Amaya Toman The Safari web browser in the latest iOS 12.1 contains a bug that allows you to retrieve deleted photos on an iPhone. The bug was demonstrated this week at Tokyo's Mobile Pwn2Own competition by white-hat hackers Richard Zhu and Amat Cama.
The contest's sponsor, Trend Micro's Zero Day Initiative, said the hacking duo successfully demonstrated the attack through Safari as part of the cash prize match. The pair, operating under the name Fluoroacetate, connected to a target iPhone X running iOS 12.1 over an unsecured Wi-Fi network and gained access to a photo that had been deliberately deleted from the device. Hackers received a reward of 50 thousand dollars for their discovery. According to the server 9to5Mac a bug in Safari might not only threaten photos - the attack can theoretically obtain any number of files from the target device.
The photo that was used in the sample attack was marked for deletion, but was still on the device in the "Recently Deleted" folder. This was introduced by Apple as part of the prevention of unwanted permanent deletion of images from the photo gallery. By default, photos are kept in this folder for thirty days, from where the user can either restore or permanently delete them.
But this is not an isolated error, nor a privileged matter of Apple devices. The same pair of hackers also revealed the same flaw in Android devices, including the Samsung Galaxy S9 and Xiaomi Mi6. Apple has also been informed about the security flaw, a patch should come soon – most likely in the next beta version of the iOS 12.1.1 operating system.
Where is the good old Apple?
Well, well, well, but then again, we have colored straps for the Watch, decomposable aluminum in nature, we support lesbians and boobies, and I think that's what a technology company is all about, isn't it? ?