ago 332 00:16:42,279 --> 00:16:48,189 we just spotted the ability to 333 00:16:43,930 --> 00:16:50,649 temporarily see and hijack the screen 334 00:16:48,190 --> 00:16:53,380 when you connect it to USB to something 335 00:16:50,649 --> 00:16:58,740 that can be conducted 24/7 by a remote 336 00:16:53,380 --> 00:17:01,000 attacker on the network okay okay so 337 00:16:58,740 --> 00:17:04,920 think another another topic want to 338 00:17:01,000 --> 00:17:04,920 discuss is the backup in the store yeah 339 00:17:05,459 --> 00:17:14,610 so let's start by initiating backup 340 00:17:08,559 --> 00:17:17,530 command to the device this is a standard 341 00:17:14,609 --> 00:17:19,290 command it can be found in the Levi's 342 00:17:17,530 --> 00:17:22,270 mobile device with slight modifications 343 00:17:19,290 --> 00:17:25,000 that we did in order for it in order to 344 00:17:22,270 --> 00:17:28,139 enable it to walk over a wife and not 345 00:17:25,000 --> 00:17:28,140 only one at a table 346 00:17:33,370 --> 00:17:40,479 okay so this start of the back up I will 347 00:17:37,120 --> 00:17:45,370 hope that the network will be fast 348 00:17:40,480 --> 00:17:48,210 enough but let's talk about about what 349 00:17:45,370 --> 00:17:52,330 we'll be able to see in a few moments 350 00:17:48,210 --> 00:17:56,020 and so as we are backing backing up the 351 00:17:52,330 --> 00:18:00,310 device they've won a variant I feature 352 00:17:56,020 --> 00:18:03,820 which if you can encrypt your iOS device 353 00:18:00,310 --> 00:18:07,600 this thing that we we think that 354 00:18:03,820 --> 00:18:10,600 everyone should do but very interesting 355 00:18:07,600 --> 00:18:13,929 thing is that the decision whether the 356 00:18:10,600 --> 00:18:15,969 backup is included or not is being 357 00:18:13,930 --> 00:18:19,960 initiated by the computer you do not 358 00:18:15,970 --> 00:18:22,630 have any anyway on your mobile device to 359 00:18:19,960 --> 00:18:25,630 choose whether the backup will be 360 00:18:22,630 --> 00:18:28,210 encrypted or not once 361 00:18:25,630 --> 00:18:29,920 the computer shows this decision if you 362 00:18:28,210 --> 00:18:33,160 chose to include the backup 363 00:18:29,920 --> 00:18:35,080 later back up who will be encrypted with 364 00:18:33,160 --> 00:18:37,990 the same password and this will be 365 00:18:35,080 --> 00:18:39,760 enforced by the mobile device so the 366 00:18:37,990 --> 00:18:42,940 first decision is done by the computer 367 00:18:39,760 --> 00:18:45,190 but later on it's enforced by the mobile 368 00:18:42,940 --> 00:18:47,530 device and the only way to disable it is 369 00:18:45,190 --> 00:18:52,840 by connecting your device to a computer 370 00:18:47,530 --> 00:18:55,540 and choose to disable the encryption you 371 00:18:52,840 --> 00:19:01,600 sure you have to know the password in 372 00:18:55,540 --> 00:19:04,780 order for it to work if a victim did not 373 00:19:01,600 --> 00:19:07,179 choose at back of the device it creates 374 00:19:04,780 --> 00:19:09,820 a very funny situation in which the 375 00:19:07,180 --> 00:19:13,660 attacker can actually choose to encrypt 376 00:19:09,820 --> 00:19:16,270 the victims device backup so every 377 00:19:13,660 --> 00:19:18,520 backup in the future will be encrypted 378 00:19:16,270 --> 00:19:20,680 the attacker will be able to detect it 379 00:19:18,520 --> 00:19:24,280 of course but the victim want to be able 380 00:19:20,680 --> 00:19:27,280 to decrypt it so it will be basically 381 00:19:24,280 --> 00:19:30,300 locked out from his device therefore the 382 00:19:27,280 --> 00:19:33,160 device backup and won't be able to even 383 00:19:30,300 --> 00:19:36,940 change the password or the movie in 384 00:19:33,160 --> 00:19:39,530 order to a home that's a key it's some 385 00:19:36,940 --> 00:19:43,250 kind of bug and some attack in 386 00:19:39,530 --> 00:19:46,310 some way yeah so this is another reason 387 00:19:43,250 --> 00:19:49,940 for why where we think everyone should 388 00:19:46,310 --> 00:19:52,419 encrypt their own device and should how 389 00:19:49,940 --> 00:19:55,760 powerful because if you want do it 390 00:19:52,420 --> 00:19:57,560 attacker can use both for fare 391 00:19:55,760 --> 00:20:00,650 techniques you know to try and their 392 00:19:57,560 --> 00:20:04,129 video password but it makes it harder 393 00:20:00,650 --> 00:20:08,270 anyway and let's see how the back of 394 00:20:04,130 --> 00:20:12,770 okay so we'll be able to see several 395 00:20:08,270 --> 00:20:14,870 files in the backup directory and the 396 00:20:12,770 --> 00:20:17,540 first three file for the finished file 397 00:20:14,870 --> 00:20:20,449 which contains information about the 398 00:20:17,540 --> 00:20:21,920 device and backup so we'll see the 399 00:20:20,450 --> 00:20:24,680 info.plist file which contains 400 00:20:21,920 --> 00:20:26,900 information about the device and all the 401 00:20:24,680 --> 00:20:29,180 installed apps on the device the 402 00:20:26,900 --> 00:20:31,520 manifest P list which contains a lot of 403 00:20:29,180 --> 00:20:33,980 information about the backup and other 404 00:20:31,520 --> 