Wednesday, June 15, 2011

Apple removed the application that stored passwords iPhone

Apple removed the application that stored passwords iPhone. Apple has withdrawn Big Brother Security Camera App Store . This application allowed to lock the phone to turn off the screen and asked for a password for access to the desktop. However, his operator stored the passwords of users (anonymously) to do a safety study.

Daniel Amitay, the developer behind this application, had posted a blog entry in which he explained what the most common passwords on the iPhone with data that was extracted from its application. These data, he asserted, had been stored anonymously. The news reached all the covers and left the proposed security and control of the online store of Apple in jeopardy.

Within 24 hours, the application has disappeared from the App Store. In Cupertino have rushed to withdraw this 'app' that demonstrates the vulnerability of its system of review of content , especially when it comes to an update of a program already approved.

"Of course, I'm not happy," Amitay said in his blog, "but given the concerns that some people have expressed regarding the transmission of data from the 'app' to my server, is understandable."
Secondary data and anonymous

In any case, Amitay also took the opportunity to explain exactly what data and how it was obtained. The obtained passwords, for example, were those of the application, not the blockade of the iPhone , which has a similar function. On the other hand, the only data that was sent was the password itself. That is, the only thing that was sent were the four digits, so Amitay could not identify the user or device from which they came .

In addition, the developer is defended on the grounds that data collection is covered by the license agreement users , specifying that the provider "may collect and use technical and related information." This information includes "technical information about the device, system and application software (...) The application provider may use this information, provided it is in a way that does not identify the user, to improve their products or to provide services and technologies. "

For now, Amitay has assured it is working to make the application again. It also explains that he has no problem in removing the code that collects passwords if that's what caused the problem, but ensures that it intended to use the information to warn users not choose obvious passwords.
The most commonly used passwords

Despite the review process by which applications are submitted, Amitay could enter this code in Big Brother Camera Security. In fact, if I had not posted an entry on his blog in which analyzed the most commonly used passwords, it is likely that Apple never would have learned.

But what are these passwords? According to his analysis, of the 204,508 registered, the most common is '1234 ', used by 8,884 people , followed by '0000 '(5246), '2580' (a combination that is a straight line and use 4,753 users), '1111 ' (3262), '5555 '(1774) and '5683' (combination that would write 'love' in a traditional phone keypad and the device is protected 1,425 people).

Another curious book discovered Amitay is that all numbers between 1980 and 2000 are among the 100 most used , so it is believed that many people use as a password the year of his birth or graduation.

With these data concluded that 15% of the passwords that are a series of ten of the 10,000 possible codes . That is, using these passwords could access one of every seven iPhones without given start to erase data (which, by default, occurs after entering incorrect ten passwords).

No comments:

Post a Comment