how to covertly leak data from ios?
DESCRIPTION
information hiding, Siri, leak, secretTRANSCRIPT
Vysoká škola ekonomická v Praze,
Náměstí Winstona Churchilla 1938/4
How to covertly leak data from iOS?
Luca Caviglione, Wojciech Mazurczyk
www.arxiv.org
Keywords: information hiding, Siri, leak, secret
Filip Zíbar
19.11.2014
Along the spreading of malicious software, the attention of potentional victims as well as
security experts is raising. The information hiding technique is a method which allows this
maleware to comunicate without being noticed nor recognized. As in smartphones is stored
plenty of personal information and sensitive data, they are on top of the list for confidential
data theft. Yet only few malware application do that by using information hiding
technique. For its popularity increase, the iOS raised awareness of malware developers. In
April 2014, the Apple-ID and the password from jailbroken iPhone could be leaked by
running malicious dynamic library. iStegSiri designated by the authors is the first attempt
to covertly leak data from iPhone without needing additional application. For exchanging
secrets, both of the involved peers insert them within a carrier. The amout of inserted
information is limited in order to transmit covertly. Siri is an assisstant application, which
allows user to interact with an iPhone with a voice. The iPhone sends packets with a voice
to the Apple server where the voice is translated and packets with the text are send back.
This process can be good carrier for hiding data, because it does not need any alternation
of device nor software. The iStegSiri controls shape of generated traffic to insert secrets.
The secret has to be firstly converted into audio sequence in form of voice and silence.
Then it is given to the Siri and send towards the apple server. Eventually the secret is
extracted by its recipient, who passively inspects generated traffic by using transparent
proxies. The decoding algrotithm then determine wether the stream of throughput values is
voice or silence (1 or 0). It would take 2 minutes to iStegSiri to transmit credit card
number. The limitation of iStegSiri is also fact that it needs acces to the internals of the
service. It means that it only works on jailbroken iPhones.