Apple's iPad Megathread

[FanIn80]

Quote:

Originally Posted by kermitology

FanIn80 you really need to just let these things go.

Yeah, you're right. I keep trying, but man oh man.

Edit: I've been using that ffvb plugin for Firefox. It's good, but unfortunately I still see everything and I keep clicking on that little "Show post" link...

[Phaneuf3]

Well, now that hopefully everyone has got that out of their system, I'll (foolishly) try this again.

Quote:

Apple fixed the bug on the desktop version of Safari in March, when the security glitch was first discovered. But Apple has still not issued the patch for its mobile version, leaving the iPad vulnerable, according to the hacker group.p

Anyone familiar with this bug and why it would have been patched on the desktop version but not the mobile version?
Anyone with thoughts on just how serious this is?



Also, Goatse.

[Hack&Lube]

For every guy you think is getting old, you are probably getting old for some other people too. It's just a forum. Take it easy guys and stop being so one-sided. Nothing is perfect and everything deserves criticism.

Nobody is baiting you FanIn80. You just seem to see it that way. If anything, they are bringing up flaws or criticisms of Apple products or methods. It's not a direct attack on you and has nothing to do with you aside from the fact that you are taking a lot of it personally and always jump to the defense when there is no need to do so as there are plenty of people with their own minds and can see when the good outweighs the bad or temporary small issues are not a big deal for them in the big picture.

[FanIn80]

Quote:

Originally Posted by Phaneuf3

Well, now that hopefully everyone has got that out of their system, I'll (foolishly) try this again.

Anyone familiar with this bug and why it would have been patched on the desktop version but not the mobile version?
Anyone with thoughts on just how serious this is?



Also, Goatse.

Any chance you can tell us what the actual bug is?

It's very difficult to comment on the seriousness of a bug that has yet to be identified. Abstracted seriousness isn't very serious at all.

As for the "why did they fix something one place but not somewhere else" thing... welcome to the world of software development.

[Phaneuf3]

Quote:

Originally Posted by FanIn80

Any chance you can tell us what the actual bug is?

It's very difficult to comment on the seriousness of a bug that has yet to be identified. Abstracted seriousness isn't very serious at all.

As for the "why did they fix something one place but not somewhere else" thing... welcome to the world of software development.

If you check the post I made before s**t hit the fan, you'll see a link to the CNN article. I'll repost it here anyway:
http://money.cnn.com/2010/06/14/tech...hack/index.htm

It's not super specific so no, I can't tell you exactly the technical details of the bug. Hence why I'm posting here, showing my sources and looking for more information. Perhaps someone else had heard of this and has a more detailed and technical source?


PS - Rereading this post, it may come off as snarky but that's not the intention... but I'm too lazy to go back and reword everything so nobody can possibly misconstrue my tone.

[FanIn80]

I'm aware of what the article said. It doesn't identify the bug either.

Which is why I was asking you if you knew what it was. It's tough to comment on the seriousness of something that hasn't even been identified.

And I didn't read your post as being snarky. You wanted to discuss it, so I'm trying to discuss it. It's just... well... there really isn't much to discuss yet.

[Phaneuf3]

Quote:

Originally Posted by FanIn80

I'm aware of what the article said. It doesn't identify the bug either.

Which is why I was asking you if you knew what it was. It's tough to comment on the seriousness of something that hasn't even been identified.

And I didn't read your post as being snarky. You wanted to discuss it, so I'm trying to discuss it. It's just... well... there really isn't much to discuss yet.

I'd check for more info online myself but I don't want to be googling information coming from goatse security while at work. Figured someone more in tune with the Apple world might have heard something from another source considering how quickly the news of the AT&T exploit made the rounds on tech blogs and such.

[Hack&Lube]

We don't really need to comment on it or go through the attack/defend cycle with Apple on this. The problem is real. It exists. Users beware. Apple and AT&T will deal with it I'm sure.

[Burninator]

There is a book I would like to buy that is a PDF. What is the best way to view a PDF on the iPad? Does iBooks support PDFs?

[FanIn80]

I think I remember something about iBooks getting PDF support.

[photon]

Stanza added PDF support recently and it is free.

[FanIn80]

I've been using GoodReader for my PDFs. I think it was $1.99 or something, but it handles everything I've thrown at it. I have some PDFs that are pretty huge (textbooks, etc).

Stanza is a great app. I didn't know they added PDF support, that's good to know for sure.

