Tag: iPhone

Posted on

iPhone security patch

It seems that Apple finally released a patch for the iPhone about the security issue I wrote about back on May 1st (More Security Stuff)

From Apple’s Web Site:

WebKit

CVE-ID: CVE-2009-2797

Available for: iPhone OS 1.0 through 3.0.1, iPhone OS for iPod touch 1.1 through 3.0

Impact: User names and passwords in URLs may be disclosed to linked sites

Description: Safari includes the user name and password from the original URL in the referer header. This may lead to the disclosure of sensitive information. This update addresses the issue by not including user names and passwords in referer headers. Credit to James A. T. Rice of Jump Networks Ltd for reporting this issue.

Not sure when James reported it though. So I don’t know if I found it before him or not. Anyways, here is my suggestion, if you use an iPhone and have EVER logged in to a web site with a username and password, you need to change that password immediately and then apply the patch from Apple to your iPhone. I know there are some people who view my site that use an iPhone and are clicking on links from other websites, therefore sending your username and password to me as well.

Posted on

More security stuff

Because I am in that sort of mood tonight I started looking at other log files to see what kinda crap I could find.

So it appears that the iPhone has a bug where it seems to like to send the Userid and Password for Websites that you log in to as a referring link if you click on an outside link from inside an protected place.  Say what?  Well let me explain some more:

Say I set up a password protected web site that uses an htaccess style password protection. I then go to that web site, say http://somecoolsite.com/protected. If the userid and password is stored or used in the URL, say I had the user id of unixwiz and my password was IamCool, and I went to the web site with http://unixwiz:[email protected]/protected… Once inside the protected site, I then click on a link to some external site, for example http://mycoolsite.com, the iPhone is sending the refering URL as http://unixwiz:[email protected]/protected/ .. Which you guessed it, shows up on mycoolsite.com’s access log if they have referrer logging set up, or are doing anything that captures referr data. I would be interested in seeing if it still does it if you are prompted to enter your username and password and not save it.  How cool is that, with the amount of people using iPhone’s now, wonder how many people are looking at the logs to see this sort of data….

FWIW