Archive for the ‘Personal’ Category


Security researcher Phil discover a Cross-Site Scripting vulnerability exists in the “Chat Message” window in Skype 3.0.1 and earlier versions for iPhone and iPod Touch devices.

Skype uses a locally stored HTML file to display chat messages from other Skype users, but it fails to properly encode the incoming users “Full Name”, allowing an attacker to craft malicious JavaScript code that runs when the victim views the message.

XSS in Skype

To demonstrate the vulnerability, He captured a photo of a simple javascript alert() running within Skype.

Executing arbitrary Javascript code is one thing, but he found that Skype also improperly defines the URI scheme used by the built-in webkit browser for Skype. Usually you will see the scheme set to something like, “about:blank” or “skype-randomtoken”, but in this case it is actually set to “file://”. This gives an attacker access to the users file system, and an attacker can access any file that the application itself would be able to access.

File system access is partially mitigated by the iOS Application sandbox that Apple has implemented, preventing an attacker from accessing certain sensitive files. However, every iOS application has access to the users AddressBook, and Skype is no exception.

He also created a proof of concept injection and attack that shows that a users AddressBook can indeed be stolen from an iPhone or iPod touch with this vulnerability.

To further demonstrate the issue, he had recorded a video of this scenario.

Please see the video & use the comments section on his blog for your questions.

Skype Attack Message

Skype Attack Loading

Update
In case anyone is wondering, Phill disclosed the vulnerability to Skype on 8/24 & been told an update would be released early this August but no update yet.


facebook%20evilFacebook recently announced on its developer blog that it will now be "making a user’s address and mobile phone number accessible as part of the User Graph object." In other words, the site will now let third-party applications (think Farmville or that spammy app your friends keep falling for that promises to show them who is stalking them on Facebook) access your contact information.

"Because this is sensitive information," reads the announcement, "[…]permissions must be explicitly granted to your application by the user via our standard permissions dialogs." Take a look at the example permission dialogs box, however, and tell us if you think this is enough.

That we believe they are planning for long as they make authorize user ID via phone number and login via it.

So what they goanna sell out next? Your photo and information on dating site … No wonder if that happened.

We suggest to stop playing games and using Facebook application to stop spreading your information undesired manners. 


Apple’s 10.6.4 operating system upgrade earlier this week silently updated the anti-virus protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over iMac or MacBook.

Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn’t helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done. You have to wonder whether their keeping quiet about an anti-virus security update like this was for marketing reasons. “Shh! Don’t tell folks that we have to protect against virus on Mac OS X!

Security folks are worried about how Apple is telling its consumers to be unconcerned about security.

It seems their own employees can be amongst the worst offenders when it comes to giving users security advice. Just a few days ago Cluely at Sophos, came across a tweet about the poor advice about malware protection being offered in Apple retail stores.

There’s a lot less malicious software for Mac computers than Windows PCs, of course, but the fact that so many Mac owners don’t take security seriously enough, and haven’t bothered installing an anti-virus, might mean they are a soft target for hackers in the future.

Apple’s update to detect “HellRTS” more than doubles the size of the XProtect.plist file from 2.4k to 5.1k. There are still a lot of Mac threats it doesn’t protect against.