Apple iOS 4 Security Evaluation
Apple iOS 4 Security Evaluation
Apple iOS 4 Security Evaluation
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
FindingsThird-party applications without PIE support won’t get full ASLR andare easier to exploit, especially if they have an embedded web browserIn-House Distribution Certificates and Provisioning Profiles allow theirapps to run on all devices, Enterprise Developers should protect themAttackers could steal them and use OTA distribution and socialengineering to bypass <strong>Apple</strong>’s AppStore reviewAs of <strong>iOS</strong> 4.3, Safari’s dynamic-codesigning entitlement makesbrowser exploits require a ROP stage, not full ROPAll 140+ <strong>iOS</strong> Mach RPC servers are allowed through sandbox profile,may allow apps to perform undesirable actions