iOS后门笔记

lockdownd的tcp端口62078,文档 libimobiledevice.org,厂家有Cellebrite,AccessData (Mobile Phone Examiner),Elcomsoft

com.apple.pcapd 抓包服务

com.apple.mobile.file_relay 文件传输服务。就不说文件了,SQLite库,Voicemail(AMR格式)等啥都包括了。甚至最后一次键盘拼写自动修正是什么单词!一开始是iTunes用来传输用的。

其他自动启动服务:

com.apple.iosdiagnostics.relay 统计app数据上网流量

com.apple.mobile.installation_proxy 企业证书安装app的

com.apple.syslog_relay 用来NSLog()的

iOS 7做了一个重要的安全改进:不能连接到localhost或者本地IP了。比如localhost:62078

如何在Info.plist指定后台运行的app

<key>SBAppTags</key> 
<array> 
<string>hidden</string> 
</array> 
<key>UIBackgroundModes</key> 
<array> 
<string>voip</string> 
</array> 

来源,作者 @JZdziarski

if you don’t read

"Well sonny boy, if you don’t read, you start eating marijuana. When you eat marijuana, you get hepatitis X. Hepatitis X is like Hepatitis B except 10X stronger. When you get Hepatitis X, your private parts fall off and you start developing a taste for the band Limb Bizkit. Your hairs starts growing frosted tips, your hat turns itself backwards and your shirt will say "obey." If you don’t read, you turn into a douchey dude bro. And nobody likes a douchy dude bro.

有理有据令人信服。。。

via

A rule of thumb is that you have security by obscurity

摘录一些

Jack Voth, Algenol’s information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China

Hacking attacks come from many countries, he says, but most are efforts to steal credit-card information. Chinese hackers, by contrast, tend to target trade secrets and unique technology.

Algenol executives did not know that Aliyun was the cloud computing part of Alibaba, and they never tried to make contact.

Alibaba said that two former Algenol employees had signed up for an Alibaba marketing e-mail. Once they left Algenol and the marketing e-mails bounced back, Alibaba said that its own security system checked on the accounts and that Algenol mistook those inquiries as attacks.

Voth, however, is not convinced. He disputed Alibaba’s explanation about the marketing e-mails to employees who left Algenol four years ago, and said that to mistake an Alibaba security response for an attack would mean that there was a flaw with the widely used firewall language called Snort, which is updated constantly.

He said that since Jan. 1, each of 539 IP addresses has attacked Algenol computers 5,000 times or more.

The largest numbers of hacking probes came from the United States, China, Taiwan and Russia, he added. The single IP address that has attacked Algenol the most is a German address; the top Chinese IP address attacking Algenol ranked 10th.

Voth said the fight to protect Algenol’s computer system would be a long one. “A rule of thumb is that you have security by obscurity,” Voth said. “We’d rather have a low profile. But clearly the bad guys have our addresses.”

尼玛这报道真心无敌了。几个想法:

  1. 地球上媒体都一个德行,真jb恶心。

  2. 商标和责任的对外宣传,国内还有非常,特别,很长的路要走。Aliyun对外云服务老外压根就不明白,也懒得联系。

  3. 外行做安全的特点就是:特别傻逼而且特别自信。

via

Haskell, Ruby, Python, Nodejs如何把一个句子的词语倒序

Haskell:

unwords . reverse . words $ sentence

Ruby:

sentence.split.reverse.join ' '

Python:

" ".join(reversed(sentence.split()))

Node.js:

var EventEmitter = require('events').EventEmitter;

var emitter = new EventEmitter();

emitter.on('got sentence', function(sentence) {
    emitter.emit('split sentense', sentence.split(' '));
});
emitter.on('split sentense', function(splitted) {
    emitter.emit('reversed', splitted.reverse());
});
emitter.on('reversed', function(reversed) {
    emitter.emit('joined', reversed.join(' '));
});
emitter.on('joined', function(sentence) {
    console.log(sentence);
    emitter.emit('got sentence', sentence);
});

emitter.emit('got sentence', 'hello world');

Nodejs胜出。谁不服就是不客观。

via

系统IO一些数据

Macmini 下

$ pv /dev/zero > /dev/null [11.6GiB/s]

这个应该是DDR3内存带宽了。

$ pv /dev/zero > 1.dat [ 102MiB/s]

Macmini的硬盘速度还是不错。没有SSD快。

$ yes | pv > /dev/null [20.3MiB/s]

yes这么慢没想到啊。

$ pv /dev/urandom > /dev/null [11.9MiB/s]

过一下CPU速度就减半了。

HUAWEI ec315 

上市时间:2012年 5月 15日 目标人群:多Wi-Fi设备连接上网需求用户 标准配置:无配件 外观设计:直插 产品尺寸:90.6×28.6×12.6 mm 重量: < 50 g
屏幕显示:无屏幕 电池容量: 无电池 网络支持: CDMA2000 1x/EVDO Rev.A,800MHz
基带芯片: Qualcomm MDM6600 应用处理器:无 操作系统: Qualcomm REX 内存: RAM: 64 MByte, Flash内存: 128 MByte 扩展内存:外置存储卡 MicroSD(最大可支持32G) 摄像头: 无摄像头 FM:不支持 蓝牙:不支持 耳机接口:不支持 WAPI/WIFI:802.11b/g/n C+W统一认证功能: 不支持 USB: 2.0 Full Speed JAVA: 不支持 GPS导航: 不支持 基本功能:USB即插即用,快速移动上网;PIN/PUK码管理;Wi-Fi AP 特色功能:免驱动快速上网;Wi-Fi AP 增值业务:无 软件版本: 11.102.53.00.00

Process 流程

Bob:这涉及到职业分工的问题,每个人特长不同,不是吗?

乔布斯:不,这不是擅长与否的问题,而是他们犯糊涂,公司在犯糊涂。公司规模扩大之后,就会变得因循守旧,他们觉得只要遵守流程,就能奇迹般地继续成功,于是开始推行严格的流程制度,很快员工就把遵守流程和纪律当作工作本身。

IBM就是这样走下坡路的,IBM的员工是世界上最守纪律的,他们恰恰忽略了产品。苹果也有这个问题,我们有很多擅长管理流程的人才,但是他们忽略了产品本身。

经验告诉我,优秀的人才是那些一心想着产品的人,虽然这些人很难管理,但是我宁愿和他们一起工作,光靠流程和制度做不出好产品。苹果也有这方面的问题,这些问题最终导致Lisa电脑失败。

People get confused; companies get confused. When they start getting bigger, they want to replicate their initial success. And a lot of them think, ‘Well, somehow, there’s some magic in the process of how that success was created.’ So they start to institutionalize process across the company. And before very long, people start to get confused that the process is the content. And that’s ultimately the downfall of IBM. IBM has the best process people in the world. They just forgot about the content. And that happened a little bit at Apple, too. We had a lot of people who were great at management process. They just didn’t have a clue about the content. In my career, I found that the best people are the ones that really understand the content. And they’re a pain in the butt to manage! But you put up with it because they’re so great at the content. And that’s what makes great products. It’s not process, it’s content.

貌似记录过这段话。再拿出来记一遍!