00:20:36,100 information about the installed app that 405 00:20:33,980 --> 00:20:38,690 was believed is a very very small 406 00:20:36,100 --> 00:20:41,750 finished file which contains basically 407 00:20:38,690 --> 00:20:44,870 information about this specific backup 408 00:20:41,750 --> 00:20:48,380 if it encrypted or not if it's a full or 409 00:20:44,870 --> 00:20:49,939 partial backup and the very the most 410 00:20:48,380 --> 00:20:53,960 interesting file here will be the 411 00:20:49,940 --> 00:20:57,410 manifestly B which is an SQLite 3 file 412 00:20:53,960 --> 00:21:02,450 contains all the files that were backed 413 00:20:57,410 --> 00:21:06,830 up by path and some other a metadata 414 00:21:02,450 --> 00:21:10,040 such as a new name that they got in the 415 00:21:06,830 --> 00:21:14,270 back up all the file path and converted 416 00:21:10,040 --> 00:21:16,580 to a sha-1 file names and are placed in 417 00:21:14,270 --> 00:21:25,129 a directory which is the first two 418 00:21:16,580 --> 00:21:27,500 hexadecimal digit of specific a cache so 419 00:21:25,130 --> 00:21:30,080 let's take a look at the backup we just 420 00:21:27,500 --> 00:21:32,210 did and as when we all mentioned this is 421 00:21:30,080 --> 00:21:34,820 this is practically a full backup it 422 00:21:32,210 --> 00:21:37,010 looks for rather generic so we we need a 423 00:21:34,820 --> 00:21:39,169 way to understand what that backup 424 00:21:37,010 --> 00:21:41,030 contains and hopefully get some cool 425 00:21:39,170 --> 00:21:43,370 stuff out of the back up so so let's 426 00:21:41,030 --> 00:21:47,930 let's do it and let's go to the manifest 427 00:21:43,370 --> 00:21:49,719 DB this is the SQLite database and we'll 428 00:21:47,930 --> 00:21:53,200 start by you know 429 00:21:49,720 --> 00:21:54,880 just looking at other tables look at the 430 00:21:53,200 --> 00:21:58,600 screamer we wanna understand how does 431 00:21:54,880 --> 00:22:01,300 the file's table look like and for that 432 00:21:58,600 --> 00:22:04,030 moment let's let's just look for all the 433 00:22:01,300 --> 00:22:13,120 images all the media files in the backup 434 00:22:04,030 --> 00:22:16,080 that we just did so it's it's classical 435 00:22:13,120 --> 00:22:19,120 SQL query we're looking for the media 436 00:22:16,080 --> 00:22:23,560 directory and we'll be solving this 437 00:22:19,120 --> 00:22:26,379 obviously by by by the file path to look 438 00:22:23,560 --> 00:22:27,940 for the latest images in this case the 439 00:22:26,380 --> 00:22:30,610 first thing we want to show you is what 440 00:22:27,940 --> 00:22:32,440 we mentioned we see from each record we 441 00:22:30,610 --> 00:22:35,229 see something that looks like an hash 442 00:22:32,440 --> 00:22:37,570 it's a sha-1 hash as well as some more 443 00:22:35,230 --> 00:22:39,850 metadata and what we is now doing is 444 00:22:37,570 --> 00:22:42,909 showing you that by looking at the 445 00:22:39,850 --> 00:22:45,760 original path in the Bekaa we can deduce 446 00:22:42,910 --> 00:22:48,340 and see that this is exactly you know 447 00:22:45,760 --> 00:22:54,550 the first like oh this is the sha-1 hash 448 00:22:48,340 --> 00:22:57,610 over of that of that path so we have the 449 00:22:54,550 --> 00:23:00,190 domain or the type of the file and then 450 00:22:57,610 --> 00:23:04,389 we have the full path and we'll just 451 00:23:00,190 --> 00:23:07,810 hash it so difficult we got here and it 452 00:23:04,390 --> 00:23:09,280 should match the hash here so you don't 453 00:23:07,810 --> 00:23:11,080 need to add to do it all the time 454 00:23:09,280 --> 00:23:13,090 because you can just a look at the 455 00:23:11,080 --> 00:23:15,669 manufactory but if you know specific 456 00:23:13,090 --> 00:23:20,020 file you can also you can always get to 457 00:23:15,670 --> 00:23:22,770 it by just one so let's take a look at 458 00:23:20,020 --> 00:23:30,850 the image let's see what we actually got 459 00:23:22,770 --> 00:23:32,350 some interesting stuff here yeah this is 460 00:23:30,850 --> 00:23:36,490 a picture we just took before the 461 00:23:32,350 --> 00:23:38,379 presentation so so I think the next 462 00:23:36,490 --> 00:23:40,120 thing we want to show you is some more 463 00:23:38,380 --> 00:23:42,190 juicy stuff out of the backup we just 464 00:23:40,120 --> 00:23:44,949 did and and what we're going to do is to 465 00:23:42,190 --> 00:23:48,520 look for the SMS for the messages 466 00:23:44,950 --> 00:23:51,880 database again a very very simple query 467 00:23:48,520 --> 00:23:54,250 we will look for where is the SQLite 468 00:23:51,880 --> 00:23:59,950 database that contains the messaging 469 00:23:54,250 --> 00:24:03,490 information out of the device and 470 00:23:59,950 --> 00:24:06,250 again we got it now we'll open that that 471 00:24:03,490 --> 00:24:12,430 database and we'll look for some of the 472 00:24:06,250 --> 00:24:15,010 content inside it okay again looking for 473 00:24:12,430 --> 00:24:16,870 the tables a bunch of tables here I 474 00:24:15,010 --> 00:24:20,080 think we'll start with looking at the 475 00:24:16,870 --> 00:24:24,159 chats look which ads do we have