Apple, Jailbreaking and Patents

Posted on September 13, 2010 by wunderbarb

Monday, September 13, 2010

Put together these three words and you obtain an explosive cocktail that will surely make the headlines. End of July, a new type of Jailbreaking for iPhone and iPad appeared. Two weeks later, Apple closed the hole. Unfortunately, one week later, somebody highlighted an Apple patent that was filed in February 2009 (There is a period of 18 months after filing while the text of the patent is not public). It was claimed that Apple patented a method to fight jailbreaking and even brick the phone in case of jailbreaking. Most of the news I’ve seen on the Net where making the same statement.
Thus, I decided to have a look on this patent. The title of the patent is “Systems and methods for identifying unauthorized users of an electronic device”. Where is jailbreaking? The patent is about identifying an unauthorized user, not about identifying an unauthorized action. To identify an unauthorized users, the patent proposes in sub claims many solutions such as voice identification (comparing to voice print of authorized users), face recognition, heartbeat sensor (I was not aware of this type of biometrics, has somebody a good pointer?), or proximity detection of a sensor such as NFC. Once an unauthorized user detected, the patent claims that the device collects some information such as keylogging, logging the Internet activity, taking pictures with geotag, or using an accelerometer to identify the current mode of transportation. Then it sends an alert to a responsible party with the collected data.
The patent describes also a larger definition of unauthorized user by

“[0039]As another example, an activity that can detect an unauthorized user can be any action that may indicate the electronic device is being tampered with being, for example hacked, jailbroken, or unlocked. For example, a sudden increase in memory usage of the electronic device can indicate that a hacking program is being run and that an unauthorized user may be using the electronic device. “

:Happy:
Even funnier

“As yet another example of activities that can indicate tampering with the electronic device, an unauthorized user can be detected when a subscriber identity module (SIM) card is removed from or replaced in the electronic device.”

Good luck for the many false positives. Jailbreaking is really a side issue in this patent. It is more valid against thefts than against jailbreaking. Would the device be able to detect jailbreaking, most probably would it be able to cancel the action. Of course, now it is legal to jailbreak the phone, at least in the US.

The lesson is that you should not trust too much what you read in the blogs. Build your own opinion. read the source documents. I am sure that very few of the journalists or bloggers that reported the news did in fact have read the patent.

The risk of geo-tagging

Posted on September 7, 2010 by wunderbarb

Once more, new technology introduced threats on privacy. FRIEDLAND Gerald and SOMMER Robin, in their paper “Cybercasing the Joint: On the Privacy Implications of Geo-Tagging” clearly highlight the new risks.

Many high end phones, such as iPhones, come with GPS. Undoubtfully, GPS is a great feature. Once you used it, you cannot live anymore without. Nevertheless, the combination of GPS and camera is a problem. Currently, all such devices embed a geo-tag, i.e. the precise location, in the metadata of pictures shot by the camera. And many of such pictures end up on Flicker, Facebook and Craig List. This metadata can be easily extracted through standard tools.

In other words, if you publish on Internet a picture of your house taken with your iPhone, it will be extremely easy for anybody to locate you for instance using Google Street View. The paper presents a very illustrative example.

Of course, you can disable the geo-tagging. But, (1) you must be aware of the threat, and then (2) find how to disable it. The solution should be that the manufacturers make this feature as opt-in, i.e. disabled by default. Very unlikely, because manufacturers load the devices with new features ready to work.

If you have a mobile phone with GPS, think about it. Personnaly, I know what I would do.

But(t) Authentication

Posted on September 6, 2010 by wunderbarb

No, I’m not turning my blog into a porn site. I just refer to a recent paper from FERRO M., PIOGGIA G., TOGNETTI A., CARBONARO N., and DE ROSSI D. These extremely serious Italian researchers have published “A Sensing Seat for Human Authentication“.

We know many biometrics authentications using voice, finger, palm, or iris. We had recognition through the way you walk, or the way you type. This one is recognition through the way you seat.

The seat is equipped with a set of strain sensors. These sensors show piezoresistive properties that can be turned into a digital fingerprint of the seating person. the paper describes the system, explains the measuring methods. They tested their system on 20 people over a period of 20 days in a truck simulator. The True Acceptance Rate is about 90-95%. The False Acceptance Rate was about 5%.

The researchers acknowledge that there are may parameters in the real world that may impact these rates such as movements and vibrations and changes of the human profile. A wallet in the pocket may derail the system. Too many hamburgers during a long period most probably also :Wink:

The target is automotive industry. They foresee to couple it with face and voice recognition.

Thanks to BC for the pointer.

