Read on for page-turning pwnage
Many electronic reading (e-reading) systems that support the open EPUB format have significant security vulnerabilities, new research shows.
The EPUB format relies primarily on XHTML and CSS (Cascading Style Sheets) to construct e-books, with browser engines often used to render their contents. However, say according to a team of researchers, this gives e-book reading systems similar vulnerabilities to web browsers.
Using a semi-automated testbed, available on GitHub, the researchers found that 16 of the 97 systems examined allowed an EPUB to leak information about the user’s file system, and in eight cases extract file contents.
Attackers, they warn, could achieve a full compromise of a user’s system by exploiting specific aspects of the reading systems' implementation.
"Of course, the significance depends on the platform that is used; e-readers generally won't contain sensitive files, while smartphones could contain private pictures," Franken tells told The Daily Swig.
Millions of users could potentially be affected.
Check out the latest browser security news and analysis
The team also carried out a manual evaluation of the most popular EPUB reading applications on Amazon Kindle, Apple Books and the EPUBReader browser extension - and found a number of flaws.
"The embedded scripts could then exploit a publicly known vulnerability of the Kindle's outdated web engine to gain access to documents in the user's library."
Flaws were also found in Apple Books, available pre-installed on macOS, and in the Windows version of Adobe Digital Editions.
"Fortunately, the developers of Amazon, Apple and Adobe were very responsive to our bug reports and were eager to fix the issues," says Franken reports.
RECOMMENDED Researchers discover fresh wave of ‘impersonation attack’ flaws in Bluetooth tech
"Secondly, we argue that practical guidelines on how to handle the security and privacy aspects of developing a EPUB reading application would greatly aid developers," says Franken concluded.
"Ideally, this would include guidelines on how to correctly configure popular browser engines, such that important security policies prevent an EPUB from gaining too much [many] privileges."
Franken added that the researchers have shared their findings with one of the editors of the EPUB standard, who acknowledged the issues.
READ ON KindleDrip: Critical vulnerabilities in Amazon Kindle e-reader gave attackers free rein over user accounts