on the 476 00:24:20,080 --> 00:24:26,290 device and and also look at the messages 477 00:24:24,160 --> 00:24:29,590 to try to extract the actual messages 478 00:24:26,290 --> 00:24:31,389 that are stored on the device so this is 479 00:24:29,590 --> 00:24:33,399 look you know it looks very very dirty 480 00:24:31,390 --> 00:24:34,870 obviously it's how to with it that's one 481 00:24:33,400 --> 00:24:37,360 of the things we've done is we've 482 00:24:34,870 --> 00:24:39,669 created a script that automates all of 483 00:24:37,360 --> 00:24:42,729 what we've done and just demonstrating a 484 00:24:39,670 --> 00:24:46,690 pretty print everything all of those 485 00:24:42,730 --> 00:24:48,670 checks that we have them device awesome 486 00:24:46,690 --> 00:24:51,220 so as you can see this is exactly the 487 00:24:48,670 --> 00:24:53,500 correspondence we had on stage and again 488 00:24:51,220 --> 00:25:01,960 we're very excited and happy to have you 489 00:24:53,500 --> 00:25:06,640 here and present ok so I think that the 490 00:25:01,960 --> 00:25:10,060 next thing we want to discuss is is the 491 00:25:06,640 --> 00:25:12,970 notion of of being able to do some more 492 00:25:10,060 --> 00:25:15,580 interesting things on the device in this 493 00:25:12,970 --> 00:25:19,150 case again I want to remind you what 494 00:25:15,580 --> 00:25:22,149 we're able to do is to repeat and create 495 00:25:19,150 --> 00:25:25,360 an environment that is as we are just 496 00:25:22,150 --> 00:25:27,490 physically debugging the device why this 497 00:25:25,360 --> 00:25:30,159 is not our device and we don't have 498 00:25:27,490 --> 00:25:31,750 physical access to it anymore so we 499 00:25:30,160 --> 00:25:34,360 discuss data on a bunch of nuances 500 00:25:31,750 --> 00:25:36,700 around this but the first thing I want 501 00:25:34,360 --> 00:25:39,159 to do is to actually show you the device 502 00:25:36,700 --> 00:25:41,320 and give you I think a pretty nice 503 00:25:39,160 --> 00:25:47,980 demonstration for the kind of things we 504 00:25:41,320 --> 00:25:51,840 can do okay so that's the neck thing 505 00:25:47,980 --> 00:25:53,830 okay so awesome so can you see my screen 506 00:25:51,840 --> 00:25:59,439 first thing I want to show you is that 507 00:25:53,830 --> 00:26:03,010 Facebook app in here we can see what is 508 00:25:59,440 --> 00:26:05,170 Facebook account we'll get into is a 509 00:26:03,010 --> 00:26:08,320 personal page I recommend you to be his 510 00:26:05,170 --> 00:26:10,840 friends as well so so 511 00:26:08,320 --> 00:26:13,509 the Facebook up and the interesting 512 00:26:10,840 --> 00:26:17,259 thing we want to show you is that now or 513 00:26:13,509 --> 00:26:19,720 as the attacker is able to first of all 514 00:26:17,259 --> 00:26:21,759 list all installed apps on the device 515 00:26:19,720 --> 00:26:24,039 and specifically here we see the 516 00:26:21,759 --> 00:26:26,110 Facebook app as well as its package name 517 00:26:24,039 --> 00:26:29,370 and what we actually want to demonstrate 518 00:26:26,110 --> 00:26:32,110 now is the problem of the packaged apps 519 00:26:29,370 --> 00:26:34,809 okay one of the most powerful attacks 520 00:26:32,110 --> 00:26:38,350 are available in general in mobility is 521 00:26:34,809 --> 00:26:40,120 to be able to create a fake version of a 522 00:26:38,350 --> 00:26:42,879 given app can be Facebook what it can 523 00:26:40,120 --> 00:26:45,039 also be you know Salesforce or box or 524 00:26:42,879 --> 00:26:47,230 whatever you do for business and if you 525 00:26:45,039 --> 00:26:50,620 are able to create a repetitive version 526 00:26:47,230 --> 00:26:52,000 of those applications you might be able 527 00:26:50,620 --> 00:26:53,678 to do some awesome stuff 528 00:26:52,000 --> 00:26:55,629 so what we are going to do now is to 529 00:26:53,679 --> 00:26:58,240 actually create a leap a caged version 530 00:26:55,629 --> 00:27:00,699 on Facebook okay and then we're going to 531 00:26:58,240 --> 00:27:03,159 do a bunch of actions that will be very 532 00:27:00,700 --> 00:27:05,230 fast so I want you to be focused this is 533 00:27:03,159 --> 00:27:08,139 well Facebook resides like the real one 534 00:27:05,230 --> 00:27:09,940 we are going to practically upload the 535 00:27:08,139 --> 00:27:12,129 repackaged version on Facebook to a 536 00:27:09,940 --> 00:27:15,279 temporal directory on that device and 537 00:27:12,129 --> 00:27:17,678 then in a fraction of a second we will 538 00:27:15,279 --> 00:27:19,149 remove the beginning app and we 539 00:27:17,679 --> 00:27:19,860 installed the repackage lab are you 540 00:27:19,149 --> 00:27:28,000 ready 541 00:27:19,860 --> 00:27:30,279 look carefully let's do it okay for 542 00:27:28,000 --> 00:27:32,500 those of you that didn't notice we have 543 00:27:30,279 --> 00:27:38,529 that app still here let's do it again do 544 00:27:32,500 --> 00:27:42,009 it again yeah this is in a room packed 545 00:27:38,529 --> 00:27:44,679 with Wi-Fi devices under the one second 546 00:27:42,009 --> 00:27:46,779 did this happened okay and the big point 547 00:27:44,679 --> 00:27:50,559 here is that when