It is the turn of PS3

Posted on August 27, 2010 by wunderbarb

For years Sony’s Playstation resisted to hackers. One potential explanation was that when authorizing homebrew applications to execute on PS, Sony removed as attacker the complete homebrew community (which is a large chunk of the reverse engineering community). This is not anymore true.

Since 19 august, the PSjailbreak is available. This USB stick allows to execute duplicate of games. It is a kind of R4 but for PS3. It works for PS3 and PS3 slim. The price is rather high (at least in France around 130€ or $160). Every reports claim that it works.

Sony already claimed that through their network PSN they can detect the presence of the JailBreak and then retaliate. I did not yet find a post that confirmed a counterstrike by Sony on PSN. The current version of PS3Jailbreak does not propose any upgrade feature, thus it may be a weakness.

The funny part of the story is that pirates may soon be pirated. The reverse engineering of the PSJailBreak already started. The hack is based on a standard PIC microcontroller PIC18F. It seems that the code has already been successfully dumped. Some sites are already proposing clones such as PS3stinger, PS3key, X3JailBreak… Clearly, the distributor foresaw this because the site clearly warns about imitators and created a logo for authorized dealers.

Once more, our law #1 “attackers will always find their way” was verified. It took just longer than for the other game consoles. Now, let’s wait the reaction of Sony.

Positive mood

Posted on August 23, 2010 by wunderbarb

This week end, my family purchased a DVD. When viewing it, what a surprise!! The usual scaring/threatening video sequence which explains that downloading movies fromP2P is bad was absent. It was replaced by a new message telling something like “By purchasing this DVD, you are supporting the jobs for the UK movie industry”. And at the end of the video sequence, a huge/heavy “THANK YOU” falls noisily onto the screen. Very Monty Python like (It is probably because it was a UK movie :Happy: )

This change is interesting. One of the rules I learnt in Communications was to always favor the positive formrather than the negative one. A positive message goes better through. You should use the negative form if you want to create fear (Lovecraft was very good at that. Sorry I’m digressing).

Will it have an impact on piracy? Probably not. Nevertheless, it may help to restore a little bit the reputation of content owners. This is also part of the battle.

I don’t know if this will be generalized on everyDVD. I think it would be a good idea.

Where Do Security Policies Come From?

Posted on August 18, 2010 by wunderbarb

In a paper presented at the 6th Symposium on Usable Privacy and Security, DINEI Florencio and CORMAC Herley, Microsoft Research, examined the policy ruling the passwords of 75 Internet sites. The type of websites ranged from very popular sites/services such as Facebook or Paypal to more confidential ones such as governmental agencies.

They evaluated the strength of the enforced policy with the equation N.log2(C) where N is the minimum size of the password and C is the cardinality of the allowed character set. Obviously, this equation is not a perfect evaluation of the constraints because it does not take into account constraints such as mandatory use of digits or special characters. Nevertheless, the result is simple (and perhaps not too surprising)

The size of the site, the number of user accounts, the value of the resources protected, and the frequency of non-strength related attacks all correlate very poorly with the strength required by the site.

In other words, the sites with the most constraining policies are not necessarily the sites which are at most at risks. For instance, Gmail or Paypal do not have strong constraints. Most often, the sites with most constraining policies do have no incentives to have numerous visits or have a captive “audience”. The constraints were more driven by the need to attract visitors than by security itself.

It is the usual trade-off between security and usability. Facebook that is paid by advertising needs frequent visitors. A too complex password policy may rebuke many users and thus make the site less attractive.

The authors advocate that there is most probably no need of strong password policy because strategy to defeat online brute force attack should be deterrent enough. They cite Twitter that recently banned the 370 most common passwords. According to them, strong passwords are most probably only useful in case of an access to the hashed password files. (Remember the use use of rainbow tables)

Their view on the trade-off between usability and security is interesting.

When the voices that advocate for usability are absent or weak, security measures become needlessly restrictive.

I let you savor this statement. Any reactions?

The paper is available here.

Torrent Tweet

Posted on August 13, 2010 by wunderbarb

BitTorrent has just launched a new add-on to the P2P client µTorrent (or utorrent): Torrent tweet . The name of the apps is self explanatory. It is a new way to share or chat about a given torrent. The central server, using the hash tage of the torrent, adds a unique tinyurl in the tweet. Thus, it is extremely easy to point to a torrent.

We may be skeptical about its wide usage. File sharing is often done under cover. And anonymity is probably not the salient characteristic about Twitter. Nevertheless, the use is starting and spreading. Some doubts? Choose the last movie you’ve seen at theater. Search for its torrent on Twitter, for instance “Salt + Torrent”. You’ll be surprised by the result.

BitTorrent has created a new convenient way to share torrents :Happy: When will we see cease and desist notice through twitter?

The blog of content protection

A site managed by Eric Diehl

Author Archives: wunderbarb