MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Entries by Sean OConnell Public (117)

Saturday
Apr232011

Condition Remains GREEN

iOS devices for a long time, like other devices, track your location based on your preferences. Cell carriers for years have kept data which matches user>handset>tower, but government could only access it via a court order. This has only been complicated by the use of GPS location services which a host of applications and companies use for various purposes. This occurs many times without the user fully understanding the implications. A malicious actor having physical access to the device can access location data, thus administrators and users should consider these new risk and mitigation methods.

Apple iPhones keep a sqlite database of your locations based on Wifi and Cell Tower information, this information is not shared but physical access to your device or computer can allow access by a malicious actor.  

Risk re-evaluation specific to iOS devices but consider points for all mobile devices:

  • This is nothing new, a host of services use location information and you need to consider the risk individually. 
  • If the iOS devices is stolen a thief can access this data on your iPhone along with a host of other data on your phone.
  • Backup's of iOS devices which are not encrypted will allow a user with access to your computer to extract information about your iPad or iPhone including location information related to cell towers and WiFi networks. (Roughly where you have been.)
  • Remove all iOS backups from all Backup Tapes or TimeMachines.
  • iOS devices used by high profile employees overseas may become the targets of attacks specifically to gain access to their iPhones to determine their movements.
  • Backups in iTunes of iOS devices are not encrypted by default.
  • iOS devices may not be registered to wipe data remotely or with Passcode Lock.
  • The collection of data is not shared with Apple unless the user opts-in for location services.
  • Various phones and applications use location services, consider the risk before opt-in. 

What users should do to mitigate risk:

  • If traveling with an iOS device and laptop make sure to remove all old backups and then create a new encrypted backup. 
  • If traveling overseas consider leaving your iPhone at home or be prepared to destroy the device.
  • Sign up for Find My iPhone so you can remotely wipe and lock the device.
  • Do not Sync your iPhone on any public computers or computers outside your trust zone.
  • Use the Passcode Lock feature and make sure to use numbers and letters 12 characters or more. 
  • Remove old backups of iOS devices from all machines, backups and TimeMachine backups. 
  • Create a new backup of iOS devices which are encrypted. 
  • Review who and how you share location services, not all of it is bad and can be useful for certain business functions. 

Consider these risk and re-evaluate regularly. Alex Levinson has a really good write up about the subject and we included a dump of SELECT * FROM sqlite_master where type='table', please visit the reference links for more information.

Thursday
Apr212011

Condition Remains GREEN

Adobe has released an update to Acrobat and Reader which addresses the Flash 0day. Users should update their version of Acrobat Reader or Acrobat for MacOSX.

We recommend the following:

 

  • Consider only using Preview.app.
  • Never install Adobe software on production servers.
  • If you need to install Adobe Reader or Acrobat install this update.