The iPhone: A Case for
Software Security
Dwayne Bates
Acknowledgements
Graham Cluley’s Blog
http://www.sophos.com/blogs/gc/g/2009/11/
03/hacked-iphones-held-hostage-5-euros/
Nicolas Seriot (SpyPhone)-
http://seriot.ch/blog.php?article=20100203
Apple’s Developer Site-
developer.apple.com
Overview
What is the iPhone?
History of Privacy Issues for the iPhone
Spyware and the iPhone
iPhone Applications
How did this information affect the
development process?
Closing Remarks
References
What is the iPhone?
Features:
iPod
Phone
Internet QuickTime™ a nd a
decompressor
are need ed to see this picture.
Security Overview
History of Security and Privacy Issues:
Root exploits and Personal Data Harvesting
Jailbreaking and Worms
Security Overview cont.'d..
Spyware and the iPhone: SpyPhone
/var/mobile/Library/Keyboard/
/var/mobile/Library/Preferences/com.apple.accoun
tsettings.plist
/var/mobile/Library/Preferences/com.apple.commc
enter.plist
/var/mobile/Library/Preferences/com.apple.mobile
phone.settings.plist
/var/mobile/Library/Preferences/com.apple.mobile
phone.plist
/var/mobile/Library/Preferences/com.apple.mobile
safari.plist
/var/mobile/Library/Preferences/com.apple.prefere
nces.datetime.plist
/var/mobile/Library/Preferences/com.apple.weathe
r.plist
/var/mobile/Library/Preferences/com.apple.youtub
e.plist
/var/mobile/Library/Preferences/com.apple.Maps.p
list
/var/mobile/Media/DCIM/
Figure 2: Paths actually read by SpyPhone
iPhone Applications
Development Process
Enroll in iPhone Developer Program
Download iPhone SDK
Gain working knowledge of Objective-C
iPhone Applications cont.'d..
Development Tools
Xcode- Development Environment
Q uic kT im e™ an d a
d ec o mp r es s or
a re n ee d ed to s e e th is p ictu r e.
iPhone Simulator- Simulation of the application
Q uic kT ime ™ a n d a
d ec o mp re s so r
a re n ee d ed to s e e th is p ictu r e.
in it's environment
Interface Builder- Used to build the user
Q uic kT im e™ an d a
d ec o mp r es s or
a re n ee d ed to s e e th is p ictu r e.
interface
CLANG- Static Analysis Tool
Apple’s Secure Coding Guide
Motivation
In my work I propose the development of an iPhone application
with the information and tools provided by Apple to developers.
In addition, I will be evaluating the information and tools in an
effort to see if they are adequate enough for development of
secure applications. The development process will be enhanced
to focus on the use of software security principles throughout
the entire Software Development Life Cycle (SDLC). By
incorporating these principles throughout the SDLC, the
resulting application will be more reliable and better quality.
Proof of Concept
Poof- is an iPhone game in which
the player must try to match at
least three like tiles at a time in an
effort to clear the board. If the
player succeeds in this effort and
achieves a high score they are
prompted to enter their name into
a high score list.
Contributions
Usability
Security
Integrity
Risk Analysis
Buffer Overflow
File Modification
High Score List Hacking
Memory Leaks
Buffer Overflow
Input Validation
- -(BOOL) textField:(UITextField*)textField shouldChangeCharactersInRange:(NSRange)range
replacementString:(NSString*)textEntered {
- NSCharacterSet *myCharSet = [NSCharacterSet characterSetWithCharactersInString:@"~`!@#$%^&*()_-
+={}[]|\:";'?/.,"]; for (int i = 0; i 0&&[textField.text
length]<=10){
- acceptable=textField.text;}
- else{
- [self getUserNameErrorMSG:YES];}
- if((acceptable!=nil)){[self stringForHS:YES];}}
Buffer Overflow
Input Validation
File Modification
File Modification
-(void) saveSettings{
NSString * path = [[NSBundle mainBundle] bundlePath];
NSString * file = [path stringByAppendingPathComponent:@"settings.plist"];
[self.settings writeToFile:file atomically:YES];
[path release];
[file release];
}
-(void) saveHighScores{
NSString * path = [[NSBundle mainBundle] bundlePath];
NSString * file = [path stringByAppendingPathComponent:@"highscores.plist"];
[self.highScores writeToFile:file atomically:YES];
[path release];
[file release];
}
Memory Leaks
CLANG- Static Analysis Results
Memory Leaks
Conclusion
CLANG
Security Related Bugs
File Validation
File Paths
File Read function enhancement