Horrible Apple iOS virus; vectored around USB: WireLurker is ‘new code of threat’ [u]

No Comment 0 View

By Richi Jennings

A daily digest of IT blogs. Richi Jennings curates a best bloggy bits, excellent forums, and weirdest websites… so we don’t have to. Catch a pivotal explanation from around a Web any morning.

Thank you

Your summary has been sent.

Sorry

There was an blunder emailing this page.

  • Mobile phone information privacy.

  • ios 8 problems

  • tim prepare iphone 6 review

wirelurker richard uten cc by

Credit:

Richard Uten (cc:by)

Plugging in your iPhone? Don’t blindly trust Macs or chargers, even if you’re not in China

Computerworld |
Nov 6, 2014 3:34 AM
PT

‘);//–“;
var adDivString = “”;
placementDiff = applyInsert($(this), adDivString);
if (debug) {
console.log(“Just placed an ad and a placementDiff is: ” + placementDiff);
}
placementTarget = cumulativeHeight + placementDiff + interModuleHeight + adHeightBuffer;
}
else {
var moduleDivString = “”;
var elementId = “drr-mod-“+moduleCounter;
moduleDivString = “”;
modules.push(elementId);

placementDiff = applyInsert($(this), moduleDivString);
if (debug) {
console.log(“Just placed a procedure and a placementDiff is: ” + placementDiff);
}
placementTarget = cumulativeHeight + placementDiff + interModuleHeight + moduleHeightBuffer;
moduleCounter++;
}
loopCounter++;
}
// Avoid fixation elements too shortly due to non-large total inflating a accumulative height
if ($(this).is(“figure”) !$(this).is(“figure.large”)) {
cumulativeHeight += grafHeight;
}
else {
cumulativeHeight += $(this).height() + grafHeight;
}
}
});

// counterpart Related Stories procedure m-15 to come in after 2nd para in essay physique for mobile breakpoint display
var $relatedStories = $(‘.related-promo-wrapper’);
if ($relatedStories.length) {
var $relatedStoriesClone = $relatedStories.clone();
$relatedStoriesClone.insertAfter( “#drr-container p:eq(1)”);
}

var $insiderPromo = $(‘.insider-promo-wrapper’);
if ($insiderPromo.length) {
var $insiderPromoClone = $insiderPromo.clone();
$insiderPromoClone.insertAfter( “#drr-container p:eq(1)”);
}

//place left side element
cumulativeHeight = 0;
var leftPlacementTarget = tagHeight = leftPlacementTarget) {
if (debug) {
console.log(“congratulations… we’ve upheld a initial start point”);
}
if (leftPlacementIndex == null) {
//it’s not good adequate to not be a left equivocate – it also shouldn’t be a

with an immediately preceding tiny or middle picture left avoid.
if (!isLeftAvoid($(this)) noPrevFigures($(this)) ) {
leftPlacementIndex = $(this).index();
$leftPlacementElement = $(this);
leftPlacementLookaheadStart = cumulativeHeight;
if (debug) {
console.log(“is not a left equivocate and no prev figures. ########## set placementIndex (“+leftPlacementIndex+”) and lookaheadStart (“+leftPlacementLookaheadStart+”) ##########”);
}
} else {
if (debug) {
console.log(“is a left equivocate or has prior figures. continue”);
}
}
} else {
if (debug) {
console.log(“#### leftPlacementIndex already set to “+leftPlacementIndex+”. looking ahead…”);
}
//not null; has been set
if ((cumulativeHeight – leftPlacementLookaheadStart) leftIntervalHeight) {
if (debug) {
console.log(“###### THRESHOLD REACHED. LOOKAHEAD COMPLETE. END ###### (cumulativeHeight – leftPlacementLookaheadStart) (“+(cumulativeHeight-leftPlacementLookaheadStart)+”) leftIntervalHeight (“+leftIntervalHeight+”).”);
}
return false;
} else {
if (debug) {
console.log(“threshold not reached: (cumulativeHeight – leftPlacementLookaheadStart) (“+(cumulativeHeight-leftPlacementLookaheadStart)+”) tags
if (!(isLeftAvoid($(this)) ($(this).hasClass(‘small’) || $(this).hasClass(‘inline-small’) || $(this).hasClass(‘medium’) || $(this).hasClass(‘inline-medium’) || $(this).hasClass(‘apart’) ))) {
cumulativeHeight += $(this).height() + grafHeight;
}
if (debug) {
console.log(“——————– set cumulativeHeight(“+cumulativeHeight+”) —————“);
console.log(“”);
}
}
});
}

