Research

Apple vs. FBI, and Vulnerability in Linux

There was a massive flaw in almost all Linux servers, as well as many of the most visited sites on the internet, for almost a decade. The main problem (until now) is that it was easily exploitable everywhere.

First Published 24th February 2016

Apple is resisting an FBI request for a backdoor into their iOS operating system

An Apple a day... 

3 min read  |  Reflare Research Team

Apple is resisting an FBI request for a backdoor into their iOS operating system. The request was made after the terrorist attacks in San Bernardino when it was found that one of the shooters used an iPhone for images and communication. The clash is basically an attempt to back two different interests.

The FBI ultimately desires access to every iPhone and cites terrorism as its motivator. Apple claims the request harms the privacy for its users. It is a bold move on Apple's part, but it is also a good sales point for a company that is in the competitive mobile device market. Apple has always had the capability to provide backdoors as does any third-party device manufacturer. Since Apple does not store keys that could be used to decrypt the device in recent versions of iOS, a customized version of iOS itself would be the only way into the phone.

The FBI is filing suit to have the courts decide. The concern is that if Apple is forced to provide decryption mechanisms to law enforcement, it may set a trend of government requests to break or backdoor other systems or even include government surveillance into any phone sold.

While this is a major news topic, that will have major implications for the future of device security, the immediate impact for regular businesses is limited.

Furthermore, a major bug in Linux security was found this week that would allow a hacker to perform a number of critical attacks. Although it was introduced in 2008 in the GNU C Library, it wasn't discovered until years later.

The vulnerable function is the getaddrinfo() method used to perform domain name lookups. It gives the attacker the ability to trigger a buffer overflow. A buffer overflow is often called a "needle in the haystack" attack because they are difficult to find, but also provides a higher level of malicious activity. With a buffer overflow attack, the hacker can remotely execute malicious code. This code, since it runs on the local server, can perform any number of malicious activities that might not be detected by the administrator.

The exploit spans several systems since Linux is used to power web servers, routers, and mobile devices. Administrators are urged to patch their systems as soon as possible. While an exploit is difficult to develop, this weakness does pose a significant security risk.

Subscribe by email