Home > Science and technology > Applications and software
Reading time estimate: 3 min

Security bug in Apple HomeKit app can be a nuisance for iOS users

BingMag.com <b>Security</b> <b>bug</b> in <b>Apple</b> <b>HomeKit</b> <b>app</b> <b>can</b> be a <b>nuisance</b> for <b>iOS</b> users

"You should always be careful to invite strangers into your home." This is the result of a new Security investigation that reveals a Security hole that could shut down, crash, or restart your iOS phones if connected to the malicious Apple Home app. The vulnerability, discovered by Security researcher Terror Spiniola, could be exploited via Apple's HomeKit API, a software interface that allows an iOS app to control compatible smart home devices.

If a cyber attacker builds a device with the HomeKit app with a very long name - about 500,000 characters - and the iOS user connects to it, that user's phone will no longer respond after connecting to this malicious device and will enter a stop and reboot cycle Resetting and restoring an iOS phone can only be done by fixing the problem.

In addition, since the names of devices running the HomeKit app in iCloud are backed up, logging into the same iCloud account with one device Recovering again causes a crash, and this cycle continues until the device user disables the home device sync option from iCloud.

BingMag.com <b>Security</b> <b>bug</b> in <b>Apple</b> <b>HomeKit</b> <b>app</b> <b>can</b> be a <b>nuisance</b> for <b>iOS</b> users

Although a cyber attacker could compromise a HomeKit app's user device, it is the most likely way to cause abuse Ten is for the attacker to create a fake Home Network and trick the user into joining the malicious network via phishing email. To protect against this type of cyber attack, the main precaution for iOS users is to immediately reject any invitation to join an unfamiliar home network.

In addition, iOS users who are currently out of Using smart home devices, they can protect themselves against these types of threats by entering the control center and disabling the "Show home controls" settings. (This does not preclude the use of home appliances, but restricts access to information through the Control Center.)

Spiniolas posted details of the vulnerability on his personal website on January 1, 2022. . He has already been trusted by Apple for discovering a vulnerability in macOS Mojave, which was modified in 2019. The new vulnerability will affect the latest version of iOS 15.2, bringing it back to at least version 14.7, Spiniolas said. The Security researcher also accused Apple of acting too slowly in response to an initial leak released months before the release.

The researcher shared emails with The Verge's website. Apparently, one of the representatives of Apple confirmed this problem and asked Spiniolas to refrain from publishing the details of this problem in early 2022. A blog post detailing the vulnerability claims that Apple was notified of the issue on August 10, 2021 and has not yet taken specific action to fix the vulnerability.

BingMag.com <b>Security</b> <b>bug</b> in <b>Apple</b> <b>HomeKit</b> <b>app</b> <b>can</b> be a <b>nuisance</b> for <b>iOS</b> users

Spiniolas wrote: "Apple's lack of transparency is frustrating not only for Security researchers who often work for free, but also for the millions of users who "Apple products are used in their daily lives, creating a lot of risks by reducing Apple's responsibility for Security issues." It should be noted that Apple did not respond to a request for comment at this time. It remains to be seen in the coming days what steps the American tech giant, which has always attached great importance to security, will take in relation to this Security hole.


Source: TheVerge

Tags: security, bug, apple, homekit, app, can, nuisance, ios, users

READ NEXT IN: science and technology / applications and software

BingMag.com Introducing the Unfold application; Make a painless story! applications and software

In this article, we will introduce the Unfold application, which is one of the best and most popular storytelling programs in the world.

BingMag.com WhatsApp plans to bring two-step authentication to desktop and web versions applications and software

In recent days, new news has been published about the useful features and updates of WhatsApp messengers, according to one of which, WhatsApp is working on a new feature that Allows users to transfer

BingMag.com How to forward calls on Android and iPhone? applications and software

Do you know how to transfer calls on Android and iPhone (or so-called forwarding or diverting)?

BingMag.com Introducing the Music Maker JAM application; Make songs for free applications and software

In this article, we are going to introduce Music Maker JAM application, which is one of the most popular and best music making applications.