First, Apple revealed a critical bug in its implementation of encryption in iOS, requiring an emergency patch. Then researchers found the same bug is also included in Apple’s desktop OSX operating system, a gaping Web security hole that leaves users of Safari at risk of having their traffic hijacked. Now one researcher has found evidence that the bug extends beyond Apple’s browser to other applications including Mail, Twitter, Facetime, iMessage and even Apple’s software update mechanism.
On Sunday, privacy researcher Ashkan Soltani posted a list of OSX applications on Twitter that he says he’s determined use Apple’s “secure transport” framework, the coding library that developers depend on to build programs that securely communicate online using the common encryption protocols TLS and SSL. The full list, which isn’t comprehensive given that Soltani only analyzed the programs on his own PC, is shown below. (Soltani has underlined the vulnerable application names in red.)
Privacy researcher Ashkan Soltani’s list of OSX applications that use Apple’s vulnerable implementation of SSL and TLS encryption. (Click to enlarge.)
Soltani, an independent researcher whose recent work has included analyzing the surveillance documents leaked by NSA contractor Edward Snowden on behalf of the Washington Post, warns that the security of several applications on that list are severely compromised, including Apple’s email program Mail, scheduling app Calendar and the its official Twitter desktop client. The bug affects how Apple devices authenticate their secure connection with servers, allowing an eavedropper to fake that verification and hijack or corrupt traffic using what’s known as a “man-in-the-middle” attack. ”All these apps would be vulnerable to the same man-in-the-middle vulnerability outlined on Friday,” Soltani says.
Some of the affected apps such as iMessage and Facetime have added security that could reduce the effects of the security vulnerability, though Soltani warns that for the iMessage instant messaging application the initial login at Apple’s me.com website may be compromised, even if the messages themselves remain encrypted, and that similar problems may exist for Facetime. “There are going to be parts of the protocol like the initial ‘handshake’ that rely on TLS, and those will be vulnerable to man-in-the-middle attacks,” Soltani says.
Equally troubling is the notion that Apple’s Software Update application is affected, which means that Apple’s mechanism for pushing new code to OSX machines, including security updates, could be compromised. Soltani notes that in addition to SSL and TLS, Software Update also checks for Apple’s signature on any code that it asks users to install. But he adds that the code-signing protection hasn’t stopped malware from spoofing those updates in the past to install spying tools on victims’ machines.
I’ve reached out to Apple for comment on Soltani’s findings, and I’ll update this post if I hear from the company.
Apple’s newly discovered security flaw, dubbed “gotofail” by the security community due to a single improperly used “goto” command in Apple’s code that triggered it, initially came to light Friday when Apple issued a security update for iOS. Researchers at the security firm Crowdstrike and Google quickly reverse engineered that patch to show how it affected OSX as well, and initially recommended that users stay away from untrusted networks and avoid Safari, which is more dependent on Apple’s implementation of SSL and TLS than other browsers such as Chrome or Firefox.
Soltani’s work, however, shows that the problem extends further, leaving many users with few options for secure communications until Apple issues a fix for its desktop software. The company promised in a statement to Reuters Saturday to make that fix available “very soon.” Given the widening gaps in Apple’s security the flaw exposes, it can’t come soon enough.