Pegasus: Security researcher calls on Apple for better iPhone protection

Share your love

The so-called zero-click gaps in Apple’s communication service iMessage show that iOS still has fundamental security problems. This was pointed out by cryptologist Matthew Green, IT security expert and associate professor at Johns Hopkins University, in connection with the Pegasus spyware affair.

In one detailed blog posting, which is directed against “security nihilism”, he writes, it must be possible to close such “really bad” attack vectors. Some cynics correctly said that probably not every way of compromising devices could be ruled out, according to Green. “But there are good reasons to believe that we can fill a vector for a gap that doesn’t require any interaction. And that’s what we should try.”

The gap on iPhones exploited by Pegasus allows users to simply send an iMessage to take over the device. The malicious code only needs to be sent to an Apple ID or telephone number. “Then you lean back and wait for the zombie phone to break the infrastructure [der Spyware-Macher] contacted. “Apple must fix a fundamental security problem in iMessage.

The group had already tried to seal the app better with the BlastDoor function – this prevents malicious code contained in individual messages from being executed. However, the bugs that Pegasus exploits apparently take effect earlier. According to Green, iMessage is currently in the process of parsing “all kinds of complex data from random strangers”. “Junk libraries” are used, which are written in languages ​​that are unsafe for storage. “These problems are difficult to solve because iMessage can receive so many formats of data and has become so complicated in recent years.”

Read Also   Devuan 4.0: Like Debian 11, but without systemd

More from Mac & i

More from Mac & i

More from Mac & i

A kind of firewall like BlastDoor is not sufficient, says Green, as the past has shown. Green now recommends Apple to rewrite the iMessage code base “from scratch” – in a safe language. The most important system libraries that do the parsing of data also need to be addressed. ARM mitigation measures such as MTE or PAC would have to be used more to make exploits more difficult.

Green also called on the group to use telemetry data to better secure the system – but in such a way that the privacy of the users is not destroyed. He hopes Apple security expert Ivan Krstić “wakes up tomorrow and goes to his bosses and says he wants to [Pegasus-Macher] Drive NSO into bankruptcy “. And he hopes that the bosses then wrote him a blank check for it.


(bsc)

Article Source

Share your love