Path: csiph.com!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Lloyd Parsons <lloydp211@gmail.com>
Newsgroups: comp.sys.mac.system,comp.os.linux.advocacy
Subject: Re: YiSpecter Malware Targets Non-Jailbroken iOS Devices
Date: 5 Oct 2015 17:58:52 GMT
Lines: 53
Message-ID: <d7fs2sFcrtfU3@mid.individual.net>
References: <c6e99f3bdea56102996b09469de159ad@foto.nl1.torservers.net> <d7frg4Fbto2U7@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net laJ14veMpwhk8vRPFYOWKQnaU4AT/BjGhd5ciYbMszJn1+8UwU
Cancel-Lock: sha1:j0EuDnMNn1HhMiINMrks2B2NYGg=
User-Agent: Pan/0.139 (Sexual Chocolate; GIT bf56508 git://git.gnome.org/pan2)
Xref: csiph.com comp.sys.mac.system:81580 comp.os.linux.advocacy:324519

On Mon, 05 Oct 2015 17:48:52 +0000, Jolly Roger wrote:

> On 2015-10-05, Anonymous <anonymous@foto.nl1.torservers.net> wrote:
>> ooops.  Looks like Apple is crapple.
>>
>> Apple's iOS mobile operating system is under attack in China and
>> Taiwan, according to security firm Palo Alto Networks.
>>
>> The company identified malware, dubbed YiSpecter, whichunlike most
>> other malware affecting iOS devicescan target non- jailbroken iPhones
>> and iPads.
>>
>> http://www.pcmag.com/article2/0,2817,2492540,00.asp
> 
> YiSpecter uses an enterprise provisioning certificate, which is designed
> to give enterprises a way to bypass the App Store and associated
> approval processes to easily distribute apps to employees of a company.
> They also allow companies to set key rules like lock screen password or
> PIN security and other policies. Enterprise certificates cost the
> developer $500 a year and will be revoked by Apple if they are caught
> abusing them.
> 
> The apps in question require the user to first install an Enterprise
> provisioning certificate, which iOS presents as an UNTRUSTED certificate
> that requires the user to actively tap "Trust" to continue. Users can
> also list and manage installed provisioning profiles in Settings >
> General > Profiles.
> 
> Assuming the user installed this untrusted provisioning profile, the
> user must then download the offending app that must be signed by the
> same certificate - so that one company's apps cannot be installed via
> another company's certificate - from some place *other* than the Apple
> App Store.
> 
> Enterprise certificates automatically expire after one year. So the user
> will have to download and "Trust" another certificate (assuming Apple
> allows another to be created) for every year afterward.
> 
> Apple to revoke said certificate in 3... 2... 1...
> 
> Hardly the end of the world.
> 
> Keep trolling, trollboi.

Yeah, <yawn>...  :)

Another non-issue that made for good click bait!!




-- 
Lloyd