Information Security Specialist Company of Azimuth Security found vulnerability in iOS 7 firmware, which an attacker can bypass a number of mechanisms used by Apple to prevent access to the operating system kernel . The problem lies in the feasibility of a brute force attack (Brute Force) on the random number generator and the possibility of prediction results. Generator PRNG system used to protect memory in the iPhone and iPad.
PRNG uses random numbers to create a so -called card randomization physical kernel zonal defense applications from the modification notes Cybersecurity. Bypassing these methods of protection allows a potential attacker to cause a buffer overflow metabolism and create different exploits that can be used for an attack on iOS. Simply put , using the method identified possible to create exploits that bypass the insulation system memory to the operating system .
Tardzhey Mandt , senior security specialist company Azimuth Security, said that the PRNG implemented in iOS 7 is worse than in iOS 6. According to him, the results of prediction of PRNG bypasses a significant part of the security mechanisms that are still iOS safeguard against various attacks. Moreover, the weak implementation of PRNG opens in a front iOS attacks associated with compromise of the system and the detection in the user data memory .
“PRNG are fundamental for a variety of security features , especially for those associated with cryptography . PRNG also represent a starting point attacks , as often turns out that they are largely predictable ” – said the expert .
Random number generator in iOS 7 – an algorithm that implements the so -called linear congruential generator . This type of generator is one of the most studied . However, it is relatively easy to deploy in the platform and it is quite easy to manage .
According Mandt , these algorithms work well in resource-constrained devices such as smart phones, but they are fairly easy to crack , and track the results of their generation .