I opened that favorte 548 00:27:46,779 --> 00:27:53,200 up it's actually no longer develop right 549 00:27:50,559 --> 00:27:56,019 this is a very fake version so guys I 550 00:27:53,200 --> 00:27:58,090 want you to think what about what that 551 00:27:56,019 --> 00:27:59,919 practically means that means that if 552 00:27:58,090 --> 00:28:02,529 we're able to do this remotely we might 553 00:27:59,919 --> 00:28:04,929 replace some very important applications 554 00:28:02,529 --> 00:28:07,059 this can be your banking activity but it 555 00:28:04,929 --> 00:28:09,100 can also be your business applications 556 00:28:07,059 --> 00:28:11,710 okay and one of the things that are 557 00:28:09,100 --> 00:28:15,459 important to understand is that this is 558 00:28:11,710 --> 00:28:17,919 a site loaded app meaning what we put 559 00:28:15,460 --> 00:28:20,230 back on the device is an app that was 560 00:28:17,919 --> 00:28:22,060 never monitored by anyone not by app and 561 00:28:20,230 --> 00:28:24,400 not by anyone meaning we can use 562 00:28:22,060 --> 00:28:26,740 some private API its API that cannot be 563 00:28:24,400 --> 00:28:28,540 allowed in the App Store to do some 564 00:28:26,740 --> 00:28:30,670 nasty stuff you know wondered process in 565 00:28:28,540 --> 00:28:33,190 the background recalled you if needed as 566 00:28:30,670 --> 00:28:36,070 well as you know use those capabilities 567 00:28:33,190 --> 00:28:37,570 to maybe exploit a security issue on 568 00:28:36,070 --> 00:28:40,060 your device escalate escalate 569 00:28:37,570 --> 00:28:44,250 permissions and from there do a bunch of 570 00:28:40,060 --> 00:28:44,250 very very very nasty stuff 571 00:28:44,610 --> 00:28:53,320 cool so let's talk about several tak 572 00:28:49,240 --> 00:28:58,270 vectors we can say so the first and most 573 00:28:53,320 --> 00:29:03,460 basic way to get infected with this kind 574 00:28:58,270 --> 00:29:06,540 of is that if just connecting your own 575 00:29:03,460 --> 00:29:11,230 device to a malicious charger or maybe a 576 00:29:06,540 --> 00:29:14,740 malicious USB connection on an airport 577 00:29:11,230 --> 00:29:17,920 or something yeah I didn't from some 578 00:29:14,740 --> 00:29:19,300 reason choosing to trust it some people 579 00:29:17,920 --> 00:29:22,270 may think that they need to choose a 580 00:29:19,300 --> 00:29:26,950 trusted in order to charge the device 581 00:29:22,270 --> 00:29:29,950 this is not to but but many people do 582 00:29:26,950 --> 00:29:32,530 and then they just toss the device again 583 00:29:29,950 --> 00:29:33,910 it it looks like it was it should the 584 00:29:32,530 --> 00:29:36,310 fact you only when the device is 585 00:29:33,910 --> 00:29:40,780 connected but even when you disconnect 586 00:29:36,310 --> 00:29:45,250 it it still can happen and affect your 587 00:29:40,780 --> 00:29:48,129 device and so this is something that I 588 00:29:45,250 --> 00:29:50,460 hope that most of you I hope that all of 589 00:29:48,130 --> 00:29:54,850 you didn't do you didn't have the 590 00:29:50,460 --> 00:29:57,850 malicious a charger but they had a very 591 00:29:54,850 --> 00:30:01,360 very interesting scenario in which you 592 00:29:57,850 --> 00:30:03,429 trust your own computer or maybe another 593 00:30:01,360 --> 00:30:06,370 computer of one of your very colleagues 594 00:30:03,430 --> 00:30:08,650 one of your family members that you left 595 00:30:06,370 --> 00:30:10,330 there's no reason to not trust your own 596 00:30:08,650 --> 00:30:13,030 computer want to backup your device you 597 00:30:10,330 --> 00:30:17,490 want to do other action with it so it 598 00:30:13,030 --> 00:30:21,340 lasted if your device is infected with 599 00:30:17,490 --> 00:30:25,510 Marvel this model can now have an access 600 00:30:21,340 --> 00:30:27,429 to your mobile device it can see all the 601 00:30:25,510 --> 00:30:30,310 things that you are doing that it can 602 00:30:27,430 --> 00:30:32,200 backup your device and still a lot a lot 603 00:30:30,310 --> 00:30:34,370 of information maybe family place all 604 00:30:32,200 --> 00:30:37,520 your app without 605 00:30:34,370 --> 00:30:42,800 you ever knowing and without you doing 606 00:30:37,520 --> 00:30:47,960 any longer stuff you trusted your own 607 00:30:42,800 --> 00:30:50,090 device your own computer so this is a 608 00:30:47,960 --> 00:30:53,450 very interesting approach because it 609 00:30:50,090 --> 00:30:56,720 allows an attacker to extend the control 610 00:30:53,450 --> 00:31:01,280 from only yoga computer to all of your 611 00:30:56,720 --> 00:31:05,270 mobile devices another very interesting 612 00:31:01,280 --> 00:31:07,639 attack if they post trust attack it 613 00:31:05,270 --> 00:31:10,370 means that you trust your computer or 614 00:31:07,640 --> 00:31:12,620 other trusted the computer and 615 00:31:10,370 --> 00:31:16,250 everything was fine the computer was not 616 00:31:12,620 --> 00:31:20,270 infected with any kind of Marvel later 617 00:31:16,250 --> 00:31:23,660 on after al maybe more this computer got 618 00:31:20,270 --> 00:31:29,500 infected with malware unless you did 619 00:31:23,660 --> 00:31:33,170 some active actions in order to delete a 620 00:31:29,500 --> 00:31:36,020 different translation the isolation will 621 00:31:33,170 --> 00:31:40,600 continue to be the meaning that now the 622 00:31:36,020 --> 00:31:43,850 same alwa can can get 623 00:31:40,600 --> 00:31:46,158 information form your device and even 624 00:31:43,850 --> 00:31:48,289 though it can steal all the trust 625 00:31:46,159 --> 00:31:52,850 relations that were created between this 626 00:31:48,289 --> 00:31:55,669 computer and other devices and just use 627 00:31:52,850 --> 00:31:58,428 it anywhere else it doesn't need to be 628 00:31:55,669 --> 00:32:00,980 the in the moment when the trust is 629 00:31:58,429 --> 00:32:03,679 being created but later on it's also 630 00:32:00,980 --> 00:32:05,960 okayed can just and I'll skip all the 631 00:32:03,679 --> 00:32:08,210 translations that you ever created with 632 00:32:05,960 --> 00:32:09,620 this computer so not only the recent one 633 00:32:08,210 --> 00:32:11,419 you know connecting to area and the 634 00:32:09,620 --> 00:32:14,719 presentation what we actually see is 635 00:32:11,419 --> 00:32:16,370 that practically as you know I think 636 00:32:14,720 --> 00:32:18,559 virtually all of you have raised your 637 00:32:16,370 --> 00:32:20,620 hands that you ever trusted any device 638 00:32:18,559 --> 00:32:23,740 even if it's your most trusted device 639 00:32:20,620 --> 00:32:27,439 technically wise you still might be 640 00:32:23,740 --> 00:32:30,049 affected at that very moment by all that 641 00:32:27,440 --> 00:32:34,000 we have just showed if a malware just 642 00:32:30,049 --> 00:32:38,059 got at some point to your own computers 643 00:32:34,000 --> 00:32:40,370 another scenario which is which we were 644 00:32:38,059 --> 00:32:43,490 very concerned that might be applicable 645 00:32:40,370 --> 00:32:46,760 here if the leader of the pack and what 646 00:32:43,490 --> 00:32:49,309 this means is having temporal access to 647 00:32:46,760 --> 00:32:52,639 a computer before the trust relation was 648 00:32:49,309 --> 00:32:55,789 created fortunately Apple did a great 649 00:32:52,639 --> 00:32:59,840 job here and mitigate this kind of a 650 00:32:55,789 --> 00:33:02,750 attacks by generating in you and keeper 651 00:32:59,840 --> 00:33:06,649 every time you choose to trust a device 652 00:33:02,750 --> 00:33:09,559 so there is no one keeper that is used 653 00:33:06,649 --> 00:33:11,809 for all of the devices but and you 654 00:33:09,559 --> 00:33:14,299 generated every time to touch the device 655 00:33:11,809 --> 00:33:16,549 so when you open the Marvel if they're 656 00:33:14,299 --> 00:33:18,740 being found on a computer it can only 657 00:33:16,549 --> 00:33:22,340 see what happens before what happening 658 00:33:18,740 --> 00:33:25,639 now it cannot do it for future devices 659 00:33:22,340 --> 00:33:30,639 if nutri will be created after this 660 00:33:25,639 --> 00:33:34,039 malware was remote from the computer 661 00:33:30,639 --> 00:33:36,199 also what about us be obstructed mode so 662 00:33:34,039 --> 00:33:39,830 I guess that most of you heard about a 663 00:33:36,200 --> 00:33:43,360 new very very important feature that FLE 664 00:33:39,830 --> 00:33:47,809 other than a the latest iOS version on a 665 00:33:43,360 --> 00:33:49,789 iOS 11.4 dot one which is called use 666 00:33:47,809 --> 00:33:53,040 very straight about it we restricted 667 00:33:49,789 --> 00:33:55,260 mode basically tries to block 668 00:33:53,040 --> 00:33:57,899 access to your device physical access to 669 00:33:55,260 --> 00:34:01,890 your device via the USB a data 670 00:33:57,900 --> 00:34:04,530 connection after one hour of the device 671 00:34:01,890 --> 00:34:07,730 being blocked it will force you to him 672 00:34:04,530 --> 00:34:11,279 to enter your passcode again before you 673 00:34:07,730 --> 00:34:14,490 can do anything with the device 674 00:34:11,280 --> 00:34:17,730 connected to your computer this was 675 00:34:14,489 --> 00:34:21,689 created in order to a time mitigate some 676 00:34:17,730 --> 00:34:26,760 a touch performed by some organizations 677 00:34:21,690 --> 00:34:28,950 that allow you to take a device that you 678 00:34:26,760 --> 00:34:31,800 do not know its passcode or any 679 00:34:28,949 --> 00:34:35,810 credential connected to their own device 680 00:34:31,800 --> 00:34:39,990 and then dump it all system bypassing 681 00:34:35,810 --> 00:34:42,199 security mechanisms so by disabling the 682 00:34:39,989 --> 00:34:46,408 USB connection port after one hour you 683 00:34:42,199 --> 00:34:51,449 can just restrict this kind of attacks 684 00:34:46,409 --> 00:34:54,090 and solve it very efficiently so we will 685 00:34:51,449 --> 00:34:56,699 concerned hell interested if this 686 00:34:54,090 --> 00:34:59,970 affects path checking and what we found 687 00:34:56,699 --> 00:35:01,230 out that it does not affect us jacking 688 00:34:59,970 --> 00:35:03,839 it or because traffic jacking 689 00:35:01,230 --> 00:35:06,510 does not rely on a physical USB 690 00:35:03,840 --> 00:35:11,220 connection so this screenshot actually 