1
00:00:00,960 --> 00:00:07,580
Apple has attracted a lot of interest from testers and security researchers and also from detectors.

2
00:00:07,940 --> 00:00:13,910
Now, you guys had an interesting evolution, and this is because initially it was fairly in an insecure

3
00:00:13,910 --> 00:00:19,490
platform, but now it's one of the most secure consumer grade operating systems in the market.

4
00:00:19,760 --> 00:00:25,330
Now, if you look at the overall operating system security, it is actually somewhat similar to Android.

5
00:00:25,470 --> 00:00:33,650
OK, and this is because it actually supports runtime defenses like SLR or address space, Leawood randomization

6
00:00:33,650 --> 00:00:39,930
and things like designing sandboxing and many other security features that we also talked about whenever

7
00:00:39,930 --> 00:00:41,300
we were talking about Android.

8
00:00:41,390 --> 00:00:47,840
OK, now, also, the same threat will apply here, not only in the mobile platform, but also in the

9
00:00:47,850 --> 00:00:49,520
app Beacon Infrastructure.

10
00:00:49,730 --> 00:00:55,910
OK, so things like the authentication and authorization vulnerabilities that we talked about before,

11
00:00:56,180 --> 00:01:02,420
also session management, input, validation, error handling and with crypto, all those actually apply

12
00:01:02,420 --> 00:01:03,260
here as well.

13
00:01:03,580 --> 00:01:10,430
OK, now when we talked about Android, we introduced the concept of routing a device for us.

14
00:01:10,460 --> 00:01:15,770
The term that is actually often used is called jailbreaking or jailbreaking.

15
00:01:15,770 --> 00:01:17,720
The phone or the mobile device.

16
00:01:17,990 --> 00:01:24,290
Jailbreaking can be described as a process of taking full control of an I use based device by performing

17
00:01:24,470 --> 00:01:28,670
the village escalation so that you can install anything in your phone.

18
00:01:29,120 --> 00:01:35,280
Well, if you do that, then you also open your phone for potential malicious applications to be installed.

19
00:01:35,900 --> 00:01:39,680
So in some cases can be considered as a double edged sword.

20
00:01:40,050 --> 00:01:44,810
OK, now some interesting perspective or a security research perspective.

21
00:01:45,080 --> 00:01:50,180
That is actually one of the first things that researchers actually tried to do from the beginning by

22
00:01:50,180 --> 00:01:51,890
a jailbreak, their mobile device.

23
00:01:52,000 --> 00:01:58,160
OK, and this generally can be done by using one of the seven tools that are available for free online.

24
00:01:58,370 --> 00:02:01,850
And in some cases by simply visiting a particular website.

25
00:02:02,090 --> 00:02:05,240
We will examine on how this is done in the next lecture.