Home / Security / Security: How This Safari Bug Can Expose Files on Your Mac or iPhone

Security: How This Safari Bug Can Expose Files on Your Mac or iPhone

Security:

Security researcher Pawel Wylecial publicly disclosed yesterday a Safari vulnerability that could convince users to secretly send any file on their system to a recipient.

Though Wylecial himself says the bug “is not very serious,” in that it still requires a person to manually do something in order to mistakenly send a file from one’s system to another person—including entering a recipient—“it is quite easy to make the shared file invisible to the user. The closest comparison that comes to mind is clickjacking as we try to convince the unsuspecting user to perform some action.”

How it works is pretty simple. Safari’s Web Share API supports the file:// URI scheme. As a result, you can incorporate a link to a file on a user’s computer within the same site button a user would otherwise use to share the content they’re looking at via a third-party app.

So, for example, clicking on this button:

Security: Illustration for article titled How This Safari Bug Can Expose Files on Your Mac or iPhone

Screenshot: David Murphy

G/O Media may get a commission

and sharing that image via, say, the macOS Mail app, would create a rather innocent message—“check out this cute kitten!”—that would also include your Mac’s “passwd” file, as the button also includes the variable “file:///etc/passwd” in the site’s source code:

Security: Illustration for article titled How This Safari Bug Can Expose Files on Your Mac or iPhone

Screenshot: David Murphy

If you were paying attention you’d notice the attachment in your email message and probably question and/or quickly delete, but if you weren’t, well, you would have just sent over a file you didn’t mean to send to a recipient. And I can totally see a website abusing this feature by encouraging users to share content to some kind of catch-all inbox for this information.

Again, you’re probably not likely to be duped if you’re decently tech-savvy, but those who are not could get suckered in, especially since it’s hard to tell what file you’re actually sharing when you use other apps to create the message. As Wylecial writes, the Gmail app, for example, mucks up the file name so much that you wouldn’t even know you were sharing your password file (to continue this example).

Wylecial disclosed this vulnerability to Apple in April of 2020. Apple finally replied in July that they’re investigating the issue, and clarified in August that they’ll be patching this in a security update scheduled for Spring of 2021.

Read More

About admin

Check Also

Security: What to Do if You Can’t Opt Out of This Year’s Payroll Tax Deferral

Security: What to Do if You Can’t Opt Out of This Year’s Payroll Tax Deferral

Image: Drazen Zigic (Shutterstock)Last month, Trump announced a new payroll tax deferral that puts a temporary pause on part of the taxes employees pay. The controversial order started on September 1 and says companies may stop collecting the 6.2% tax employees pay for Social Security. While many companies have already opted out, some employees don’t…

Leave a Reply

Your email address will not be published. Required fields are marked *