691 00:35:06,510 --> 00:35:14,610 was taken with traffic jacking with a 692 00:35:11,220 --> 00:35:19,350 similar pose what we saw on the video 693 00:35:14,610 --> 00:35:21,690 checking get what if was this device it 694 00:35:19,350 --> 00:35:24,960 was connected to another computer and 695 00:35:21,690 --> 00:35:28,020 you can fit if a nice a notification 696 00:35:24,960 --> 00:35:32,010 here said you need to unlock your iPhone 697 00:35:28,020 --> 00:35:35,820 in order to access to use accessories to 698 00:35:32,010 --> 00:35:39,180 use the USB accessories and other than 699 00:35:35,820 --> 00:35:42,060 taking screenshots backups and all of 700 00:35:39,180 --> 00:35:45,060 the other actions that we just saw in 701 00:35:42,060 --> 00:35:48,720 this presentation and other walking 702 00:35:45,060 --> 00:35:50,970 remotely as well without any issue and 703 00:35:48,720 --> 00:35:54,899 this screenshot and this test was 704 00:35:50,970 --> 00:35:58,859 performed in air I was 12 better and - 705 00:35:54,900 --> 00:36:01,890 it was the last version last week when 706 00:35:58,860 --> 00:36:02,580 we have verified it but I don't believe 707 00:36:01,890 --> 00:36:06,859 that 708 00:36:02,580 --> 00:36:08,100 anything got changed and a better phone 709 00:36:06,860 --> 00:36:10,350 cool 710 00:36:08,100 --> 00:36:14,220 so other than affection that you you 711 00:36:10,350 --> 00:36:18,330 probably think about it if that this 712 00:36:14,220 --> 00:36:21,779 attack restricted to being connected to 713 00:36:18,330 --> 00:36:24,330 the same London same Wi-Fi which means 714 00:36:21,780 --> 00:36:27,510 the attacker needs to be in proximity to 715 00:36:24,330 --> 00:36:29,730 his victim which also will limit 716 00:36:27,510 --> 00:36:34,890 feasibility extent is beyond the 717 00:36:29,730 --> 00:36:39,060 physical connection but still limit the 718 00:36:34,890 --> 00:36:42,240 attacker in many different ways so we 719 00:36:39,060 --> 00:36:45,509 think whether this is a real affliction 720 00:36:42,240 --> 00:36:48,720 and what we saw with some very cool 721 00:36:45,510 --> 00:36:52,320 stuff so when Apple I decided to port 722 00:36:48,720 --> 00:36:55,140 USB mocks to walk over the network 723 00:36:52,320 --> 00:36:56,940 connection they actually need a to solve 724 00:36:55,140 --> 00:37:00,210 several problems so the first problem 725 00:36:56,940 --> 00:37:03,090 we'll just porting the USB connections 726 00:37:00,210 --> 00:37:06,240 to TCP connection and the second problem 727 00:37:03,090 --> 00:37:08,670 was the discovery issue so when you're 728 00:37:06,240 --> 00:37:11,069 connecting a device to a computer there 729 00:37:08,670 --> 00:37:14,970 is the physical action the device knows 730 00:37:11,070 --> 00:37:18,180 that a newer computer just connected and 731 00:37:14,970 --> 00:37:20,910 it can initiate a lot of a lot of a 732 00:37:18,180 --> 00:37:22,950 processes when you're connected to the 733 00:37:20,910 --> 00:37:25,410 same network there is no this there's no 734 00:37:22,950 --> 00:37:28,770 physical connection so the way that 735 00:37:25,410 --> 00:37:32,850 Apple to talk to a solve it is by using 736 00:37:28,770 --> 00:37:34,320 mdns over Bonjour and for discovery so 737 00:37:32,850 --> 00:37:37,710 when the device connection your 738 00:37:34,320 --> 00:37:40,860 networking even I periodically it just 739 00:37:37,710 --> 00:37:45,000 sends a broadcast a message to everyone 740 00:37:40,860 --> 00:37:47,640 hey I'm I'm here I'm running family 741 00:37:45,000 --> 00:37:52,550 services and you can connect to the usb 742 00:37:47,640 --> 00:37:57,650 a MOOC support this service is available 743 00:37:52,550 --> 00:38:01,200 so what we saw that can very easily 744 00:37:57,650 --> 00:38:03,870 performed is by using a VPN tunnel you 745 00:38:01,200 --> 00:38:06,089 can create a virtual LAN and no matter 746 00:38:03,870 --> 00:38:08,670 where the device is found in the world 747 00:38:06,090 --> 00:38:11,610 it can be connected to a 3G network can 748 00:38:08,670 --> 00:38:13,710 be in another country but you're 749 00:38:11,610 --> 00:38:16,710 connecting a virtual 750 00:38:13,710 --> 00:38:19,470 network by using this network you can 751 00:38:16,710 --> 00:38:21,480 access the device in order to solve the 752 00:38:19,470 --> 00:38:25,290 discovery option you have to of self 753 00:38:21,480 --> 00:38:28,140 you can either configure your VPN tunnel 754 00:38:25,290 --> 00:38:31,370 to replicate and then a packet which 755 00:38:28,140 --> 00:38:34,770 usually don't happen by default and the 756 00:38:31,370 --> 00:38:37,680 second one which we actually use the 757 00:38:34,770 --> 00:38:42,509 very very simple you can replicate or 758 00:38:37,680 --> 00:38:45,240 create your own fake mdns a packet and 759 00:38:42,510 --> 00:38:47,760 then click your own computer in order to 760 00:38:45,240 --> 00:38:51,870 think that hey a new device connected to 761 00:38:47,760 --> 00:38:55,110 a specific IP from now on USB moves and 762 00:38:51,870 --> 00:38:59,130 and your computer will do the rest of 763 00:38:55,110 --> 00:39:01,380 your