A team of researchers from Georgia Tech unveiled their findings yesterday at the Blackhat conference. Their topic is a power charger exploit that installs malware on iOS devices. Who would have thought that there’d be a security hole associated with the charging port on a device? Oh wait, after seeing hotel room locks exploited through their power jack this is an avenue that should be examined with all device security.
The demonstration used a charger and an BeagleBoard. Plugging in the charger is not enough to trigger the exploit, the user must unlock the screen while charging for it to go into action. But once that’s done the game is over. Their demo removes the Facebook app and replaces it with an infected impostor while leaving the icon in the same place on your home screen. They notified Apple of their findings and a patch will roll out with iOS7. So when would you plug your device into an untrusted charger? Their research includes a photo from an airport where an iPad is connected to the USB port of a public charging station.
The summary on the Blackhat site has download icons for the white paper and presentation slides. At the time of writing we had a hard time getting them to download but succeeded after several tries.
It’s quite common to have a timed lockout after entering several bad passwords. This simple form of security makes automated brute force attacks unfeasible by ballooning the time it would take to try every possible permutation. The lock screen on iOS devices like iPad and iPhone have this built in. Enter your code incorrectly several times and the system will make you wait 1, 5, 15, and 60 minutes between entries as you keep inputting the wrong code. But there is an exploit that gets around this. [Pierre Dandumont] is showing off his hardware-based iPad lock screen attack in the image above.
He was inspired to try this out after reading about some Mac EFI attacks using the Teensy 3. That approach used the microcontroller to spoof a keyboard to try every PIN combination possible. By using the camera kit for iPad [Pierre] was able to do the same. This technique lets you connect wired keyboards to the iPad, but apparently not the iPhone. A bluetooth keyboard can also be used. These external keyboards get around the timing lockout associated with the virtual lockscreen keyboard.
We’re of the opinion that this is indeed a security vulnerability. If you forget your passcode you can simply restore the device to remove it. That wipes all of your personal data which can then be loaded from an iTunes backup. Lockscreens are paramount if a device is stolen. They will give you the time you need to change any online credentials which might be remembered by the device.
Continue reading “iOS keyboard exploit allows brute force iPad lock screen attack”
If you’re a follower of Apple hardware the upcoming Google Glass release probably doesn’t interest you much. But the concept is universally cool. If you want to have your own one-eyed voice-activated computer running iOS, then this is the hack for you. [John] calls it the Beady-i, and posted a step-by-step article on how he put it together.
The headpiece is shown on the left. It’s a combination of a pair of glasses with projection screens built-in, and a gaming headset. [John] cut off one of the lenses, and removed the remaining arm of the glasses. That arm was replaced with the frame of a gaming headset, which now wraps around the back of his neck to make sure the lopsided display isn’t going to fall off.
By combining the electronics from both the glasses and the headset, and terminating the connections with a docking plug he’s got what he was after. The lens displays what is shown on the screen, and the gaming headset lets him hear the device’s sound in one ear and register input using the microphone.
[Christina] has been working on a project she calls Magenta to put Darwin/BSD on top of Linux. What does that mean? Well, hopefully it’s the first step towards running iPhone/iPad apps on a Linux machine.
Before you get too excited, there are a few caveats; Magenta only works on ARMv7 platforms, none of the fancy iOS frameworks are included, and it’s currently impossible to run iOS apps with this build. Think of this project as a very, very early version of Wine. If you’d like to take Magenta for a spin, [Christina] put the source up here.
Although [Christina]‘s project is entirely useless for anyone wanting Siri on their Android phone, it’s possible to add all those fancy iOS frameworks to Magenta and create an open source OS able to run iPhone apps.
We really have to admire [Christina]‘s work on this. It’s an amazingly impressive project, and her final goal of recreating the iOS stack would be a boon to the jailbreaking scene. Cue the sound of millions of iPhone clones marching out of China…
via [OleRazzleDazzle] on the reddits
[Joseph] wrote in to share this home automation system he’s working on as a college project. He calls it the Room Engine and the house-side of the hardware is built on top of the circuit you see here. This is the most basic part of the REBoard, which is meant to connect to a computer uses RS232 or USB, and in turn use a set of relays to switch mains voltage devices.
You can follow the bread crumb on his webpage to get a broader video of the system. The interface is designed to use two parts. One is a voice recognition system that is supported by the computer. The other is an iOS interface that includes login credentials and a button-based control system. The video after the break shows off the smart phone portion of the controller. We think he’s done a good job of integrating a few appliances without the need for commercial products such as X10 modules.
If you’re just interested in switching a few things without cord’s reach of each other this can get it done, and offers scheduling functionality. It would also be pretty easy to set this up with a WiFi module and do away with the PC.
Continue reading “Arduino compatible home automation for smart phone or voice control”
It’s surprising what lengths people will go to in order to bring functionality to their smart phones. In this case, [Tadpol] wanted a way to develop for his Arduino on an iOS device like an iPad or iPhone. He figures it’s possible to rewrite the IDE as HTML5, but since that’s a pretty large mountain to climb, he started by building a browser-based AVR compiler. It’s an interesting concept, and he’s got a working prototype up on Github for you to test. Perhaps you can throw your hat in the ring and help him with development?
The web interface uses boxes to add to the code. What you see above is three sets of commands which will blink an LED. The project, named Avrian Jump, uses a simple ladder language to feed the compiler, with several different options for output. The most interesting in our mind is a WAV file which can be used to program an AVR from the audio out of your device. That would make programming as simple as connecting the specially modified AVR to your headphone jack. There’s also an ASCII output which allows you to save your programs for later alteration, S19 output for AVRdude programming, and an assembler output for debugging purposes. It’s hard to see where this project might go, but we have to admit that the concept is intriguing.
It’s not everyday that we review software around here, but the folks at Adafruit recently put together an iOS app that I figured might be of interest. Their iPad/iPhone compatible application is called “Circuit Playground”, and it includes all sorts of handy electronics reference tools. For the context of this review, it should be noted that I paid for the application myself, and that I have had no communication with the Adafruit team regarding my assessment of the app.
Continue reading “Circuit Playground – An electronics reference app from Adafruit”