Friday, September 25, 2020
More

    Apple’s Safari bugs let attackers hijack cameras on iPhones and Macs

    Security researcher Ryan Pickren has shared findings of vulnerabilities that would've allowed attackers to exploit three Safari bugs in succession and take over webcam and microphone on iOS and macOS devices.

    Popular

    Ajay Nirmal
    Graduated from Mumbai University, Ajay brings in the latest news across sports, tech, and world news. Ajay loves talking on tech, latest news, and events.

    Apple paid out $75,000 to a hacker for identifying multiple zero-day vulnerabilities in its software, some of which could be used to hijack the camera on a MacBook or an iPhone, according to the news agency.

    A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting it.

    Security researcher Ryan Pickren reportedly discovered the vulnerabilities in Safari after he decided to “hammer the browser with obscure corner cases” until it started showing weird behavior.

    The bug hunter found seven exploits in all. The vulnerabilities involved the way that Safari parsed Uniform Resource Identifiers, managed web origins and initialized secure contexts, and three of them allowed him to get access to the camera by tricking the user to visit a malicious website.

    “A bug like this shows why users should never feel totally confident that their camera is secure,” Pickren said, “regardless of operating system or manufacturer.”

    Pickren reported his research through Apple’s Bug Bounty Program in December 2019. Apple validated all seven bugs immediately and shipped a fix for the camera kill chain a few weeks later. The camera exploit was patched with in Safari 13.0.5, released January 28. The remaining zero-day vulnerabilities, which Apple judged to be less severe, were patched in Safari 13.1, released on March 24.

    Apple opened its bug bounty program to all security researchers in December 2019. Prior to that, Apple’s bug bounty program was invitation-based and non-iOS devices were not included. Apple also increased the maximum size of the bounty from $200,000 per exploit to $1 million depending on the nature of the security flaw.

    When submitting reports, researchers must include a detailed description of the issue, an explanation of the state of the system when the exploit works, and enough information for Apple to reliably reproduce the issue.

    This year, Apple plans to provide vetted and trusted security researchers and hackers with “dev” iPhones, or special iPhones that provide deeper access to the underlying software and operating system that will make it easier for vulnerabilities to be discovered.

    These iPhones are being provided as part of Apple’s forthcoming iOS Security Research Device Program, which aims to encourage additional security researchers to disclose vulnerabilities, ultimately leading to more secure devices for consumers.

    ↓   Keep Scrolling for NEXT STORY   ↓

    Top Picks

    Also Read

    Trending