Details emerge on recently-fixed HomeKit vulnerability

Posted by Michael
Posted in Okategoriserade

A developer details what went down with a recently-corrected HomeKit vulnerability.

A little more light has been shed on exactly what was happening with a recently-uncovered HomeKit vulnerability discovered in iOS and watchOS. The issue, which has been fixed, allowed potentially anyone to control HomeKit accessories without your authorization. Developer Khaos Tian has been able to perform a deep dive on exactly what happened and how the vulnerability worked.

Tian outlined the issues in a post on Medium:

In order for HomeKit to do something, the message needs to contain a unique identifier that identifies the object (accessory, scene, or room) in the home. Normally it should be impossible for anyone to figure out the unique identifier for those objects unless you are actually authorized to access that home in HomeKit. However, there are two separate bugs, one in watchOS 4 - 4.1, and another in iOS 11.2 and watchOS 4.2, allow someone to figure out those unique identifiers without authorizing the person to access the home in first place. With those unique identifiers, remote attacker can ask HomeKit to do almost anything.

Tian offers both (mostly) non-technical and deeply technical explanations of the issues at hand, while also detailing the process of talking about this issue with Apple security.

This vulnerability in HomeKit has been fixed, first in a server-side patch that temporarily disabled HomeKit sharing permissions, then with the release of iOS 11.2.1.

HomeKit

Comments are closed.

Senaste inläggen

Senaste kommentarer

Arkiv

Kategorier

–> Publicera på PFA löp
(PRODUCT) RED
2015
25PP
2nd gen
32gb
3D Touch
3D-kamera
4k
64gb
9to5mac
A10
A9X
Aaron Sorkin
Accessories
Accessories, Apple Watch, iPhone
adapter
AirPlay
AirPods
Aktiv
Aktivitetsarmband
Aktuellt
Alfred
Allmänt
AMOLED
Android Wear
Angela Ahrendts
Ångerätt
Animal Crossing
Animal Crossing New Horizons
announcements
Ansiktsigenkänning
app
App Store
Appar
Apple
Apple Beta Software Program
Apple Book
Apple CarPlay
Apple Event
Apple iMac
Apple Inc
Apple Inc, Consumer Electronics, iCloud, iOS, iPhone, Mac, Mobile, Personal Software, Security Software and Services
Apple Inc, iCloud
Apple Inc, iOS
Apple Inc, Mobile Apps
Apple Inc, Monitors
Apple Mac Mini
Apple Macbook
Apple MacBook Air
Apple MacBook Pro
Apple Macos
Apple Maps
Apple Music
Apple Music Festival
Apple Music Radio
Apple Offer
Apple Online Store
Apple Park
Apple Pay
Apple Pencil
Apple Podcast
Apple Store
Apple Store 3.3
Apple TV
apple tv 4
Apple TV 4K
Apple Watch
Apple Watch 2
Apple Watch 8
Apple Watch 9
Apple Watch Apps
Apple Watch SE
Apple Watch Series 2
Apple Watch Sport
Apple Watch Ultra
Apple Watch, Headphones
Apple Watch, iPhone
AppleCare
AppleTV
Application
Applications
Apps
AppStore
Apptillägg
Apptips
AppTV
April
Arbetsminne
armband
Art Apps
Återköp
återvinning
Åtgärdsalternativ
atvflash
Audio Apps
Augmented REality
Back-to-school
Bakgrundsbilder
BankId
Barn
Batteri
batteriskal
batteritid
Beats
Beats 1
Beats Solo 2 Wireless
Beats Solo2
Bebis
Beginner Tips
Belkin
Bendgate
beta
Beta 3
betaversion
betaversioner
bilddagboken.se
bilder
bilhållare
billboard
Bioteknik
Blendtec
Bloomberg
Bloons TD 5
Bluelounge
Bluetooth
Böj
Booking.com
Borderlinx
bose
bugg
Buggar
Buggfixar
Butik
C More
Calc 2M
Camera
Camera Apps
Campus 2
Canal Digital
Carpool Karaoke
Caseual
Catalyst
CES 2015
Chassit
Chip
Chrome Remote Desktop
Chromecast
citrix
clic 360
CNBC
Computer Accessories
Computer Accessories, Laptop Accessories
Connect
Cydia
Dagens app
Dagens tips
Damm
Danny Boyle
Data
datamängd
Datorer
Datortillbehör
Datum
Defense
Dekaler
Designed by Apple in California
Developer
Development
Digital Inn
Digital Touch
Digitalbox
DigiTimes
Direkt
Discover
display
DisplayMate
Dive
Docka
Dräger 3000
Dropbox
Droples
DxOMark
E-post
earpod
EarPods
Earth Day
Eddie Cue
eddy cue
Educational Apps
Ekonomi
Ekonomi/Bransch
El Capitan
Elements
ElevationLab
Elgato Eve
Elgato Eve Energy
EM 2016
Emoji
emojis
emoticons
Enligt
Entertainment Apps
EU
event
Eventrykten
EverythingApplePro
facebook
Faceshift
facetime
Fäste
Featured
Features
Feng
Film / Tv-serier
Filmer
Filstorlek
Finance Apps
Finder For AirPods
Finland
FireCore
Fitbit
Fitness Accessories
Fjärrstyr
Flurry
Födelsedag
fodral
Förboka
Force Touch
förhandsboka
Första intryck
Forumtipset
foto
FoU (Forskning och Utveckling)
Fource Touch
Foxconn
FPS Games
Framtid
Fre Power
Frontpage
Fullt
Funktioner
Fuse Chicken
Fyra
Gadgets
Gagatsvart
Gamereactor
Games
Gaming
Gaming Chairs
Gästkrönika
General
Gigaset
Gitarr
Glas
GM
google
Google Maps
Google Now
gratis
grattis
Guide
Guider
Guider & listor
Guld
hack
Halebop
hållare
Hälsa
Hårdvara
HBO
HBO Nordic
Health
Health and Fitness
Health and Fitness Apps
Hej Siri
Helvetica Neue
Hemelektronik
Hemknapp
Hemlarm
Hermes
Hitta min iphone
Hjärta
högtalare
HomeKit
HomePod
Homepod Mini
hörlurar
htc
Hue
Humor
i
I Am A Witness
IBM
iBolt
iBomber
iBook
icar
iCloud
iCloud Drive
iCloud Voicemail
iCloud.com
iDevices
IDG Play
idownloadblog
iFixit
ikea
iKörkort
iLife
Illusion Labs
iMac
IMAP
iMessage
iMessages
iMore Show
Incipio
InFuse
Inspelning
instagram
Instagram-flöde
Instrument
Intel
Internet/Webbtjänster
iOS
iOS 10
iOS 12
iOS 17
iOS 18
iOS 5
iOS 7
iOS 8
iOS 8 beta
iOS 8.1.3
iOS 8.2
iOS 8.3
iOS 8.4
iOS 8.4.1
iOS 9
iOS 9 beta 4
iOS 9.1
iOS 9.1 beta 2
iOS 9.2
iOS 9.2.1
iOS 9.3
IOS Games
ios uppdatering
iOS, iPad, MacOS
iOS, iPhone
ios9
iPad
iPad Accessories
iPad Air
iPad Air 2
iPad Air 3
iPad Air 5
iPad Apps
iPad Mini
iPad mini 4
iPad Mini 6
iPad mini retina
iPad Pro
iPad, iPhone, Mac
iPad, iPhone, Mobile Apps
iPad, iPhone, Streaming Media
iPados
iphone
iPhone 12
iPhone 14
iPhone 14 Pro
iPhone 15
iPhone 16
iPhone 17
iPhone 5
iPhone 5S
iPhone 5se
iPhone 6
iphone 6 plus
iPhone 6c
iPhone 6s
iPhone 6S plus
iPhone 7
iPhone 7 display
iPhone 7 Plus
iPhone 7s
iPhone Accessories
iPhone Apps
iPhone Cases
iPhone SE
iphone x
iPhone XS
iPhone XS Max
iPhone, Mobile Apps
iPhone7
iPhoneGuiden
iPhoneguiden.se
iPhones
iPod
iPod Nano
iPod shuffle
ipod touch
iSight
iTunes
iWatch
