<div dir="ltr">You're not missing anything: The difference is one simple thing. If you set up your email account on an iPhone with anything OTHER than "Other" you don't even get the prompt. If you use "Other" then you get a prompt which everyone seems to click, and they get owned.<div><br></div><div>-dave</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Jan 11, 2016 at 1:00 PM Bojan Zdrnja (SANS ISC) <<a href="mailto:bojan.isc@gmail.com">bojan.isc@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
<br>
On 1/5/2016 5:31 PM, Dave Aitel wrote:<br>
> <a href="http://immunityproducts.blogspot.com/2016/01/the-danger-of-other-on-iphone.html" rel="noreferrer" target="_blank">http://immunityproducts.blogspot.com/2016/01/the-danger-of-other-on-iphone.html</a><br>
<br>
Quoted from the article:<br>
<br>
"So what happens then is you, the user of the iPhone, will connect to<br>
AT&T wifi, and when you check your mail a little popup message will<br>
appear. It will offer you the option to "Continue". If you click that<br>
very natural button, SILICA will steal your password."<br>
<br>
So how is this different from any other WiFi AP impersonation (apart<br>
from the users not understanding what they are doing and clicking<br>
accept/continue)?<br>
<br>
Or I'm missing something here ...?<br>
<br>
Cheers,<br>
<br>
Bojan<br>
<br>
--<br>
Bojan Ždrnja<br>
CISSP, GCIA, GCIH, GWAPT<br>
Senior Information Security Consultant<br>
<br>
gsm: +385 99 463 4466<br>
e-mail: <a href="mailto:bojan.zdrnja@infigo.hr" target="_blank">bojan.zdrnja@infigo.hr</a><br>
<br>
INFIGO IS d.o.o.<br>
Karlovačka cesta 24a, 10020 Zagreb<br>
Croatia<br>
tel: +385 1 4662 700<br>
fax: +385 1 4662 701<br>
web: <a href="http://www.infigo.hr" rel="noreferrer" target="_blank">http://www.infigo.hr</a><br>
_______________________________________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" rel="noreferrer" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br>
</blockquote></div>