Apple Contacts App Vulnerable To Hacking, Putting iPhone Users At Risk

Apple to pay $1 million to anyone who can hack iPhone

The fivefold increase in the bug bounty programme this year focuses on finding vulnerable bugs in all the Apple platforms such as iOS, iCloud, iPadOS, macOS, tvOS and watchOS. That includes the iOS Contacts app. Whenever you look up information or search for a contact on your device, you are in all likelihood searching an SQLite database.

But the real shocker is why the Contacts app vulnerability exists in the first place: it capitalises on a known bug which Apple has failed to fix for four years.

As an example, the researchers demonstrated a simple attack that simply crashed the Contacts app.

The Check Point researchers discovered the vulnerability in SQLite, an industry-standard database format. More importantly, the code remained on the device after reboot, as SQLite databases aren't signed, and thus passed Apple's Secure Boot process without interrogation. The Check Point researchers said that keeping the replacement code after the restart on an iOS device was "hard to achieve".


According to the Mashable reports, people capable of bypassing iPhone's lock screen while having physical access to the device will be rewarded $100,000 and those who can execute a kernel code through an installed app will be paid off $150,000 as a reward. "However, SQLite usage is so versatile that we can actually still trigger it in many scenarios".

The announcement was made by Ivan Krstić, Apple's head of security, at the most recent Black Hat conference in Las Vegas, American media website, CNET reported. "Sure this is a win for Apple, but ultimately this a huge win for Apple's end users". But they noted that the technique could also be used to "expand and elevate our privileges". He said that Apple takes privacy and hacking very seriously.

Tech giant Apple is offering US$1 million (AU$1.48 million) to anyone who can hack an iPhone, following in the steps of Tesla's Elon Musk's challenge earlier this year. Moreover, the firm is supposedly rolling out its long-postponed bug bounty program for Mac. He declined to inform Apple the details of the vulnerability, though, to protest the fact that its bug bounty project only pays out for iOS errors and not for macOS flaws.

Related News:



Most liked

Twitter Reacts To "The Crown" Season 3's Release Date
Season 3 of The Crown starts in 1964 and will cover events such as the rise of the Beatles and England winning the soccer World Cup in 1966.

Chris Cuomo 'Fredo' N-Word Video Reactions On Twitter Are Priceless
Several Trump campaign officials jumped on Cuomo for making the comparison between " Fredo " and the n-word. He did not anchor his show Monday night.it's unclear if he was scheduled to appear or whether he was off.

Alisson injury: Chelsea, Arsenal & the games Liverpool's goalkeeper will miss
It's obviously odd playing them overseas , but I think every game is different and we'll go out there with a desire to win. The goalie was injured while kicking a ball in Liverpool's 4-1 win over Norwich City . "[It's] not too cool.

5 children killed in fire at Pennsylvania day care centre
The fire was reported in the wee hours of Sunday morning, already blazing out of every first floor window. A ninth person - a neighbor who ran into the blaze to help others escape - was also injured.

Janhvi Kapoor remembers mom Sridevi on her 56th birth anniversary!
Born as Shree Amma Yanger Ayyapan in 1963, she was known for her iconic roles in Hindi movies like "Chandni", "Lamhe", " Mr. She shared a close-up picture of Sridevi captioning it as, " Happy birthday Mumma, I love you ".

Some storms popping up overnight and into Tuesday morning
The National Weather Service isn't likely to post any weather watches until after the morning round of storms. Temperatures will reach the 90s again by Wednesday with mostly dry conditions all the way into next weekend.

Hong Kong airport reopens as Trudeau urges China to address 'serious concerns'
China's military - the People's Liberation Army - has a garrison of 6,000 soldiers in Hong Kong . He said the protesters' "violent crimes" must be dealt with "resolutely" and "without mercy".

Sea to Sky Gondola closes following a 'major lift incident'
Squamish RCMP officers are investigating the downed Sea to Sky Gondola as a potentially intentional, criminal act. Police are asking visitors to stay away from the area, including away from nearby trails.

Jeffrey Epstein's NY jail was short-staffed
Law enforcement officials told The New York Post on August 11 that there is no surveillance footage of the apparent suicide . The guards failed to follow several protocols leading up to Epstein's death, according to the New York Times .

United States to support post-Brexit Britain with free trade deal, Bolton says
A legal challenge to prevent Boris Johnson to force through a no-deal Brexit by suspending parliament is to be heard by a judge. Mr Bolton said USA trade negotiators think this is acceptable under World Trade Organisation rules.

President Donald Trump Blasts Anthony Scaramucci’s TV Punditry
Scaramucci has been a major donor to Republican candidates, including Trump in 2016. Scaramucci served in the White House for 11 days before being fired.

Move over 64MP: Samsung unveils 108MP camera sensor destined for Xiaomi phone
This includes a 108-megapixel maximum resolution for photos, and 6K (6,016x3,384 pixel) video recording at 30 frames-per-second. Whether we need 100MPs is a whole other story, but it's still good to see that Xiaomi are taking their cameras seriously.

LG G8X Expected To Launch At IFA 2019
Smartphones from the stables of USA tech giant Apple and China's Huawei are also expected to hit shelves in the coming months. If the reports are to be believed, the device will be the successor to the G8 ThinQ that was launched earlier this year.

El Paso Shooting Suspect Admitted to Targeting ‘Mexicans,’ Cops Say
Add El Paso Shooting as an interest to stay up to date on the latest El Paso Shooting news, video, and analysis from ABC News. President Donald Trump and other lawmakers have suggested so-called red flag laws as a way to prevent mass shootings.

Jeffrey Epstein cause of death 'pending further information'
But sources told ABC News that protocol was not followed prior to Epstein's death by suicide . A source told Reuters that the financier wasn't on suicide watch at the time of his death.