iWork
iWork för iCloud beta
Jailbreak
James Corden
Jämförande test
Jämförelse
Jet Black
Jet White
Jönssonligan
Jony Ive
Juice Pack
Juridik
Just mobile
kalender
kalkylator
Kamera
Kameratest
Karriär/Utbildning
Kartor
Kevin Hart
keynote
Keynote 2016
KGI
KGI Security
Kina
Klassiskt läderspänne
Kod
Kollage
koncept
konceptbilder
köpguide
krasch
Krascha iPhone
Krönika
Kvartalsrapport
Laddhållare
laddningsdocka
Laddunderlägg
läderloop
lagar
Lagring
Lajka
Länder
lansering
laserfokus
Layout
leather loop
LG
Liam
Lifeproof
Lightnigport
lightning
Linux
LinX
live
Live GIF
Live Photos
Live-event
Livsstil
Ljud & Bild
Logitech
LOL
Lösenkod
Lösenkodlås
Lovande spel
LTE
Luxe Edition
M3
M3TV
Mac
Mac App Store
Mac Apps
Mac Mini
Mac OS
Mac OS X
Mac OS X (generellt)
Mac OS X Snow Leopard
Mac Pro
Mac, MacOS
Mac, Online Services
Mac, Security Software and Services
Macbook
Macbook Air
Macbook Pro
MacBook, MacOS
Macforum
Macintosh
macOS
MacOS, Security Software and Services
Macs
MacWorld
Made for Apple Watch
magi
Magic
MagSafe
mail
Martin Hajek
matematik
Meddelanden
Media Markt
Medieproduktion
Mediocre
Messaging Apps
Messenger
MetaWatch
Mfi
Michael Fassbender
microsoft
Mikrofon
Minecraft
Ming-Chi Kuo
miniräknare
minne
Mixer
Mixning
Mjukvara
mobbning
Mobile Apps
Mobile Content
Mobilt
Mobilt/Handdator/Laptop
Mobiltelefon
Mockup
Mophie
mors dag
moto 360
Motor
MTV VMA
multitasking
Music
Music Apps
Music, Movies and TV
Musik
Musikmemon
MW Expo 2008
native union
Nätverk
Navigation Apps
nedgradera
Netatmo Welcome
Netflix
Netgear Arlo
News
Niantic
Nike
Nikkei
Nintendo
Nintendo Switch
Nöje
Norge
Notis
Notiscenter
nya färger
Nyfödd
Nyheter
Officeprogram
Okategoriserade
OLED
omdöme
Omsättning
OS X
OS X El Capitan
OS X Mavericks
OS X Yosemite
Outlook
Övrig mjukvara
Övrigt
PanGu
papper
patent
PC
PDF
pebble
Pebble Smartwatch
Pebble Steel
Pebble Time
Pebble Time Steel
Persondatorer
Petter Hegevall
PewDiePie
Philips
Philips Hue
Phones
Photoshop
Planet of the apps
Plex
Pluggar
Plus
Plusbox
Podcast
Podcast Apps
Pokemon
Pokemon Go
Policy
Porträttläge
PP
Pris
priser
problem
Problems
Productivity Apps
Program
Prylar & tillbehör
Publik
publik beta
QuickTime
räkenskapsår
räkna
ram
RAM-minne
Rapport/Undersökning/Trend
Rea
Reading Apps
recension
Red
reklaamfilm
reklam
reklamfilm
reklamfilmer
rekord
Rendering
reparation
Reportage
Reptest
ResearchKit
Retro
Review
Ring
Ringa
Rocket Cars
Rosa
Rumors
Rumours
RunKeeper
rykte
Rykten
Safir
Säkerhet
Säkerhetsbrist
Samhälle/Politik
samsung
Samtal
San Francisco
SAP
security
Series 2
Servrar
Shigeru Miyamoto
Sia
Simulation Games
Siri
SJ Min resa
skal
Skal iPhone 6
skal iPhone 6s
skärm
SKärmdump
Skärmglas
Skribent
skribenter medarbetare
Skriva ut
skruvmejsel
skydd
Skyddsfilm
Skype
slice intelligence
Smart
smart hem
Smart Home
Smart Keyboard
Smart klocka
Smart Lights
smartphone
Smartwatch
SMS
Snabbt
Snapchat
Social Apps
Software
Solo2
sommar
Sonos
Sony
soundtouch
Space Marshals
spår
Speakers
Special Event
Spel
Spelkonsol
Spellistor
Split Screen
Split View
Sport
Sportband
Sports Apps
spotify
Spring forward
Statistik
Steve Jobs
Stickers
Stockholm
Stor iPhone
Storlek
Story Mode
Strategy Games
streama
Streaming
Streaming Devices
Streaming Media
stresstest
Ström
Studentrabatt
stylus
Super Mario Run
support
Surf
Surfplatta
svenska
sverige
Sverigelansering
Switch
Systemstatus
Systemutveckling
tåg
Taig
Tangentbord
Taptic Engine
Tårta
tät
Tävling
Taylor Swift
Teknik
tele 2
Telefoner
Telekom
Telia
Test
Tid
TikTok
Tile
tillbehör
Tim Cook
TIME
TimeStand
Tiny Umbrella
Tips
Toppnyhet IDG.se
Touch ID
TouchID
tower defence
trådlös laddning
Trådlösa hörlurar
trådlöst
trailer
Travel Apps
Tre
TrendForce
TripAdvisor
Trolleri
trump
TSMC
Tum
tv
TV Apps
tvätta
tvOS
tvOS 9.2
tvOS beta 2
Tweak
twitter
Typsnitt
Ubytesprogram
UE MegaBoom
Unboxing
Underhållning/Spel
unidays
United Daily News
Unix
Updates
Uppdatera
uppdatering
Upplösning
upptäckt
USA
Ut på Twitter
utbyte
utbytesprogram
Utilities Apps
Utlottning
utrymme
utvecklare
varumärke
Vatten
Vattentålig
vattentät
vävt nylon
Verktyg
Viaplay
Vibrator
video
Videoartiklar och webb-tv (M3/TW/CS)
Villkor
viloknapp
Virtual Reality
Virus
visa
Vision Pro
VLC
Volvo on call
VPN
W1
Waitrose
Watch OS
WatchOS
WatchOS 2
watchOS 2.0.1
watchOS 2.2
Webbtv (AppTV)
Weibo
Whatsapp
wi-fi
Wifi-samtal
Windows
Windows 8
WWDC
WWDC2015
yalu
Youtube
Zlatan

Details emerge on recently-fixed HomeKit vulnerability

HomeKit

Senaste inläggen

Senaste kommentarer

Arkiv

Kategorier

Meta

Stay In Touch

Contact Details

How To Setup

Address