work it will just walk you can't 764 00:38:59,130 --> 00:39:03,210 really attack a custom version of us be 765 00:39:01,380 --> 00:39:05,520 moved but you really don't need to 766 00:39:03,210 --> 00:39:07,170 because then you can solve it very very 767 00:39:05,520 --> 00:39:11,850 evenly without taking your own a 768 00:39:07,170 --> 00:39:16,340 computer to get this thing to get to 769 00:39:11,850 --> 00:39:20,700 this access you can utilize a very cool 770 00:39:16,340 --> 00:39:22,920 and if for that whip published which is 771 00:39:20,700 --> 00:39:26,879 called the malicious profile which 772 00:39:22,920 --> 00:39:30,050 allows the attacker to to redirect and 773 00:39:26,880 --> 00:39:33,270 decrypt all the traffic is a kind of 774 00:39:30,050 --> 00:39:35,310 virtual Allah and they have access to 775 00:39:33,270 --> 00:39:38,220 the mobile device without needing to be 776 00:39:35,310 --> 00:39:41,310 in the same network over location 777 00:39:38,220 --> 00:39:46,200 usually you get the user to install the 778 00:39:41,310 --> 00:39:48,660 to install it by having some some 779 00:39:46,200 --> 00:39:50,879 technique for taking it to think that he 780 00:39:48,660 --> 00:39:56,640 needs to do it from a social engineering 781 00:39:50,880 --> 00:39:59,810 but very very easy to do and can extend 782 00:39:56,640 --> 00:40:03,930 this way beyond the need to be 783 00:39:59,810 --> 00:40:06,000 physically close to the device so you're 784 00:40:03,930 --> 00:40:08,129 welcome to edit offline of course our 785 00:40:06,000 --> 00:40:12,450 slides will be available on the website 786 00:40:08,130 --> 00:40:14,550 of RSA Conference okay so let's let's 787 00:40:12,450 --> 00:40:16,779 try to to summarize and discuss some 788 00:40:14,550 --> 00:40:20,650 concrete mitigations 789 00:40:16,780 --> 00:40:23,200 that we can do to mitigate the problems 790 00:40:20,650 --> 00:40:25,210 we've discussed so first of all as 791 00:40:23,200 --> 00:40:28,899 mentioned I think that there is a 792 00:40:25,210 --> 00:40:31,840 concrete concern about do we really 793 00:40:28,900 --> 00:40:35,110 trust all of those devices that we've 794 00:40:31,840 --> 00:40:37,750 ever trusted in the past to not be 795 00:40:35,110 --> 00:40:40,540 utilized in order to attack us so one 796 00:40:37,750 --> 00:40:42,850 thing that can be done is to user and 797 00:40:40,540 --> 00:40:44,950 clear the trusted computer settings from 798 00:40:42,850 --> 00:40:47,920 your device you can go to Settings 799 00:40:44,950 --> 00:40:50,140 General reset reset location or privacy 800 00:40:47,920 --> 00:40:52,360 and it's important to understand what 801 00:40:50,140 --> 00:40:54,940 would be the ramifications so one thing 802 00:40:52,360 --> 00:40:57,610 it will be one thing it will do is to 803 00:40:54,940 --> 00:40:59,710 just delete all the keepers all the 804 00:40:57,610 --> 00:41:02,890 trust levels that has been created in 805 00:40:59,710 --> 00:41:04,750 the past between your own device and any 806 00:41:02,890 --> 00:41:06,879 computer around you so that you will 807 00:41:04,750 --> 00:41:09,640 have to rethink the next time you 808 00:41:06,880 --> 00:41:12,070 connect to new devices the second thing 809 00:41:09,640 --> 00:41:15,430 it will do is it will reset all the 810 00:41:12,070 --> 00:41:18,130 privacy settings you have on your device 811 00:41:15,430 --> 00:41:21,310 with different apps meaning that you 812 00:41:18,130 --> 00:41:23,050 will be able to rethink all the 813 00:41:21,310 --> 00:41:25,090 permissions that you have gave to the 814 00:41:23,050 --> 00:41:26,380 different applications on your device so 815 00:41:25,090 --> 00:41:28,480 it's an it's in house 816 00:41:26,380 --> 00:41:31,210 change but it allows you to really 817 00:41:28,480 --> 00:41:33,280 rethink your whole strategy around using 818 00:41:31,210 --> 00:41:36,970 your mobile device this is actually 819 00:41:33,280 --> 00:41:39,640 Apple suggestion in order to to clear 820 00:41:36,970 --> 00:41:41,220 the traffic computer set yep 821 00:41:39,640 --> 00:41:44,170 another thing you can do is obviously 822 00:41:41,220 --> 00:41:46,240 enable encryption and shows your own 823 00:41:44,170 --> 00:41:48,250 password for the encryption as we 824 00:41:46,240 --> 00:41:49,750 mentioned earlier it's better for you to 825 00:41:48,250 --> 00:41:52,810 choose it then for the attacker to 826 00:41:49,750 --> 00:41:55,270 choose it for yourself the third one is 827 00:41:52,810 --> 00:41:57,820 obviously think very carefully about 828 00:41:55,270 --> 00:42:00,370 what you do and the trust you provide to 829 00:41:57,820 --> 00:42:04,210 other hosts and the last element again 830 00:42:00,370 --> 00:42:06,490 as always make sure you update your your 831 00:42:04,210 --> 00:42:08,200 iOS device and Android devices I don't 832 00:42:06,490 --> 00:42:11,350 know if you know the graphs of publicly 833 00:42:08,200 --> 00:42:13,000 known security issues like of CBS but 834 00:42:11,350 --> 00:42:15,490 the graphs over the past few years look 835 00:42:13,000 --> 00:42:16,270 like this the number of security issues 836 