I haven't had much of a chance to use iBooks yet. How does it compare to Stanza?

[photon]

Not sure, I haven't used iBooks much yet either.

[kermitology]

Quote:

Originally Posted by FanIn80

I'm aware of what the article said. It doesn't identify the bug either.

Which is why I was asking you if you knew what it was. It's tough to comment on the seriousness of something that hasn't even been identified.

And I didn't read your post as being snarky. You wanted to discuss it, so I'm trying to discuss it. It's just... well... there really isn't much to discuss yet.

It said that Safari on the iPad didn't restrict certain ports and that this can allow a hacker to access and then fully control the iPad. Which I'm not really sure is the case. As far as I can tell, safari is similar to other apps on the iOS in that they're sandboxed.


In regards to iBooks and PDF's, that was part of Job's keynote wasn't it?

[FanIn80]

Right, which is why I'm not sure what the bug is.

Which ports are exposed by the browser? A port is just a port, unless it's a port with a known vulnerability. Every computer on the planet has open ports.

Edit: I just have a hard time trusting anything coming out of anyone associated with Gawker right now. This "hacker" group was paid off by Gawker for the exclusive on the AT&T hack, which they then reported as an iPad problem to get back at Apple. Now the FBI is investigating this "hacker" group and so anything they have to say right now is inherently questionable at best.

Especially a vague allusion to some exposed ports in a sandboxed application.

Edit: I see now that the ports in question are apparently high-numbered, which would certainly make them more exploitable than the known ones. It would be interesting to see if these guys could actually do what they claim though. I have suspicions this is all just fodder to help defend themselves against the FBI charges.

[Phaneuf3]

Well, I pulled up goatse security's page and found a blog post they made when they released the original exploit for the desktop version of safari.

Quote:

Apple is going to learn several lessons here, the most important of which is probably not to let an unsigned short pose as anything other than an unsigned short. Open up a Safari browser on your favorite chode-sniffing operating system. Go to a "banned" port like 25 and you'll get an error:
“Not allowed to use restricted network port” (WebKitErrorDomain:103)
Add 65536 to 25 to make 65561 and revisit the site on this new port-- no such cockblocking. You're good to go. You can now use the Safari web browser as a device to hit any port on any address with a cross-protocol scripting attack.

more here (with sample code) for those that are curious:
http://encyclopediadramatica.com/Safari_XPS_Attack

[Yeah_Baby]

I cannot believe my eyes, how's the forum filled with filth and lies!

[sclitheroe]

Quote:

Originally Posted by Phaneuf3

Well, I pulled up goatse security's page and found a blog post they made when they released the original exploit for the desktop version of safari.


more here (with sample code) for those that are curious:
http://encyclopediadramatica.com/Safari_XPS_Attack

This barely comprises an exploit at all. All they are doing is tricking the browser into connecting to a port it normally refuses to connect to, and then using Javascript to pump data to the remote server on a port of their choice.

In all the examples listed, the iPad is the vector, not the target. And any machine that can’t withstand non-sanitized data being delivered to it, on a port that its listening on by design, is the real problem here. Sucks that you can trick the iPad into doing this, but its no different than anything you could do with some shell script and a telnet client.

It’s also trivially easy for Apple to fix, they just need to put some bounds checking on the int being passed into their code, or change the size of the int their code accepts. It’s literally a couple lines of code if that to correct this.

[Rathji]

Good news, after reading the global warming thread in OOT I am feeling much safer in the confines of a thread laced with bitter PC/Mac undertones.

That said, this whole discussion of the exploit thing seems to have fanboys on both side tossing barbs at each other. The reality is there isn't a machine out there connected to a network that is invulnerable to attack. To trash on the iPad because of a vulnerability like this is like getting mad at a lake for being wet.

[Hack&Lube]

Quote:

Originally Posted by Rathji

Good news, after reading the global warming thread in OOT I am feeling much safer in the confines of a thread laced with bitter PC/Mac undertones.

That said, this whole discussion of the exploit thing seems to have fanboys on both side tossing barbs at each other. The reality is there isn't a machine out there connected to a network that is invulnerable to attack. To trash on the iPad because of a vulnerability like this is like getting mad at a lake for being wet.

It's not really getting mad at Apple. Probably people throwing out a "haha, Apple is not safe" in regard to all the percieved "Apple is always safer" attitude thrown around in the Apple/PC thing. Both sides are stupid.