if (leftPlacementIndex != nothing elementNotNearEnd($leftPlacementElement, leftPixelWindow)) {
if (debug) {
console.log(” insert into index “+leftPlacementIndex);
}
$(“#drr-container”).children().eq(leftPlacementIndex).before(“

“);
}

IDG.GPT.trackOmniture();

// Add Right rail procedure content
for (var i=0; i= 0) {
var a = document.createElement(‘a’);
a.href = document.referrer;
var uriParts = a.pathname.split(‘/’);
a = ”;
if (typeof uriParts[3] == ‘undefined’) {
epoParams += “typeId=” + defaultTypeId + “referrer=home”; // default is ‘home’ behavior
}
else {
var refCatSlug = uriParts[3];
epoParams += “catSlug=” + refCatSlug + “referrer=article”;
}
}
// From SEARCH: Show essay with catId same as stream article
else if (document.referrer.indexOf(“google”) = 0 || document.referrer.indexOf(“yahoo”) = 0 || document.referrer.indexOf(“bing”) = 0) {
var categories = [3496, 3309, 3716];
if (categories instanceof Array categories.length 0) {
var primaryCatId = categories[0];
epoParams += “catId=” + primaryCatId + “referrer=search”;
}
else {
epoParams += “typeId=” + defaultTypeId + “referrer=home”; // default is ‘home’ behavior
}
}
// Default is to uncover like entrance from homepage
else {

epoParams += “displayId=11referrer=home”;

// default is ‘home’ behavior
}
return epoParams;
}

/**
* @param jqo Original jquery intent target
* @param divString The div to be inserted.
* @return Difference in tallness between strange chain aim and final target.
* Checks initial 6 elements for an acceptable chain (600 pixel window).
* If none, check circuitously for elements that are not right avoids.
* If none, place member before stream target.
*/
function applyInsert(jqo, divString) {
if (debug) {
console.log(“applyInsert during tip and jqo index is: ” + jqo.index());
}

for (var i=0; i 0) {
children = $(“#drr-container”).children().slice(jqo.index(), allowElement.index() );
}
else {
children = $(“#drr-container”).children().slice(allowElement.index(), jqo.index());

}
if (children != null) {
children.each(function(i) {
if (debug) {
console.log(“About to supplement this element’s tallness to heigh diff offset”);
console.log($(this));
}
height += $(this).height() + grafHeight;
});
}
if (offset 300) {
if (debug) {
console.log(“isRightAvoid: found pre. lapse true”);
}
return true;
}
if (jqo.is(“figure”) jqo.hasClass(‘large’)) {
if (debug) {
console.log(“isRightAvoid: found figure.large lapse true”);
}
return true;
}
if (jqo.is(“figure”) jqo.hasClass(‘medium’) jqo.hasClass(‘inline’)) {
if (debug) {
console.log(“isRightAvoid: found figure has category middle and inline.”);
}
return true;
}

if (jqo.is(‘div’) jqo.hasClass(‘table-wrapper’)) {
if (debug) {
console.log(“isRightAvoid: found div with category table-wrapper”);
}
return true;
}
if (jqo.is(‘aside’)) {
if (jqo.hasClass(‘sidebar’) !jqo.hasClass(‘medium’)) {
if (debug) {
console.log(“isRightAvoid: found aside with category sidebar, though category medium”);
}
return true;
}
if (jqo.hasClass(‘statsTable’)) {
if (debug) {
console.log(“isRightAvoid: found aside with category statsTable”);
}
return true;
}
}
if (jqo.hasClass(‘download-asset’)) {
if (debug) {
console.log(“isRightAvoid: found category download-asset lapse true”);
}
return true;
}
if (jqo.hasClass(‘tableLarge’)) {
if (debug) {
console.log(“isRightAvoid: found category tableLarge lapse true”);
}
return true;
}
if (jqo.hasClass(‘reject’)) {
if (debug) {
console.log(“isRightAvoid: found category reject. lapse true”);
}
return true;
}
if (jqo.is(‘table’) jqo.hasClass(‘scorecard’)) {
if (debug) {
console.log(“isRightAvoid: found div with category scorecard”);
}
return true;
}
}
return false;
}

