Apple patches the ability for one app to see other installed apps, disables Niantic’s blacklist security feature on iOS

Trainers,

as previously reported, Niantic has introduced a new security measure popularly dubbed “App blacklist”, which scans the players device for third party cheating apps. If any are detected, the game refuses to start and a “black screen of death” is shown.

As of today, it seems that Niantic’s blacklisting security measure doesn’t have a bright future, especially on iOS devices, where a crucial iOS bug (CVE-2017-13852) was fixed, disabling access to the list of installed apps on an iOS device. This bug was affecting all iOS devices prior to iOS 11.1.

According to a tweet from Pepijn Bruienne, a Mac enterprise administrator and a Mac administrator at the University of Michigan in Ann Arbor, the bug that enabled apps to sniff around the installed apps list is no longer active:

https://platform.twitter.com/widgets.js

The full CVE-2017-13852 description:

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the “Kernel” component. It allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate.

Although initially very effective, the blacklisting feature has since been disabled. The full history of the blacklist warning screen is as follows:

  • On October 15 2017, Pokémon GO version 0.79.2 goes live and data mining reports indicate that a new security feature has been added, called “Blacklisted App”
  • On October 18 2017GO Hub discovers that the client app (version 0.79.2) is downloading a new bundle of text, including the strings required to display this warning screen.
  • On October 19 2017, Niantic officially announces the Halloween 2017 event, silently activating the blacklisted app security feature.

The state of the blacklisting security measure

Niantic has to be given credit where credit is due: the blacklisting feature, once activated, will stop hundreds and thousands of casual Android spoofers.

However, while this security measure is surely commendable, it’s important to be aware that a number of workarounds have already been found in the cheating community. From re-packaged client apps to cheating apps renames, we’ve observed a number of methods that defeat this security measure.

Apple’s removal of the above mentioned security hole is just another “nail in the coffin”, indicating that the blacklist, albeit partially successful, will not completely curb cheating and spoofing in Pokémon GO.

In the end, a few important questions remain unanswered:

  • Will Niantic punish detected spoofers?
  • Will spoofers remain active players if forced to play without location mocking?
  • Will the blacklist be re-activated in the near future?

We don’t have an answer to any of these questions, but we do hope we will have it in the nearby future. Stay tuned for updates.

The post Apple patches the ability for one app to see other installed apps, disables Niantic’s blacklist security feature on iOS appeared first on Pokemon GO Hub.

Source: pokemongohub



Summary
Review Date
Reviewed Item
Apple patches the ability for one app to see other installed apps, disables Niantic’s blacklist security feature on iOS
Author Rating
5

Leave a Reply

Your email address will not be published. Required fields are marked *