Sysdiagnose logs allow developers to extract information from iOS devices, and it is used for understanding bug occurrences. However, this log is also useful for forensic purposes when a full device acquisition is not possible/available.
Cybersecurity startup ZecOps discovered two zero-day vulnerabilities affecting iPhone and iPad devices during the analysis of a series of ongoing remote attacks that have targeted iOS users since at least January 2018.
UPDATE 2019/11/14: Facebook released version 247.0 that fixes the glitch.
Joshua Maddux published on his Twitter account a video captured from an iPhone running iOS 13.2.2: in this video, a glitch in the interface of Facebook App reveals that the camera is up and running without any notification.
The bug is really simple to reproduce: simply open a Facebook page, tap on profile image and swipe down in order to close the full screen image. After this sequence, the interface of the app fails to re-align and shows on the background the video stream captured by the rear camera.
Below the test performed on my device (iPhone 7):
I did the same test on an iPhone XS, without being able to reproduce the bug.
Now, the main question is: why the camera is on? Is it just a stupid bug or just one of several techniques used by Facebook in order to collect data?
Relax, regardless of whether this is a bug or a data-collection feature, the remediation is pretty simple.
Without coming to buy a smartphone with camera kill-switch, or a more affordable camera cover , you can disable camera access for the facebook app, as shown by Marco De Sanctis on the twitter thread above:
For additional privacy, Marco disables also microphone and bluetooth access, that can be used by facebook for location tracking .
The security expert Axi0mX has released a new jailbreak, dubbed Checkm8, that works on all iOS devices running on A5 to A11 chipsets: so all Apple products released between 2011 and 2017, including iPhone models from 4S to X.
The security researcher Collin Mullinerhas discovered an exploitable vulnerability in Apple’s WebView that could allow phone calls to a number of the attacker’s choosing.
iOS WebViews can be used to automatically call an attacker controlled phone number. The attack can block the phone’s UI for a short amount of time and therefore prevent the victim from canceling the call. The bug is an application bug that likely is due to bad OS/framework defaults. One major issue with this vulnerability is that it is really easy to exploit. App developers have to fix their code as soon as possible.
Mulliner said the vulnerability is trivial to exploit, requiring at a minimum one line of HTML code and iOS developers who have embedded Apple’s WebView into mobile apps need to be aware.
The risks to the user include calls to to premium numbers or denial-of-service against telephone numbers of public services:
About a week agoI read an news post about a guy who got arrested for accidentally DoSing 911 by creating a web page that automatically dialed 911 when visited it from an iPhone. This was most likely due to a bug with the handling of TEL URI. I immediately thought about a bug I reported to Apple in late October 2008 . I couldn’t believe this bug has resurfaced so I investigated. The article said something about posting links on Twitter.
The researcher has also published two video demonstration of the exploit: