XARA
 | This article, XARA, has recently been created via the Articles for creation process. Please check to see if the reviewer has accidentally left this template after accepting the draft and take appropriate action as necessary.
Reviewer tools: Inform author |
| This article, XARA, has recently been created via the Articles for creation process. Please check to see if the reviewer has accidentally left this template after accepting the draft and take appropriate action as necessary.
Reviewer tools: Inform author |
Comment: This is a good article but I'd like to see more sources establishing independent notability and if it's not notable, it can simply be mentioned at a related article. SwisterTwister talk 19:26, 19 June 2015 (UTC)
XARA is an acronym for "Unauthorized Cross-App Resource Access", which describes a category of zero-day vulnerabilities in computer software systems.
Initial Disclosure
An academic research paper entitled "Unauthorized Cross-App Resource Access on MAC OS X and iOS".[1] was published on 26 May 2015 by a team of researchers from Indiana University, Tsinghua University, Peking University, Chinese Academy of Sciences, and Georgia Institute of Technology. The paper was widely released to the public on 16 June 2015 [2] and commented on by both mainstream and technical media outlets.[3][4][5][6][7]
The paper identifies a number of separate categories of zero_day threats to applications and stored passwords which can potentially be exploited by malware on iOS devices and MacOS X. The paper also discloses the existence of similar vulnerabilities on Android devices.
In the paper, the authors claim that the three categories of exploits they identify are previously unpublished and unknown in the security community - See attack vectors below.
Response by Vendors
- On 19 June 2015, Apple Computer responded to the press[8] that they had implemented countermeasures to exclude malware containing the XARA exploit from their App Store.
Attack Vectors
In XARA each attack vector violates the principles of a computer security sandbox.
- Untrusted partners using shared resources such file system, keychain.
- Inter-process communication without verification of partner.
- Weak security policies of system installer allow other applications to be designated as shared resource bundles.
Known systems with problems
- iOS from Apple Computer
- MacOS X from Apple Computer
- Android from Google
See Also
- Targeted attacks
- Access Control
- Software-defined protection
- Sandbox (computer security)
- Vector_(malware)
References
- ^ "Unauthorized Cross-App Resource Access on MAC OS X and iOS" (PDF). ArXiv - The Cornell University Library. 26 May 2015. Retrieved 18 June 2015.
{{cite web}}: Cite has empty unknown parameter:|1=(help) - ^ "Unauthorized Cross-App Resource Access on MAC OS X and iOS". 16 June 2015. Retrieved 18 June 2015.
- ^ "Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X". TheRegister. TheRegister. Retrieved 20 June 2015.
- ^ "OS X and iOS Unauthorized Cross Application Resource Access (XARA)". InfoSec Handlers Diary Blog. Sans Technology Institute.
- ^ "iOS and OS X Security Flaws Enable Malicious Apps to Steal Passwords and Other Data". MacRumors. MacRumors. Retrieved 20 June 2015.
- ^ "Zero-Day Exploits for Stealing OS X and iOS Passwords". The Hacker News. The Hacker News. Retrieved 20 June 2015.
- ^ "Zero-day exploit lets App Store malware steal OS X and iOS passwords". MacWorld. MacWorld. Retrieved 20 June 2015.
- ^ "Apple comments on XARA exploits, and what you need to know". iMore. imore.com.
Category:Computer network security Category:Types of malware
| This article, XARA, has recently been created via the Articles for creation process. Please check to see if the reviewer has accidentally left this template after accepting the draft and take appropriate action as necessary.
Reviewer tools: Inform author |