00:42:15,490 --> 00:42:18,729 being identified 837 00:42:16,270 --> 00:42:21,009 meaning it's imperative that you 838 00:42:18,730 --> 00:42:24,400 continuously upgrade your operating 839 00:42:21,010 --> 00:42:27,370 systems from an organization perspective 840 00:42:24,400 --> 00:42:29,230 I would say two things first of all from 841 00:42:27,370 --> 00:42:31,930 an IT perspective 842 00:42:29,230 --> 00:42:34,119 very important to consider and point 843 00:42:31,930 --> 00:42:37,270 security solutions mobile first defense 844 00:42:34,119 --> 00:42:40,240 solutions for your mobile fleet it can 845 00:42:37,270 --> 00:42:42,310 convert a lot of problems across the 846 00:42:40,240 --> 00:42:45,069 threat landscape including some of the 847 00:42:42,310 --> 00:42:46,840 items we discussed today such as side 848 00:42:45,070 --> 00:42:49,840 loading of malicious apps such as 849 00:42:46,840 --> 00:42:52,359 malicious profiles etc the second 850 00:42:49,840 --> 00:42:54,750 element for developers obviously think 851 00:42:52,359 --> 00:42:58,359 very carefully about what you are 852 00:42:54,750 --> 00:43:00,760 picking up right because when you bake 853 00:42:58,359 --> 00:43:03,100 up stuff from your application it might 854 00:43:00,760 --> 00:43:07,050 be leaked so it can be logs it can be 855 00:43:03,100 --> 00:43:09,850 data that is backed up by an attacker as 856 00:43:07,050 --> 00:43:11,470 mentioned regarding Apple as always 857 00:43:09,850 --> 00:43:13,868 we've followed responsible and 858 00:43:11,470 --> 00:43:16,660 coordinated disclosure and one of the 859 00:43:13,869 --> 00:43:20,710 thing things they've done in iOS 11 is 860 00:43:16,660 --> 00:43:23,440 to make one of the security threats we 861 00:43:20,710 --> 00:43:27,130 discussed a bit harder because today 862 00:43:23,440 --> 00:43:29,710 when you trust when it trusts a new 863 00:43:27,130 --> 00:43:32,350 computer you need to type in the 864 00:43:29,710 --> 00:43:35,760 passcode this is very valuable for a 865 00:43:32,350 --> 00:43:38,710 case that was possible before for just 866 00:43:35,760 --> 00:43:41,740 an attacker that is nearby you take your 867 00:43:38,710 --> 00:43:43,000 device and Trust the device for you but 868 00:43:41,740 --> 00:43:45,160 it does not solve the problem of 869 00:43:43,000 --> 00:43:47,590 trusting your own computer and having 870 00:43:45,160 --> 00:43:50,230 your computer infected in attack you 871 00:43:47,590 --> 00:43:51,760 back right interestingly enough when you 872 00:43:50,230 --> 00:43:54,190 look at the dialogue it still states 873 00:43:51,760 --> 00:43:56,380 that the list that you are taking when 874 00:43:54,190 --> 00:43:58,540 you're trusting the device is only 875 00:43:56,380 --> 00:44:01,210 applicable as long as you are physically 876 00:43:58,540 --> 00:44:04,720 connected to the computer which as we 877 00:44:01,210 --> 00:44:06,580 have shown today is not correct other 878 00:44:04,720 --> 00:44:09,009 things to take in mind I think I they 879 00:44:06,580 --> 00:44:10,869 were very clear from the presentation is 880 00:44:09,010 --> 00:44:13,690 to rethink the notion of what is 881 00:44:10,869 --> 00:44:17,710 possible even using Wi-Fi or using VPN 882 00:44:13,690 --> 00:44:21,190 and also make the end-user more involved 883 00:44:17,710 --> 00:44:25,690 in the process of you know when backups 884 00:44:21,190 --> 00:44:27,820 are being created of of being even able 885 00:44:25,690 --> 00:44:30,100 to know what are the computers that are 886 00:44:27,820 --> 00:44:34,119 trusted by that device all of that 887 00:44:30,100 --> 00:44:36,009 information is today not visible so I 888 00:44:34,119 --> 00:44:40,420 think to summarize what we've seen today 889 00:44:36,010 --> 00:44:42,700 we've seen progress from a physical set 890 00:44:40,420 --> 00:44:45,280 of attacks into Wi-Fi base 891 00:44:42,700 --> 00:44:48,220 that's the end attacks that can be 892 00:44:45,280 --> 00:44:50,920 conducted from anywhere the implications 893 00:44:48,220 --> 00:44:55,779 are obviously long lasting in some cases 894 00:44:50,920 --> 00:44:57,099 permanent and I hope I hope you found 895 00:44:55,780 --> 00:44:59,680 the presentation valuable and 896 00:44:57,099 --> 00:45:02,020 interesting and I welcome you to follow 897 00:44:59,680 --> 00:45:04,660 us and also read the research in more 898 00:45:02,020 --> 00:45:11,290 details in our blog thank you so much 899 00:45:04,660 --> 00:45:23,069 thank you so we've got a few moments for 900 00:45:11,290 --> 00:45:23,070 questions any questions yeah 901 00:45:32,080 --> 00:45:38,560 as as far as we know this is not 902 00:45:35,710 --> 00:45:40,480 possible because the trust dialogue is 903 00:45:38,560 --> 00:45:43,480 actually very critical there are many 904 00:45:40,480 --> 00:45:45,190 many accessories that you are using that 905 00:45:43,480 --> 00:45:47,770 needs that trust dialogue because they 906 00:45:45,190 --> 00:45:57,040 have some you know data transfer 907 00:45:47,770 --> 00:45:59,509 interaction with your device okay thank 908 00:45:57,040 --> 00:46:04,129 you so much have a great day