Category: CWE

Facebook Moments 15.0 (iOS / App Store) on Feb 2, 2017 (upd. on Feb 4th, 2017)

This application is available for iOS. This app is designed to provide an easy way to get all the photos of yourself trapped on your friends’ phones. The latest build was released on Feb 1st, 2017.

This release protects all data items transferred over the Internet with SSL Pinning that means a weakness if you have a jailbroken device only

Findings Summary

Our examination revealed total 21 items, where were 9 DAR items and 12 DIT items found. Among DAR items were found 0 worst items, 7 bad items, 2 good items, and 0 best items. Among DIT items were found 0 worst items, 0 bad items, 12 good items, and 0 best items.

Below you find 2 infographics summarizing what we described above. Each image provides information about both DAR and DIT items.

This slideshow requires JavaScript.

Everything presented below is related to well-known CWEs, such as Sensitive data leakage [CWE-200], Unsafe sensitive data storage [CWE-312], Unsafe sensitive data transmission [CWE-319]. You can read more about it here.

Now let’s go deeper and examine each data item’s protection level.

Continue reading “Facebook Moments 15.0 (iOS / App Store) on Feb 2, 2017 (upd. on Feb 4th, 2017)”

CWE Details

According to the CWE (Common Weakness Enumeration) list, there are three vulnerability IDs referred to improper protection mechanisms we use in our researches:

  • Sensitive data leakage [CWE-200]
  • Unsafe sensitive data storage [CWE-312]
  • Unsafe sensitive data transmission [CWE-319]

Sensitive data leakage [CWE-200]

Sensitive data leakage can be either inadvertent or side channel. Legitimate applications usage of device information and authentication credentials can be poorly implemented thereby exposing this sensitive data to third parties: Location, Owner ID info: name, number, device ID, Authentication credentials, Authorization tokens

Unsafe sensitive data storage [CWE-312]

Mobile applications often store sensitive data such as banking and payment system PIN numbers, credit card numbers, or online service passwords. Sensitive data should always be stored encrypted so that attackers cannot simply retrieve this data off the file system. It should be noted that storing sensitive data without encryption on removable media such as a micro SD card is especially risky.

Unsafe sensitive data transmission [CWE-319]

It is important that sensitive data be encrypted in transmission lest it be eavesdropped by attackers. Mobile devices are especially susceptible because they use wireless communications exclusively and often public Wi-Fi, which is known to be insecure. SSL is one of the best ways to secure sensitive data in transit. If the app implements SSL, it could still fall victim to a downgrade attack if it allows degrading HTTPS to HTTP. Another way SSL could be compromised is if the app does not fail on invalid certificates. This would enable that a man-in-the-middle attack.