// Return loyal if member has category ‘reject': will not place drr modules/ads subsequent to these elements
function isRightReject(jqo) {
console.log(“in isRightReject”);
if (jqo != null) {
if (jqo.hasClass(“reject”)) {
if (debug) {
console.log(“isRightReject: found ‘reject’ class”);
}
return true;
}
return false;
}
return false;
}

// Returns loyal if tallness of all elements after this one is some-more than 500; fake otherwise
function elementNotNearEnd(element, pixelWindow) {
if (pixelWindow == null) {
pixelWindow = 500;
}
if (element == null) {
return false;
}
var remainingHeight = 0;
var children = $(“#drr-container”).children().slice(element.index());
if (children == null) {
return false;
}
children.each(function(i){
remainingHeight += $(this).height();
});
if ( remainingHeight pixelWindow) {
return true;
}
else {
if (debug) {
console.log(“Element too tighten to end. Remaining tallness is: ” + remainingHeight + ” and window is ” + pixelWindow);
}
return false;
}
}

/**
* Return loyal if need to equivocate this member when fixation left module.
*/
function isLeftAvoid(jqo) {
if (jqo.is(“figure”)) {
if (debug) {
console.log(“isLeftAvoid: found figure. lapse true”);
}
return true;
}
if (jqo.is(“aside.pullquote”)) {
if (debug) {
console.log(“isLeftAvoid: found pullquote. lapse true”);
}
return true;
}
if (jqo.is(“pre”)) {
if (debug) {
console.log(“isLeftAvoid: found pre. lapse true”);
}
return true;
}
if (jqo.is(“div.gist”)) {
if (debug) {
console.log(“isLeftAvoid: found github formula block. lapse true”);
}
return true;
}

if (jqo.is(“aside”) jqo.hasClass(“sidebar”) jqo.hasClass(“medium”)) {
if (debug) {
console.log(“isLeftAvoid: found middle sidebar. lapse true”);
}
return true;
}

if (jqo.hasClass(“statsTable”)) {
if (debug) {
console.log(“isLeftAvoid: found category statsTable. lapse true”);
}
return true;
}
return false;
}

/**
* lapse loyal if there are no total before a aim chain that competence drain down into chain element
*/
function noPrevFigures($originalTarget) {
var targetIndex = $originalTarget.index();
var numElementsLookBack = 5;
var figureIndex = null;
var figureHeight = null;
var startIndex = targetIndex – numElementsLookBack

According to researchers during Palo Alto Networks, a supposed WireLurker pathogen can taint your iPhone or iPad from a elementary USB connection. Hundreds of thousands of users have been putrescent already, contend researchers.

Apple says it’s already bound a problem, though eccentric infosec geeks contend a association still has a prolonged proceed to go, and that a problem isn’t singular to China.

In IT Blogwatch, bloggers cut a cord. <!– Not to mention: XXXXXXXXXXXXhellip; –>

curated these bloggy pieces for your entertainment.

Calling it, “an considerable malware attack,” Jeremy Kirk dox a diverge and weft of this story: [You’re dismissed -Ed.]

[It] revolves around infecting Mac OS X applications with “WireLurker,” that collects call logs, phone book contacts and other supportive information. [It’s] important for how it leverages desktop Mac applications as partial of a conflict on iOS. [It] waits for when an iOS device is connected by a USB cable.

