Welcome!

Eclipse Authors: Liz McMillan, David H Deans, JP Morgenthal, Mano Marks, Yeshim Deniz

News Feed Item

Stroz Friedberg Whitepaper Confirms Pairing Records Security Risk in Apple iOS Devices

Firm releases open source tool and offers free recommendations to safeguard personal data

NEW YORK, Aug. 11, 2014 /PRNewswire/ -- A reported security vulnerability in Apple iOS devices by which outsiders could potentially access users' personal data through pairing records has been validated in a whitepaper released by the incident response team at Stroz Friedberg, a global investigations, intelligence and risk management company.

In response, Stroz Friedberg has developed an open source tool, "unTRUST," to allow enterprise and personal users to protect their data on iOS devices such as the iPhone and iPad. The whitepaper also lists recommendations to mitigate the security risk.

"We are proactively sharing the unTRUST tool and free recommendations with corporate America," said Erin Nealy Cox, Executive Managing Director and lead of the incident response practice at Stroz Friedberg. "Enterprises today rely heavily on mobile devices for day-to-day business operations. The breach of even one employee's iPhone has the potential to expose a company's valuable information to their competitors or the public at-large."

The vulnerability can occur when a user connects his or her device to a computer via USB cable and selects "Trust" when the "Trust This Computer?" dialog box pops up. Users have the ability to elect to trust multiple computers and the potential for exploit increases as the number of trust relationships increase.

A pairing record is then created on both the device and the computer in order for them to facilitate a variety of services. An unauthorized person with access to a "trusted" computer or a modified USB charger can exploit these services's USB, remotely or over Wi-Fi and gain access to sensitive personal data. This includes user, application, diagnostic, file and system data. Stroz Friedberg developed its unTRUST tool to remove the pairing records at the heart of the issue.

The security hole was first reported during the Hackers on Planet Earth (HOPE) conference in July by digital forensic scientist Jonathan Zdziarski. He revealed several services present on iOS devices that can possibly provide unannounced packet-sniffing and data-dumping capabilities that bypass device settings and back-up encryption.

Stroz Friedberg undertook an effort to independently test and validate Zdziarski's research and was able to reproduce many of his findings on iOS devices running iOS versions 7 and 8. Details about the process and the unTRUST tool are outlined in the whitepaper, entitled "Mitigating Potential Pairing Record Risks in Apple iOS Devices" and authored by Stroz Friedberg digital forensic experts Cheri Carr and Daniel Blank.

"Stroz Friedberg is committed to protecting businesses from potential security risks," Cox said. "IT departments are increasingly adopting Apple products for use by the workforce because they are already extremely popular with employees. By taking a few proactive measures, they can be assured of the security of these devices."

Stroz Friedberg's unTRUST tool is publicly accessible through its GitHub repository. The firm also recommends general mitigation strategies, among them:

  • Delete all pairing records that currently exist on the iOS device.
  • Trust only one computer (a computer necessary for syncing and updates) and implement security controls on the iOS device and the "trusted" computer.
  • Do not allow other untrusted connections, including connections to other unnecessary computers, and other Internet-connected devices (e.g. kiosk computers).
  • Because the trusted relationship can be exploited through Wi-Fi, disable Wi-Fi when not needed.
  • For trusted computers, implement the following, where possible:
    • Encrypt data-at-rest.
    • Ensure operating system and application patching is kept up-to-date.
  • For iOS devices, implement the following, where possible:
    • Enable complex passwords.
    • Do not store account credentials in clear text on the device.
    • Ensure iOS and apps are kept up-to-date.
  • Corporations should use mobile device management apps such as MobileIron or Good Technology for protection of sensitive documents and emails.

"Mitigating Potential Pairing Record Risks in Apple iOS Devices" is available at www.strozfriedberg.com. The source code and installation files for unTRUST can be accessed at https://github.com/strozfriedberg/unTRUST.

About Stroz Friedberg, LLC
Founded in 2000, Stroz Friedberg is a global leader in investigations, intelligence, and risk services. It provides expertise in digital forensics, cybercrime and incident response, security science, forensic accounting, compliance, due diligence, data disclosure and analytics. Working at the intersection of technology, investigations, regulatory governance and behavioral science, the company is driven by a core purpose—seeking truth so clients can find the assurance and answers they need to move forward with certainty. With twelve offices across nine U.S. cities, London, Zurich and Hong Kong, Stroz Friedberg assists in managing critical risk for Fortune 100 companies as well as 80% of the AmLaw 100 and the Top 20 UK law firms. Learn more at www.strozfriedberg.com.

Media Contacts
Karen Guterl 
212-542-3167 
[email protected]

Ben Tanner 
212-445-8245 
[email protected]

SOURCE Stroz Friedberg

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...
SYS-CON Events announced today that EARP Integration will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. EARP Integration is a passionate software house. Since its inception in 2009 the company successfully delivers smart solutions for cities and factories that start their digital transformation. EARP provides bespoke solutions like, for example, advanced enterprise portals, business intelligence systems an...
We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA
SYS-CON Events announced today that Hitachi Data Systems, a wholly owned subsidiary of Hitachi LTD., will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City. Hitachi Data Systems (HDS) will be featuring the Hitachi Content Platform (HCP) portfolio. This is the industry’s only offering that allows organizations to bring together object storage, file sync and share, cloud storage gateways, and sophisticated search and...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs ofte...
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry’s single source for the cloud. Fusion’s advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including cloud...
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
The 21st International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo Silicon Valley Call for Papers is now open.
DevOps at Cloud Expo – being held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real r...
SYS-CON Events announced today that T-Mobile will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on ...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.
SYS-CON Events announced today that Carbonite will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Carbonite protects your entire IT footprint with the right level of protection for each workload, ensuring lower costs and dependable solutions with DoubleTake and Evault.
Existing Big Data solutions are mainly focused on the discovery and analysis of data. The solutions are scalable and highly available but tedious when swapping in and swapping out occurs in disarray and thrashing takes place. The resolution for thrashing through machine learning algorithms and support nomenclature is through simple techniques. Organizations that have been collecting large customer data are increasingly seeing the need to use the data for swapping in and out and thrashing occurs ...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...