Article:		A Look Inside Address Book
Subject:		Address Book and Security
Date:		2002-08-27 22:32:59
From:		jonblock
While I think the central address book system is a great idea, I'm more than a bit concerned about the potential security implications. You've just shown how easy it is to write an application that can read the entire address book and a) send it to an unauthorized third party, b) use it to spam/infect every contact in the list, and/or c) trash it, either subtly or obviously. All it would take is for some malicious author (or some well-known companies who follow the software-as-market-research-tool philosophy) to distribute a program with a cute front-end hiding unfriendly address book manipulations, and bingo, instant virus (or worm, or whatever). Of course, this would become a major worm candidate if Mail.app, or one of the other mass-market OS X mail clients, could be tricked into auto-launching an application attached to an e-mail. I guess what I'd like to hear is that each application attempting to access the address book must be pre-authorized by an Administrator account, or else authorized on the fly by the current user (perhaps using the Keychain model). Unfortunately, it doesn't appear that this is the case. Does this concern anyone else? Or have I overlooked an important security measure that everyone else has already noticed?

Showing messages 1 through 3 of 3.

• Address Book and Security
  2002-08-29 05:14:32  senjaz [View]
  
  
  You've mentioned it yourself, this is only a problem if an executable could be launched without user interaction from an email.
  
  Since I can't ever imagine Apple being so stupid as to add such abilities to Mail.app as exist in MS Outlook I think we have little to worry about.
  
  The only problem then is tricking users into running such an executable, the I Love You worm on the PC for example. In that case it doesn't matter what Apple do there will always be people foolish enough to run such things.
• Address Book and Security
  2002-08-29 10:05:31  jonblock [View]
  
  
  I agree that such a malicious program could not become a worm through Mail.app, but Mac users will not necessarily restrict themselves to Apple mail clients. Entourage, Eudora, and others may be a different story. Either way, that only addresses the hostile code's worm potential.
  
  It could still be harmful without being a self-replicating worm. Since (theoretically) all communications-related programs would use this common address book database, an attacker would have a defined target for virtually all possible software combinations on Jaguar machines.
  
  The wetware factor (getting a person to run malicious code) is not as difficult as you might imagine. People launch attachments all the time, without paying attention to whether they're static images, videos, sound files, or actual programs.
  
  In case I wasn't making myself clear about this, I'm not bashing Apple here at all. This has the potential to be a great feature. I'm just advocating that the database be treated like a secure information repository, with at least the ability to require programs to be individually authorized before being given access to it.
• Address Book and Security
  2002-09-03 11:27:48  agave [View]
  
  
  
  http://developer.apple.com/techpubs/macosx/AdditionalTechnologies/AddressBook/Concepts/WhatsInAB.html#BAJGJJAH
  <blockquote>
  The Address Book does not provide any security above what's provided by Mac OS X. Anyone who has read and write access to a user's home folder can also read and write that user's address book. For that reason, the Address Book may not be an appropriate place to store confidential information, such as credit card numbers.
  </blockquote>