[It uses] a digital certificate that Apple issues to craving developers so they can run their possess applications in-house that do not seem on a App Store [which] means iOS would concede [malware] to be installed. … Apple could initial devaluate a craving digital certificate [and] emanate an refurbish to detect WireLurker.  MORE

And Sai Sachin R reports from Bangalore:

[It’s] underscoring a augmenting sophistication of attacks on iPhones and Mac computers. [WireLurker] can implement third-party applications on regular, non-jailbroken iOS devices. … Palo Alto Networks [saw] indications that a enemy were Chinese.

Apple, which…was told a integrate weeks ago, did not respond to requests for comment.  MORE

Data. We wish it. Nicole Perlroth obliges:

In a final 6 months, Palo Alto Networks pronounced 467 putrescent applications were downloaded over 356,104 times and “may have impacted hundreds of thousands of users.”

Typically, iOS users can download applications from third parties usually if they have “jailbroken” their phones…to run program Apple has not authorized. With WireLurker, an putrescent focus can strech a non-jailbroken phone…which is [the] researchers contend WireLurker represents a “new formula of hazard to all iOS devices.”  MORE

“FIRST!” cries Claud Xiao, a 马口:

Of famous malware families distributed by trojanized / repackaged OS X applications, it is a biggest in scale we have ever seen…the initial malware to automate era of antagonistic iOS applications…the initial famous malware that can taint commissioned iOS applications identical to a normal virus…the initial in-the-wild malware to implement third-party applications on non-jailbroken iOS devices.

This malware combines a series of techniques to successfully comprehend a new formula of hazard to all iOS devices. [It] exhibits formidable formula structure, mixed member versions, record hiding, formula obfuscation and customized encryption to frustrate anti-reversing.

  • Keep a iOS chronicle on your device up-to-date
  • Do not accept [a] provisioning form unless…your IT corporate assistance table categorically instructs we to do so
  • Do not span your iOS device with untrusted or different computers …
  • Avoid powering your iOS device by [untrusted] chargers…or different accessories …
  • If we do jailbreak it, usually use convincing Cydia village sources

MORE

Meanwhile, Apple released this brief statement, according to Jon Russell:

We are wakeful of antagonistic software…in China, and we’ve blocked a identified apps.

As always, we suggest that users download and implement program from devoted sources.  MORE

But Jonathan Zdziarski says that’s not good enough, indicating out fundamental flaws in a iOS design:

The bigger emanate here is not WireLurker itself [it’s] that a pattern of iOS’ pairing resource allows for some-more worldly variants of this proceed to simply be weaponized…due to Apple’s miss of codesign pinning [and] how antagonistic program can abuse a pairing annals of a desktop appurtenance to implement malware on an iOS device. … [A] worldly assailant could simply incorporate a most some-more effective (and dangerous) conflict like this.

What can Apple do to assistance forestall it? … Have a phones do a improved pursuit of call a user. … Disable “Enterprise” app designation wholly though an “Enterprise Mode.” … Manage entrance to “Trusted Pairing Relationships” with inclination a same proceed it manages entrance permissions for contacts. … Lock out any third celebration focus from piggybacking on these devoted relationships. … Pin a gold identifier so that it has to be sealed with a specific entity’s cert. … Have a handling complement make entrance to specific hostnames usually by specific gold identifiers. … Use a secure member in iOS inclination to countenance applications.

It would severely behoove Apple to residence this conditions with some-more than a certificate reversal [because] this technique could be weaponized in a future. … It would be a most improved resolution to residence a underlying pattern issues.  MORE

 <!–

And Finallyhellip;
XXXXXXXXXXXX
[hat tip: XXXXXXXXXXXX]


–>

 


You have been reading IT Blogwatch by , who curates a best bloggy bits, excellent forums, and weirdest websites… so we don’t have to. Catch a pivotal explanation from around a Web every morning. Hatemail might be destined to @RiCHi or itbw@richi.uk. Opinions voiced might not paint those of Computerworld. Ask your alloy before reading. Your mileage might vary. EOE.

  • See no evil, hear no evil, pronounce no evil

  • 2014 spending ss 10a

  • XYZprinting all-in-one 3D printer

  • Environmentally-friendly, energy-saving monitor



The Voice of Business Technology




+


In : Tech

About the author

Leave a Reply

Your email address will not be published. Required fields are marked (required)

*

code

Mojo Marketplace