Book Image

Learning iOS Security

Book Image

Learning iOS Security

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning iOS Security
Feb, 2015 | 142 pages
No titles found
Table of Contents (13 chapters)
Learning iOS Security
Learning iOS Security
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
iOS Security Overview
iOS Security Overview
Pairing
Backing up your device
Initial security checklist
Safari and built-in App protections
Predictive search and spotlight
Summary
2
Introducing App Security
Introducing App Security
Installing apps
Single App mode, App Lock, and Guided Access
App communication
Keybags and keychains
Keyboards and extensions
Sandboxing and App data storage
Introduction to in-house App development
Summary
3
Encrypting Devices
Encrypting Devices
Secure boot and activating iOS
Passbook and Touch ID for Apple Pay
Privacy-related concerns
Configuration profiles
Summary
4
Organizational Controls
Organizational Controls
Apple Configurator
Activation Lock and Find My iPhone
ActiveSync
Summary
5
Mobile Device Management
Mobile Device Management
Introducing MDM
Configurator versus MDM
The Profile Manager
Introducing Bushel
Summary
6
Debugging and Conclusion
Debugging and Conclusion
Xcode
Dive deeper with libimobiledevice
App communications
Apple IDs and Apps
Forensics
Application security
Viewing an App
Summary
Index
Index

Pairing

When you connect a device to a computer that runs iTunes for the first time, you are prompted to enter a password. Doing so allows you to synchronize the device to a computer. Applications that can communicate over this channel include iTunes, iPhoto, Xcode, and others.

To pair a device to a Mac, simply plug the device in (if you have a passcode, you'll need to enter that in order to pair the device.) When the device is plugged in, you'll be prompted on both the device and the computer to establish a trust. Simply tap on Trust on the iOS device, as shown in the following screenshot:

Trusting a computer

For the computer to communicate with the iOS device, you'll also need to accept the pairing on your computer (although, when you use libimobiledevice, which is the command to pair, does not require doing so, because you use the command line to accept. This command is covered in Chapter 6, Debugging and Conclusion). When prompted, click on Continue to establish the pairing, as seen in the following screenshot (the screenshot is the same in Windows):

Trusting a device

When a device is paired, a file is created in /var/db/lockdown, which is the UDID of the device with a property list (plist) extension. A property list is an Apple XML file that stores a variety of attributes. In Windows, iOS data is stored in the MobileSync folder, which you can access by navigating to \Users\(username)\AppData\Roaming\Apple Computer\MobileSync. The information in this file sets up a trust between the computers and includes the following attributes:

  • DeviceCertificate: This certificate is unique to each device.

  • EscrowBag: The keybag of EscrowBag contains class keys used to decrypt the device.

  • HostCertificate: This certificate is for the host who's paired with iOS devices (usually, the same for all files that you've paired devices with, on your computer).

  • HostID: This is a generated ID for the host.

  • HostPrivateKey: This is the private key for your Mac (should be the same in all files on a given computer).

  • RootCertificate: This is the certificate used to generate keys (should be the same in all files on a given computer).

  • RootPrivateKey: This is the private key of the computer that runs iTunes for that device.

  • SystemBUID: This refers to the ID of the computer that runs iTunes.

  • WiFiMACAddress: This is the Mac address of the Wi-Fi interface of the device that is paired to the computer. If you do not have an active Wi-Fi interface, MAC is still used while pairing.

Why does this matter? It's important to know how a device interfaces with a computer. These files can be moved between computers and contain a variety of information about a device, including private keys.

Having keys isn't all that is required for a computer to communicate with a device. When the devices are interfacing with a computer over USB, if you have a passcode enabled on the device, you will be required to enter that passcode in order to unlock the device.

Once a computer is able to communicate with a device, you need to be careful as the backups of a device, apps that get synchronized to a device, and other data that gets exchanged with a device can be exposed while at rest on devices.

Previous Section
End of Section 2
Next Section