{"id":344,"date":"2014-07-14T13:54:23","date_gmt":"2014-07-14T18:54:23","guid":{"rendered":"http:\/\/blogs.luc.edu\/uiso\/?p=344"},"modified":"2024-04-16T21:46:13","modified_gmt":"2024-04-16T21:46:13","slug":"potential-risk-for-gmail-users-on-ios-devices","status":"publish","type":"post","link":"https:\/\/blogs.luc.edu\/uiso\/potential-risk-for-gmail-users-on-ios-devices\/","title":{"rendered":"Potential Risk for Gmail Users On iOS Devices"},"content":{"rendered":"<p><strong><span style=\"text-decoration: underline\">What It Is<\/span><\/strong><\/p>\n<p>A vulnerability has been reported for Google&#8217;s Gmail iOS app that would allow for an attacker to intercept all\u00a0email communications through a Man-in-the-Middle (MitM) attack. The MitM attack allows a third party to intercept your data before it is received by the designated recipient. Additionally, if an\u00a0attacker can trick your device into authenticating with them\u00a0instead of the intended recipient, the attacker can then view encrypted traffic as well.<\/p>\n<p><strong><span style=\"text-decoration: underline\">How It Works<\/span><\/strong><\/p>\n<p>This vulnerability takes advantage of the lack of certificate pinning.\u00a0Certificate pinning is a technique used to authenticate the app with the back-end server&#8217;s certificate, which, in this case, is Google. By not using certificate pinning, the recipient only checks that the app is using a trusted certificate. It specifically requires a user on an iOS device to manually install a new configuration profile, which comes bundled with a certificate. This configuration profile will change your network configuration when the Gmail app is opened to redirect traffic to a third party server. Additionally, it will\u00a0authenticate your device to the third party server and allow the attackers to decrypt any encrypted messages.<\/p>\n<p><strong><span style=\"text-decoration: underline\">What It Affects<\/span><\/strong><\/p>\n<p>The vulnerability is specific to the Gmail app for iOS. If you are an avid user of the Gmail app, your emails and attachments are at risk. Apple&#8217;s mail app, Google&#8217;s Gmail web app, and\u00a0Android devices are not affected.<\/p>\n<p><span style=\"text-decoration: underline\"><strong>How To Know If You&#8217;re<\/strong><strong> Affected<\/strong><\/span><\/p>\n<p>There is no direct way to check if a configuration profile has been installed on a device.\u00a0If you use the Gmail app and are unsure if you have downloaded the profile, it would be best to stop using it until an update is available.<\/p>\n<p><b><span style=\"text-decoration: underline\">What To Do If You&#8217;ve Installed The Profile<\/span><\/b><\/p>\n<p>If you have installed the profile onto your iOS device, the only way to remove it is to\u00a0completely erase your device. You can do this by going into\u00a0Settings &gt; General &gt; Reset &gt; Erase All Content and Settings. Additionally, if you backed up your iOS device after you installed the profile, you cannot use it to restore your phone. This is because configuration profile are backed up and restored with the rest of the device.<\/p>\n<p><strong><span style=\"text-decoration: underline\">How You Can Protect Yourself<\/span><\/strong><\/p>\n<p>Watch out for phishing links or suspicious downloads when using your mobile device, and make sure to only install configuration profiles from sources that you trust. Additionally, never send passwords, bank or credit card information, or other personal information through emails especially if they are unencrypted.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>What It Is A vulnerability has been reported for Google&#8217;s Gmail iOS app that would allow for an attacker to intercept all\u00a0email communications through a Man-in-the-Middle (MitM) attack. The MitM attack allows a third party to intercept your data before it is received by the designated recipient. Additionally, if an\u00a0attacker can trick your device into [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,6,7],"tags":[],"class_list":["post-344","post","type-post","status-publish","format-standard","hentry","category-front-page","category-public-service-announcement","category-published"],"_links":{"self":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/344","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/comments?post=344"}],"version-history":[{"count":1,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/344\/revisions"}],"predecessor-version":[{"id":2061,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/posts\/344\/revisions\/2061"}],"wp:attachment":[{"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/media?parent=344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/categories?post=344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.luc.edu\/uiso\/wp-json\/wp\/v2\/tags?post=344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}