Næsten alle Apple-enheder sårbar over for angreb på AWDL protokollen

Næsten alle Apple-enheder sårbar over for angreb på AWDL protokollen

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

A new report by TU Darmstadt and Northeastern University researchers titled “A Billion Open Interfaces for Eve and Mallory: MITM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link” reveals that vulnerabilities in AWDL (Apple Wireless Direct Link) could enable attackers to track users, crash devices, or intercept files transferred between devices in man-in-the-middle (MITM) angreb.

Først og fremmest, what is Apple Wireless Direct Link?

AWDL is an extension of the IEEE 802.11 (Wi-Fi) standard and integrates with Bluetooth Low Energy (BLE). It is noteworthy that its proprietary nature prevented security and privacy analysis, but not anymore, som det vises.
Perhaps most Apple users are be aware of the protocol, it is a crucial part of Apple services such as AirPlay and AirDrop, and Apple has been including AWDL by default on all its devices like Macs, iPhones, iPads, Apple watches, Apple TVs, and HomePods.

From a user perspective, AWDL allows a device to remain connected to an infrastructure-based Wi-Fi network and communicate with AWDL peers simultaneously by quickly hopping between the channels of the two networks (AWDL uses fixed social channels 6, 44, og 149), StackOverflow users skrev.

Ifølge rapporten, "with deployments on over one billion devices, spanning several Apple operating systems (iOS, MacOS, tvOS, and watchOS) and an increasing variety of devices (Mac, iPhone, iPad, Apple Watch, Apple TV, and HomePod), Apple Wireless Direct Link (AWDL) is ubiquitous and plays a key role in enabling device-to-device communications in the Apple ecosystem."

Relaterede: CVE-2019-13450: Dangerous Zero-Day in Mac Zoom Client

The AWDL vulnerabilities explained

In their work, the researchers reverse-engineered AWDL and then re-wrote it as a C implementation which they named OWL (Open Wireless Link). OWL was then used to test the real AWDL protocol in various attack scenarios.
The researchers’ analysis shows several security and privacy vulnerabilities ranging from design flaws to implementation bugs that could lead to different kinds of attacks.

1. A long-term device tracking attack which works in spite of MAC randomization, and may reveal personal information such as the name of the device owner (løbet 75% of experiment cases).
2. A DoS attack aiming at the election mechanism of AWDL to deliberately desynchronize the targets’ channel sequences effectively preventing communication.
3. A MitM attack which intercepts and modifies files transmitted via AirDrop, effectively allowing for planting malicious files.
4. Two DoS attacks on Apple’s AWDL implementations in the Wi-Fi driver. The attacks allow crashing Apple devices in proximity by injecting specially crafted frames. The attacks can be targeted to a single victim or affect all neighboring devices at the same time.

Of all these attacks, the AWDL vulnerabilities that allow user tracking are the most concerning. Using the vulnerabilities, the researchers were able to obtain information from an AWDL connection like device hostname, real MAC address even with MAC address randomization turned on, the AP the device is connected to, as well as device class and version of the AWDL protocol. All these details are sufficient enough to lead to tracking of users, and if linked with data from online advertisers and analytics utilities, devices could be associated with their owners.

What are the mitigations?

Først og fremmest, the researchers notified Apple about everything they discovered between August and December, 2018. Apple fixed the DoS vulnerability known as CVE-2019-8612, but it appears that the other flaws require redesign of some of their devices, hedder det i rapporten.

It seems that the other AWDL flaws will remain unpatched for an undefined time. Endelig, what is worse is that the same vulnerabilities may also affect Android devices.


Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...