Presque tous les appareils Apple vulnérables aux attaques sur le protocole AWDL

Presque tous les appareils Apple vulnérables aux attaques sur le protocole AWDL

1 Star2 Stars3 Stars4 Stars5 Stars (Pas encore d'évaluation)
Loading ...

A new report by TU Darmstadt and Northeastern University researchers titled “A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link” reveals that vulnerabilities in AWDL (Apple Wireless Direct Link) could enable attackers to track users, crash devices, or intercept files transferred between devices in man-in-the-middle (MitM) attaques.

Tout d'abord, what is Apple Wireless Direct Link?

AWDL is an extension of the IEEE 802.11 (Wi-Fi) standard and integrates with Bluetooth Low Energy (BLE). It is noteworthy that its proprietary nature prevented security and privacy analysis, but not anymore, comme il apparaît.
Perhaps most Apple users are be aware of the protocol, it is a crucial part of Apple services such as AirPlay and AirDrop, and Apple has been including AWDL by default on all its devices like Macs, iPhones, iPad, Apple watches, Apple TVs, and HomePods.

From a user perspective, AWDL allows a device to remain connected to an infrastructure-based Wi-Fi network and communicate with AWDL peers simultaneously by quickly hopping between the channels of the two networks (AWDL uses fixed social channels 6, 44, et 149), StackOverflow users a écrit.

Selon le rapport, "with deployments on over one billion devices, spanning several Apple operating systems (iOS, macOS, tvOS, and watchOS) and an increasing variety of devices (Mac, iPhone, iPad, Apple Watch, Apple TV, and HomePod), Apple Wireless Direct Link (AWDL) is ubiquitous and plays a key role in enabling device-to-device communications in the Apple ecosystem."

en relation: CVE-2019-13450: Dangerous Zero-Day Mac Zoom client

The AWDL vulnerabilities explained

In their work, the researchers reverse-engineered AWDL and then re-wrote it as a C implementation which they named OWL (Open Wireless Link). OWL was then used to test the real AWDL protocol in various attack scenarios.
The researchers’ analysis shows several security and privacy vulnerabilities ranging from design flaws to implementation bugs that could lead to different kinds of attacks.

1. A long-term device tracking attack which works in spite of MAC randomization, and may reveal personal information such as the name of the device owner (plus de 75% of experiment cases).
2. A DoS attack aiming at the election mechanism of AWDL to deliberately desynchronize the targets’ channel sequences effectively preventing communication.
3. A MitM attack which intercepts and modifies files transmitted via AirDrop, effectively allowing for planting malicious files.
4. Two DoS attacks on Apple’s AWDL implementations in the Wi-Fi driver. The attacks allow crashing Apple devices in proximity by injecting specially crafted frames. The attacks can be targeted to a single victim or affect all neighboring devices at the same time.

Of all these attacks, the AWDL vulnerabilities that allow user tracking are the most concerning. Using the vulnerabilities, the researchers were able to obtain information from an AWDL connection like device hostname, real MAC address even with MAC address randomization turned on, the AP the device is connected to, as well as device class and version of the AWDL protocol. All these details are sufficient enough to lead to tracking of users, and if linked with data from online advertisers and analytics utilities, devices could be associated with their owners.

What are the mitigations?

Tout d'abord, the researchers notified Apple about everything they discovered between August and December, 2018. Apple fixed the DoS vulnerability known as CVE-2019-8612, but it appears that the other flaws require redesign of some of their devices, le rapport.

It seems that the other AWDL flaws will remain unpatched for an undefined time. Enfin, what is worse is that the same vulnerabilities may also affect Android devices.


Milena Dimitrova

Un écrivain inspiré et gestionnaire de contenu qui a été avec SensorsTechForum pour 4 ans. Bénéficie d' « M.. Robot » et les craintes de 1984 '. Axé sur la vie privée des utilisateurs et le développement des logiciels malveillants, elle croit fermement dans un monde où la cybersécurité joue un rôle central. Si le bon sens n'a pas de sens, elle sera là pour prendre des notes. Ces notes peuvent se tourner plus tard dans les articles!

Plus de messages

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont marqués *

Délai est épuisé. S'il vous plaît recharger CAPTCHA.

Partager sur Facebook Partager
Loading ...
Partager sur Twitter Tweet
Loading ...
Partager sur Google Plus Partager
Loading ...
Partager sur Linkedin Partager
Loading ...
Partager sur Digg Partager
Partager sur Reddit Partager
Loading ...
Partager sur Stumbleupon Partager
Loading ...