Sunday, December 23, 2012

The Banners of iOS App Smart 6 modify Unauthorized JavaScript

We have discovered a new bug in iOS 6 that affects the banners that appear on some websites to promote their respective application. Apparently these banners, websites to implement to provide a shortcut to your application, change the JavaScript settings in Safari without warning.

smart app banners 1 Los Smart App Banners de iOS 6 modifican el JavaScript sin AutorizaciĆ³n

At first glance, this may not seem a big deal. After all, most people do not usually ever disable JavaScript settings of your iOS device, since most websites require. But the fact that these intelligent Banners modify the settings without the user's knowledge is worrying.

This bug was first discovered in October by the hacker Andrew Plotkin, and was again revealed by AppleInsider. This website has spoken to Peter Eckersley, EFF digital group, which describes the problem as "a serious vulnerability of privacy and security." In the words of Plotkin:

"It's a safety issue, it's a privacy issue and is a matter of trust.

Can you trust that the user interface does what you tell me to do? It is a decision that has to be solved urgently. "

But in the words of Lysa Myers Intego security firm, does not believe that such a serious problem, "but this topic is not the ideal situation, by itself, actually, is not such a serious problem," noting that perform monitored to ensure that there is more vulnerable.

safari javascript Los Smart App Banners de iOS 6 modifican el JavaScript sin AutorizaciĆ³n

If you want to check this error first hand, just follow these steps on your iOS device:

  1. To begin, close all Safari windows and open the Settings application.
  2. In Settings, choose Safari tab, scroll down to the end, until the Security section and disable JavaScript.
  3. Now, reopen Safari and visit a site using Smart App Banner, for example store.apple.com.
  4. Finally, Safari closes again and returns to the Safari security section in the Settings application.

You'll see the option you had JavaScript disabled before active again, and will continue until manually disable again. Apparently this bug is present in all versions of iOS 6 including betas of iOS 6.1.

However, at this time there is nothing to worry about. It would be more annoying than were reversed, that is, to leave JavaScript disabled, because, as we said before, most web pages need. But the fact that these intelligent Banners replace user settings without consent is something very strange. Do not Google got in trouble for something very similar a while?

Share this article with your friends on Facebook, Google and Twitter with the buttons you'll find at the beginning of it. Thank you!

Track | iDownloadblog

iPadizate , best blog on the Apple iPad.



No comments:

Post a Comment