In the private world, a PhD student has won a $100,000 prize for successfully decrypting an Apple camera

2022-06-14 0 By

As a global unicorn technology company with a market capitalization of more than $3 trillion, Apple has always attached great importance to the security of its devices, which is not only reflected in the timely repair of known vulnerabilities.In addition, Apple has offered rewards to professionals who find bugs in its software or hardware, or who break Apple’s security, and submit their progress to Apple, encouraging them to submit bugs that Apple has not yet discovered.Ryan Pickren, a security doctoral student at Georgia Institute of Technology, has successfully cracked Apple’s Mac camera, winning a $100,500 prize.Interestingly, this isn’t the first time That Ryan Pickren has won this kind of award from Apple. In 2019, he successfully exploited a bug that enabled calling the camera and microphone on a user’s iPhone without requiring the user to activate privacy rights.The hack was also verified by Apple, which paid him a $75,000 prize.Ryan Pickren shares how he cracked it: “I managed to gain unauthorized camera access to Apple devices by exploiting a number of vulnerabilities in Apple’s iCloud Sharing and Safari 15 browser.The vulnerability allows an attacker to access all websites visited by the victim.This means that in addition to successfully hijacking a victim’s camera, my method can also decrypt their iCloud, PayPal, Facebook and Gmail accounts.”Ryan Pickren’s method for cracking the Mac’s camera was primarily to exploit a vulnerability in an iCloud sharing app called ShareBear.If a user accepts an invitation to share a document with someone else, his Mac device will remember that permission was granted and will not ask again whether to reopen the document later.However, because the file is not stored on the user’s local device, an attacker can make changes to it after the user accesses it.The type of the file can also be changed, such as converting it to an executable that allows malware to access the user’s computer.Ryan Pickren tried using this idea to turn files into malware, and the user’s Mac device would not ask for authorization again, because successfully attacked devices are authorized by default.This allowed the malware to run unimpeded on the target’s device, gaining access to the microphone on the target’s machine in addition to successfully breaking into the Mac’s camera.However, Ryan Pickren’s hack isn’t “perfect,” because whenever this happens, the green LED smoke on the user’s device lights up, causing some users to be alarmed.Last but not least, Ryan Pickren reported these vulnerabilities to Apple in mid-July, and they have since been fixed by Apple.The $100,500 award to Pickren is the largest ever paid by Apple to anyone who submits feedback on vulnerabilities through its security program.Note: Ryan Pickren has written a paper to analyze and explain his thinking and process of cracking (Figure 4). Friends who are interested in learning and researching can search this paper by themselves. Please do not use it for illegal purposes.